Is there a way to disable some roaming commands for a particular VM?

Question

Is there a way to disable some roaming commands for a particular VM?

I am working with an Amazon EC2 instance using the vagrant-aws plugin for Vagrant. I bind an instance with vagrant up --provider=aws

and ... like commands vagrant halt

, vagrant reload

and especially vagrant destroy

it becomes very dangerous in my situation because they can destroy the instance! So the question is, how do I disable some vagrant commands (eg in Vagrantfile) ? I need to provide the configured Vagrantfile to other developers, so there is a chance they might shut down an important server. Thank!

+3

vagrant amazon-web-services amazon-ec2

gef 07 Aug 14 at 12:34

source to share

3 answers

Ok, the easiest way to solve this problem is to create a policy with:

{
    "Action": [
        "ec2:TerminateInstances",
        "ec2:StopInstances",
        "ec2:RebootInstances",
        "ec2:StartInstances",
        "ec2:RunInstances"
         ],
    "Effect": "Deny",
    "Resource": "*"
}

Maybe it will be helpful for someone. Thank!

+1

gef 15 Aug 14 at 13:21

source to share

Take a look at the Vagrant ManagedServers plugin . It is designed for managing and sharing cloud instances between developers, even in production.

Note that usually (without the aforementioned plugin) sharing the Vagrantfile alone is not enough to access the same EC2 instance. The instance details are stored in the .vagrant directory and each developer spins up their own server.

-1

tmatilai 07 Aug '14 at 12:50

source to share

Emyl · Accepted Answer · 2014-08-08T09:36:19+0000

Disclaimer: I am a plugin maker.

Using the vagrant-triggers plugin , you can write in yours Vagrantfile

something like:

config.trigger.reject [:destroy, :halt]

Is there a way to disable some roaming commands for a particular VM?

More articles: