Configuring OpsWorks with Chef12 – Don’t forget Security

This is very much in the aide-mémoire category – when setting up an AWS OpsWorks stack with Chef 12, remember to set up the security groups.

With Chef 11, AWS OpsWorks used to get you to select a template for the layers in your stack; these templates came with a security configuration that let you access the server from the wider world.

Not so with Chef 12. With the newer version, AWS gets out of your way and does as little as possible. The only security group they assign to a layer is the one that lets you SSH in – if you want more than that, you need to add it yourself. For example, if you want to be able to hit a web server, then add then AWS-OpsWorks-WebApp security group to the layer.

(This is covered in their ‘Getting Started’ guide, but I missed it as I was upgrading from Chef 11.4, not ‘getting started’)

Author: Robert Watkins

My name is Robert Watkins. I am a software developer and have been for over 20 years now. I currently work for people, but my opinions here are in no way endorsed by them (which is cool; their opinions aren’t endorsed by me either). My main professional interests are in Java development, using Agile methods, with a historical focus on building web based applications. I’m also a Mac-fan and love my iPhone, which I’m currently learning how to code for. I live and work in Brisbane, Australia, but I grew up in the Northern Territory, and still find Brisbane too cold (after 22 years here). I’m married, with two children and one cat. My politics are socialist in tendency, my religious affiliation is atheist (aka “none of the above”), my attitude is condescending and my moral standing is lying down.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: