Deploy ASP.NET Core Host on AWS EC2 Instance with Nginx

Exported on 11-Oct-2021 12:18:15

Using Attune to deploy an Ubuntu AWS EC2 instance with NGINX and ASP.NET Core

This Blueprint is used for deploying an Ubuntu AWS EC2 instance with NGINX and ASP.NET Core installed.

ASP.NET Core is a free and open-source web framework, developed by Microsoft.

NginX, is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.

Pre-Blueprint Attune setup
  1. On the Inputs tab, create a Windows Node for the host you wish to run the AWS EC2 shutdown script.
  2. On the Inputs tab, create a Windows Credentials to connect to the host you wish to run the AWS EC2 shutdown script.
  3. On the Inputs tab, create a Text value to store the values below:
    • AccessKey: This is the AWS IAM User access key (DataType: String).
    • SecretKey: This is the AWS IAM User secret key (DataType: String).
    • HashValue: This holds a hash table containing the Region of the virtual machine and KeyPair (DataType: Hashtable).
    • AWSImageId: This holds the AWS Image Id (DataType: String).
    • AWSInstanceType: This holds the AWS Instance Type (DataType: String).

HashValue Syntax:

powershell @{"Region" = "eu-west-2";"KeyPair" = "pemkeyname"}

NOTE: Ensure to edit the value of the parameters AccessKey and SecretKey in Attune to match the AWS IAM User Credential with the privilege to perform this operation.

NOTE: The Region should be edited as well to match the desired region for the EC2 Instance.

NOTE: The KeyPair should be edited as well to match the AWS Key Pair

NOTE: The AWSImageId should be edited as well to match the desired AWS Image ID (Default = ami-0244a5621d426859b)

NOTE: The AWSInstanceType should be edited as well to match the desired AWS Instance Type (Default = t2.micro)


Blueprint Steps
  1. Check and Install the AWS PowerShell Module
  2. Deploy an Ubuntu AWS EC2 instance with NGINX and ASP.NET Core installed

Parameters

Name Type Script Reference Default Value Comment
AWSImageId Text awsimageid ami-0244a5621d426859b This is the AWS Image ID
AWSInstanceType Text awsinstancetype t2.micro This is the AWS Instance Type
AccessKEY Text accesskey ALIBUHIVJOQQNLSXO4GX This is an Access Key for AWS IAM User
Attune Node Windows Server attuneNode This is an Attune Node
Attune Node Credential Windows OS Credential attuneNodeCredential This is an Attune Node Credential
HashValue Text hashvalue @{"Region" = "eu-west-2";"KeyPair" = "pemkeyname"} This is a Hash table holding InstanceID and Region of the AWS EC2 instance(s)
SecretKey Text secretkey AscrMsa/5YFbybwdAlnlPUDGpgRkgXNj1ADI4xen This is a Secret Key for AWS IAM User

1 - Install AWS PowerShell Module

This step installs the AWS PowerShell Module

The Blueprint first gets the Execution Policy of the current PowerShell session.

Then, checks if the Execution Policy is set to Unrestricted.

If it's not, it then sets the Execution Policy to Unrestricted for the current PowerShell session.

Next, it checks if the AWSPowerShell module is installed.

If it's not installed, it then goes ahead to install the module.

The connection details have changed from the last step.

Login as user on node

  1. Connect via RDP
    mstsc /admin /v:Attune Node
  2. Login as user {Attune Node Credential}
  3. Then open a command prompt
This is a PowerShell Script make sure you run it with powershell.exe Click start menu, enter "powershell" in the search bar, then select the powersehll program
#Region for ExecutionPolicy
# Get Execution Policy of the current process
$Script:ProcessEP = Get-ExecutionPolicy -Scope Process

#Get the value of the Execution Policy and save it in the Variable
$Script:ValueProcessEP = ($Script:ProcessEP).value__

# Check if the Execution Policy of the process is set to Unrestricted
if ($Script:ValueProcessEP -eq 0) {

    # Write the message
    Write-Output "Execution Policy is already set to Unrestricted for the Process"
    # Check if the Execution Policy of the process is already set
}else{

    # Set the ExecutionPolicy of the Process to Unrestricted
    Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force -Confirm:$false

    # Checks if the Execution Policy has been set
    if ((Get-ExecutionPolicy -Scope Process).value__ -eq 0) {

        # Write the message
        Write-Output "Execution Policy is now set to Unrestricted for the Process"
    }
}
#EndRegion for ExecutionPolicy 


#Region to Check if AWSPowerShell Module is installed 
if ($null -ne (Get-InstalledModule -Name AWSPowerShell -MinimumVersion "4.1.13.0" -ErrorVariable +ErrorAWSV -ErrorAction SilentlyContinue)) {

    # Get the AWS module installed and save it in a variable
    $Script:GetAWSModule = Get-InstalledModule -Name AWSPowerShell -MinimumVersion "4.1.13.0" -ErrorVariable +ErrorAWSV -ErrorAction SilentlyContinue

    # echo the message
    Write-Output "AWS PowerShell Module exists ... checking ..."

    # Gets the build number for the AWS Module 
    $Script:AWSModuleBuild = ($Script:GetAWSModule).Version

    # Checks the build number to meet requirements 
    if ($Script:AWSModuleBuild -like "*4.1.13.0*") {

        # Saves and converts Module version name to a variable
        $Script:OutVersion = ((($Script:GetAWSModule).Version)).tostring()

        # echo the message
        Write-Output "AWSPowerShell Module Version $Script:OutVersion meets the minimum requirement."

        # Check if the build version is on 13
    }else{
        
        # echo the message
        Write-Output "AWS PowerShell Module is updated :)"
    }
}else{
    # echo the message
    Write-Output "AWS PowerShell Module is not installed"
    
    # echo the message
    Write-Output "AWS PowerShell Module is installing..."

    # Install AWS Powershell Module 
    Install-Module -Name AWSPowerShell -MaximumVersion "4.1.13.0" -Scope "CurrentUser" -AllowClobber:$true -Confirm:$false -Force

    # echo the message
    Write-Output "AWS PowerShell Module is installed :)"
}
#EndRegion Check if AWSPowerShell Module is installed

2 - Deploy ASP.NET Core and NGINX

This step deploys an AWS EC2 Instance of an Ubuntu 18.04 image and installs NGINX and ASP.NET Core

The Blueprint first gets the Execution Policy of the current PowerShell session.

Then, checks if the Execution Policy is set to Unrestricted.

If it's not, it then sets the Execution Policy to Unrestricted for the current PowerShell session.

Next, the AWSPowerShell module is imported to the current session.

Then the values below are set:

  1. AccessKeyValue: This is the AWS IAM User access key corresponding to the AccessKey set in the Inputs Tab.
  2. SecretKeyValue: This is the AWS IAM User secret key corresponding to the SecretKey set in the Inputs Tab.
  3. HashValue: This holds a hashtable containing the Region of the virtual machine and KeyPair in AWS corresponding to the HashValue set in the Inputs Tab.
  4. AWSImageId: This holds the AWS Image Id (Default = ami-0244a5621d426859b) corresponding to the AWSImageId set in the Inputs Tab.
  5. AWSInstanceType: This holds the AWS Instance Type (Default = t2.micro) corresponding to the AWSInstanceType set in the Inputs Tab.

A variable UserDataText holding a Bash installation script is declared.

Below is Bash installation script:

```bash

!/bin/bash

wget https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb sudo dpkg -i packages-microsoft-prod.deb sudo apt-get update; \ sudo apt-get install -y apt-transport-https && \ sudo apt-get install -y dotnet-sdk-5.0 sudo apt-get install -y dotnet-sdk-3.1 sudo apt-get install -y apt-transport-https && \ sudo apt-get install -y aspnetcore-runtime-5.0 sudo apt-get install -y aspnetcore-runtime-3.1 sudo apt-get install -y nginx ```

Next, the AWS IAM User Credential is set and saved in the local credential store.

Then an AWS EC2 Instance with an Ubuntu Image is deployed with ASP.NET Core and NGINX installed.

Finally, the credential profile created in the session is removed from the local credential store.

This step has the following parameters

Name Script Reference Default Value
HashValue {hashvalue.value} @{"Region" = "eu-west-2";"KeyPair" = "pemkeyname"}
SecretKey {secretkey.value} AscrMsa/5YFbybwdAlnlPUDGpgRkgXNj1ADI4xen
AccessKEY {accesskey.value} ALIBUHIVJOQQNLSXO4GX
AWSImageId {awsimageid.value} ami-0244a5621d426859b
AWSInstanceType {awsinstancetype.value} t2.micro

Login as user on node

  1. Connect via RDP
    mstsc /admin /v:Attune Node
  2. Login as user {Attune Node Credential}
  3. Then open a command prompt
This is a PowerShell Script make sure you run it with powershell.exe Click start menu, enter "powershell" in the search bar, then select the powersehll program
#Region for ExecutionPolicy
# Get Execution Policy of the current process
$Script:ProcessEP = Get-ExecutionPolicy -Scope Process

#Get the value of the Execution Policy and save it in the Variable
$Script:ValueProcessEP = ($Script:ProcessEP).value__

# Check if the Execution Policy of the process is set to Unrestricted
if ($Script:ValueProcessEP -eq 0) {

    # Write the message
    Write-Output "Execution Policy is already set to Unrestricted for the Process"
# Check if the Execution Policy of the process is already set
}else{

    # Set the ExecutionPolicy of the Process to Unrestricted
    Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force -Confirm:$false

    # Checks if the Execution Policy has been set
    if ((Get-ExecutionPolicy -Scope Process).value__ -eq 0) {

        # Write the message
        Write-Output "Execution Policy is now set to Unrestricted for the Process"
    }
}
#EndRegion for ExecutionPolicy 


#Region to Deploy Ubuntu and install NGINX and ASP.NET Core
# Import Module for AWS PowerShell
Import-Module -Name AWSPowerShell

# Save accesskey to this Variable
$Script:AccessKeyValue = "{accesskey.value}"

# Save secretkey to this variable
$Script:SecretKeyValue = "{secretkey.value}"

# # Set value to store profile 
$Script:ProfileNameVaule = "DefaultSetKeys"

# Set the AWS Image ID
$Script:AWSImageId = "{awsimageid.value}"

# Set the AWS Instance Type
$Script:AWSInstanceType = "{awsinstancetype.value}"

# Hash Table containing Region of the virtual machine and KeyPair
$Script:HashValue = {hashvalue.value}


# UserData script for installation of DotNet and Nginx
$Script:UserDataText = "#!/bin/bash
wget https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
sudo apt-get update; \
sudo apt-get install -y apt-transport-https && \
sudo apt-get install -y dotnet-sdk-5.0
sudo apt-get install -y dotnet-sdk-3.1
sudo apt-get install -y apt-transport-https && \
sudo apt-get install -y aspnetcore-runtime-5.0
sudo apt-get install -y aspnetcore-runtime-3.1
sudo apt-get install -y nginx"


# Set AWS Credentials
Set-AWSCredential -AccessKey $Script:AccessKeyValue -SecretKey $Script:SecretKeyValue -StoreAs $Script:ProfileNameVaule


# check Hash Table
if ($null -eq $Script:HashValue['KeyPair'] -or $null -eq $Script:HashValue['Region']) {

    # Write the message
    Write-Output "Please check the Hash Table"
}else {

    # Write the message
    Write-Output "All keys are present in the Hash Table... checking keypair"

    # Checking KeyPair in hashtable
    if (!($Script:HashValue.ContainsKey('KeyPair')) -or $Script:HashValue.KeyPair -like "") {

        # Write the message
        Write-Output "KeyPair does not exist in the Hash Table or it is an empty string"

    }else {

        # Write the message
        Write-Output "Creating Ubuntu EC2 instance with NGINX and ASP.NET Core"

        # Creat New EC2 Instance
        New-EC2Instance -ImageId $Script:AWSImageId -InstanceType $Script:AWSInstanceType -KeyName $Script:HashValue['KeyPair'] -Region $Script:HashValue['Region']`
        -ProfileName $Script:ProfileNameVaule -UserData $Script:UserDataText -EncodeUserData -Force
    }
}

# Remove Profile
Remove-AWSCredentialProfile -ProfileName $Script:ProfileNameVaule -Force
#EndRegion to Deploy Ubuntu and install NGINX and ASP.NET Core