Quite often you'll need the ability to run scripts on an EC2 instance based on information that can be easily accessible from the EC2's meta-data (http://169.254.169.254/latest/meta-data)
For example, maybe you want the instance id. This can be found via:
This would return the instance id with something like:
However other items like availability zones are buried in latest/dynamic/instance-identity/document
This returns a json object like:
As you can see, this also includes the instance-id but if we want any data out of it we'll need to parse it. Luckily you have all sorts of options. You can use bash scripts with commands like awk but I find those fairly messy and hard to read. My preference is either python or for this use case, I pref jq.
Let's take a look at both.
We'll start off with a python example. Most Linux AMI's have python already installed. AWS uses python scripts for a lot of it's initial loading, so in general, we shouldn't need to install it.
jq isn't typically installed by default but with a little yum install you can quickly add it.
There are several use cases for getting these variables, such as add the information to logs or making updates to the EC2 instance itself.
For example if you wanted to use an EC2 instance as a NAT instance or a VPN instance, you need to disable the Source to Destination check. This can be accomplished via the AWS console but it can also been done from the AWS cli from within the EC2 instance itself. To run the command the EC2 role associated with the instance will need the proper rights to modify the instance. You will also need the instance-id and the region which we can get from the script above. And then you can use the following command to disable the source to destination checks.