You cannot download a private key. You can only download the Server certs.
aws acm get-certificate --region us-east-1 --certificate-arn arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012
AWS announced to provide their own internal NTP inside VPC at AWS re:Invent 2017. Here is how to do it:
CentOS
sudo yum erase ntp*; sudo yum -y install chrony; sudo service chronyd start
Debian/Ubuntu
sudo apt-get remove -y ntp*; sudo apt-get -y install chrony; sudo service chronyd start; apt-get autoremove
#!/bin/sh
export DATE_CURRENT=`date +%Y-%m-%d`
export TIME_CURRENT=`date +%Y%m%d%H%M%S`
export PURGE_AFTER_DAYS=30
export PURGE_AFTER=`date -d +${PURGE_AFTER_DAYS}days -u +%Y-%m-%d`
export BACKUP_TAG='backup'
# 1-1 Get the list of instances that you want to get backup
INSTANCES=`aws ec2 describe-tags --filters "Name=resource-type,Values=instance" "Name=key,Values=${BACKUP_TAG}" | awk '{print $3}'`
for INSTANCE in ${INSTANCES}; do
BACKUP=`aws ec2 describe-tags --filters "Name=resource-type,Values=instance" "Name=resource-id,Values=${INSTANCE}" "Name=key,Values=${BACKUP_TAG}" | awk '{print $5}'`
# 1-2 Check if the instance is marked as backup or not
if [ "${BACKUP}" == "true" ]; then
# 1-3 Create a backup
AMI_ID=`aws ec2 create-image --instance-id ${INSTANCE} --name "${INSTANCE}_${TIME_CURRENT}" --no-reboot`
# 1-4 Create a tag for search for later use
aws ec2 create-tags --resources ${AMI_ID} --tags Key=PurgeAllow,Value=true Key=PurgeAfter,Value=$PURGE_AFTER
fi
done
# 2-1 Search backups by tag
AMI_PURGE_ALLOWED=`aws ec2 describe-tags --filters "Name=resource-type,Values=image" "Name=key,Values=PurgeAllow" | awk '{print $3}'`
for AMI_ID in ${AMI_PURGE_ALLOWED}; do
PURGE_AFTER_DATE=`aws ec2 describe-tags --filters "Name=resource-type,Values=image" "Name=resource-id,Values=${AMI_ID}" "Name=key,Values=PurgeAfter" | awk '{print $5}'`
if [ -n ${PURGE_AFTER_DATE} ]; then
DATE_CURRENT_EPOCH=`date -d ${DATE_CURRENT} +%s`
PURGE_AFTER_DATE_EPOCH=`date -d ${PURGE_AFTER_DATE} +%s`
if [[ ${PURGE_AFTER_DATE_EPOCH} < ${DATE_CURRENT_EPOCH} ]]; then
# 2-2 Delete backup if it is marked as backup
aws ec2 deregister-image --image-id ${AMI_ID}
SNAPSHOT_ID=`aws ec2 describe-images --image-ids ${AMI_ID} | grep EBS | awk '{print $4}'`
aws ec2 delete-snapshot --snapshot-id ${SNAPSHOT_ID}
fi
fi
done
The following commands mount a large-scale SSD volume (/dev/xvdb) onto /mnt.
sudo mkfs.ext4 /dev/xvdb
echo "/dev/xvdb /mnt auto noatime 0 0" | sudo tee -a /etc/fstab
sudo mount /mnt
