Set Password via AWS bootstrap

Reply
L1 Bithead

Set Password via AWS bootstrap

The documentation seems (to me) to be unclear on how to set a password when bootstrap'ing the configuration. It seems to be that you simply need to set a valid bootstrap config and it should take, however that is not working. It seems to be that the config took (we are setting IP statically on mgmt port) but the password configuration is not working.

 

Anyone have any insight/suggestions?

L2 Linker

Re: Set Password via AWS bootstrap

Hi,

   The bootstrap config will have a user and a password associated with that user. When bootstrapping and if bootstrap is successful, then that username password should take into effect. If it doesn't then chances are bootstrapping has failed. One way to verify if bootatrapping has failed is to try to login to the firewall using the ssh key used to launch the firewall and see if any of the bootstrap config has madeit ot the firewall. 

 

Qs:

1. Which reason are you deploying the instance in?

2. Can you log into the firewall using your ssh key?

3. If so, does it look like any of your config is in there?

 

 

Few reasons bootstrapping could fail (and it should be covered in the guide, if not please let me know and we will add it):

1. bootstrap bucket name is incorrect

2. bootstrap iam policy is incorrect or not associated with ec2 instance.

3. bootstrap bucket not in the same region as instance deployed.

4. user-data field not sepcified when launching ec2 instance

5. Bootstrap bucket configuration is incorrect.

 

 

L1 Bithead

Re: Set Password via AWS bootstrap

So you are correct, the bootstrap is not taking. I am ssh'd via pem key, and I can see this error message: 

 

( description contains 'Mandatory bootstrap bundle component missing.' )

 

I am stuck in a support loop, where I need to register the device I am having a problem with, but it's on a new build, not an existing. 

 

From someone helping me on AWS side:

yeah as far as I can tell, 1-4 are fine:

bucket name matches up, IAM policy is associated with the EC2 instance

is set to allow "ListBucket" and "GetObject" on the bucket

recursively for all items in the bucket

and the bucket is in "US Standard" region

user-data field is set to: `vmseries-bootstrap-aws-s3bucket=customer-palo-alto-bootstrap`

L2 Linker

Re: Set Password via AWS bootstrap

What does you bootstrap bucket look like?

Does it have four folders in the root bucket?
Config, software, license and content?
L1 Bithead

Re: Set Password via AWS bootstrap

It does, now possible one of them is misconfigured. 

 

But the error makes me beleive that my bootstrap.xml is off, but no way of knowing where/why? 

L1 Bithead

Re: Set Password via AWS bootstrap

I think I missed the init-cfg. Trying now. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!