gistfile1.txt

In the end, salt-cloud is just used to retrieve instances details from EC2 API.
You still need to setup a provider in salt for the region where your instances
are launched.

Here is what the reactor does when a minion comes up:

* wait for the new instances to ping the salt master when it receives
a notification from Amazon SNS
* use salt-cloud CloudClient to retrieve instance instance details from EC2 API
* stores the instance-id / minion-name association in a sqlite database
* accept minion key and send it a highstate

When an instance is terminated, the reactor is invoked by Amazon SNS again, the
minion name is retrieved from the database, and the minion key removed from the
salt master.

All minions have salt-minion pre-installed in their AMI. They all
share the same key, it's not a problem as long as they have different
names. To avoid the minion name being cached, add the following in
/etc/salt/minion:

minion_id_caching: False

The reactor needs some settings in /etc/salt/master:
https://gist.github.com/flupke/f582e82ab4396aec15b5

And that's it. It's been in production for a week now and working like
a charm, I pasted you the code here (actually line 122 is untested,
because our setup is a bit different, we have a script that sets the
instances hostname to the public DNS at startup):
https://gist.github.com/flupke/d1b62471e7782e412b1a