Running cron jobs in AWS Auto Scaling group is tricky. When you deploy the same code and configuration to all instances in the group, cron job would run on all of them. You may not want that. This script detects the first instance in the group and allows only this instance to run the job. IAM user used by this script needs to have permissions to…

aws_autoscaling_cron.rb

#!/usr/bin/env ruby
require 'syslog'
require 'net/http'
require 'aws-sdk'

Syslog.open

AWS.config({
:access_key_id => '<iam user key>',
:secret_access_key => '<iam user secret>'
})

metadata_endpoint = 'http://169.254.169.254/latest/meta-data/'
instance_id = Net::HTTP.get( URI.parse( metadata_endpoint + 'instance-id' ) )

auto_scaling = AWS::AutoScaling.new
auto_scaling.groups.each { |group|
  instance = group.ec2_instances.filter('instance-state-name', 'running').first
	if( instance.instance_id == instance_id )
		command = ARGV * ' '
		Syslog.alert( 'running cron on ' + instance_id + ': ' + command )
		`#{command}`
	end
}

aws_autoscaling_cron.sh

#!/bin/bash
source "/usr/local/rvm/scripts/rvm"
cd "$(dirname "$0")"
./aws_autoscaling_cron.rb "$@"

aws_iam_policy.json

{
  "Statement": [
    {
      "Action": [
        "autoscaling:DescribeAutoScalingGroups",
        "autoscaling:DescribeAutoScalingInstances",
        "ec2:DescribeInstanceAttribute",
        "ec2:DescribeInstanceStatus",
        "ec2:DescribeInstances"
      ],
      "Effect": "Allow",
      "Resource": [
        "*"
      ]
    }
  ]
}

crontab

#run a command every day at midnight
0 0     * * *   ubuntu  /aws_autoscaling_cron.sh <command> <parameters> > /dev/null 2> /dev/null

Just in case anyone else finds this useful - I didn't want to install Ruby on an instance, and so ported the logic to bash (requiring the same IAM policy).

/opt/asg-cron.sh

#!/bin/bash

# Collect some information about this instance
MY_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id)
MY_REGION=$(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone | sed 's/.$//')
MY_ASG=$(aws autoscaling describe-auto-scaling-instances --region $MY_REGION --instance-ids $MY_ID --query "AutoScalingInstances[].AutoScalingGroupName" --output text)

# Query the ASG
FIRST_ID=$(aws autoscaling describe-auto-scaling-groups --region $MY_REGION --auto-scaling-group-name $MY_ASG --query "AutoScalingGroups[].Instances[0].InstanceId" --output text)

if [ "$FIRST_ID" == "$MY_ID" ]; then
        exit 0
else
        exit 1
fi

Then in a CRON, you can configure:

* * * * * /bin/bash /opt/asg-cron.sh && /path/to/your/cron/task --and params

---

Prerequisites:

• The curl and aws binaries are installed and executable. (You might need to update the paths for your system)
• The configured EC2 Instance Profile uses an IAM role with the correct policy attached
• ...or ~/.aws/config contains credentials for an IAM user or role which has the correct policy attached

Thanks @leytonreed -- for anyone else who ran into an issue with the bash script, your auto scaling group name may have spaces in it. You'll want to wrap $MY_ASG in quotes:

FIRST_ID=$(aws autoscaling describe-auto-scaling-groups --region $MY_REGION --auto-scaling-group-name "${MY_ASG}" --query "AutoScalingGroups[].Instances[0].InstanceId" --output text)