luis02lopez · July 6, 2020 15:51
diff --git a/cw-agent-install.sh b/cw-agent-install.sh
 yum install -y wget

 wget https://s3.amazonaws.com/amazoncloudwatch-agent/assets/amazon-cloudwatch-agent.gpg -qP /tmp/cwagent

 # Key value check
 key_value=$(gpg --import /tmp/cwagent/amazon-cloudwatch-agent.gpg |& grep -Po '(3B789C72)')
 if [ "$key_value" = "3B789C72" ]; then
    echo "Good key value, proceeding."
    # Public key fingerprint check
    key_fingerprint=$(gpg --fingerprint $key_value |& grep -Po '(9376 16F3 450B 7D80 6CBD  9725 D581 6730 3B78 9C72)')
    if [ "$key_fingerprint" = "9376 16F3 450B 7D80 6CBD  9725 D581 6730 3B78 9C72" ]; then
        echo "Good key fingerprint, proceeding."
        #Signature
        wget https://s3.amazonaws.com/amazoncloudwatch-agent/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm.sig -qP /tmp/cwagent 1> /dev/null

        #Download package
        wget https://s3.amazonaws.com/amazoncloudwatch-agent/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm -qP /tmp/cwagent 1> /dev/null
        # Package signature check
        verification_response=$(gpg --verify /tmp/cwagent/amazon-cloudwatch-agent.rpm.sig /tmp/cwagent/amazon-cloudwatch-agent.rpm |& grep -Po '(Good signature)')
        if [ "$verification_response" = "Good signature" ]; then
            echo "Good signature, proceeding."
        else 
            echo "BAD signature, can't proceed."
        fi
    else 
        echo "BAD key fingerprint, can't proceed."
    fi
 else 
    echo "BAD key value, can't proceed."
 fi


 # Unpack package
 rpm -U /tmp/cwagent/amazon-cloudwatch-agent.rpm

 yum remove -y wget

 touch /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json

 # Add your custom .json here, this one is to push RAM usage of the server to CW.
 cat <<EOF > /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json
 {
    "agent": {
    "metrics_collection_interval": 10,
    "logfile": "/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log"
    },
    "metrics": {
    "namespace": "CWAgent/Silos/EC2",
    "metrics_collected": {
        "mem": {
            "measurement": [
                {"name": "used_percent", "rename": "Memory used percent", "unit": "Megabytes"}
            ],
            "metrics_collection_interval": 60
        }
    },
    "append_dimensions": {
        "InstanceId": "\${aws:InstanceId}"
    },
    "aggregation_dimensions" : [["ImageId"]],
    "force_flush_interval" : 30
    }
 }
 EOF

 sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c file:/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json
	yum install -y wget

	wget https://s3.amazonaws.com/amazoncloudwatch-agent/assets/amazon-cloudwatch-agent.gpg -qP /tmp/cwagent

	# Key value check
	key_value=$(gpg --import /tmp/cwagent/amazon-cloudwatch-agent.gpg \|& grep -Po '(3B789C72)')
	if [ "$key_value" = "3B789C72" ]; then
	echo "Good key value, proceeding."
	# Public key fingerprint check
	key_fingerprint=$(gpg --fingerprint $key_value \|& grep -Po '(9376 16F3 450B 7D80 6CBD 9725 D581 6730 3B78 9C72)')
	if [ "$key_fingerprint" = "9376 16F3 450B 7D80 6CBD 9725 D581 6730 3B78 9C72" ]; then
	echo "Good key fingerprint, proceeding."
	#Signature
	wget https://s3.amazonaws.com/amazoncloudwatch-agent/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm.sig -qP /tmp/cwagent 1> /dev/null

	#Download package
	wget https://s3.amazonaws.com/amazoncloudwatch-agent/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm -qP /tmp/cwagent 1> /dev/null
	# Package signature check
	verification_response=$(gpg --verify /tmp/cwagent/amazon-cloudwatch-agent.rpm.sig /tmp/cwagent/amazon-cloudwatch-agent.rpm \|& grep -Po '(Good signature)')
	if [ "$verification_response" = "Good signature" ]; then
	echo "Good signature, proceeding."
	else
	echo "BAD signature, can't proceed."
	fi
	else
	echo "BAD key fingerprint, can't proceed."
	fi
	else
	echo "BAD key value, can't proceed."
	fi


	# Unpack package
	rpm -U /tmp/cwagent/amazon-cloudwatch-agent.rpm

	yum remove -y wget

	touch /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json

	# Add your custom .json here, this one is to push RAM usage of the server to CW.
	cat <<EOF > /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json
	{
	"agent": {
	"metrics_collection_interval": 10,
	"logfile": "/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log"
	},
	"metrics": {
	"namespace": "CWAgent/Silos/EC2",
	"metrics_collected": {
	"mem": {
	"measurement": [
	{"name": "used_percent", "rename": "Memory used percent", "unit": "Megabytes"}
	],
	"metrics_collection_interval": 60
	}
	},
	"append_dimensions": {
	"InstanceId": "\${aws:InstanceId}"
	},
	"aggregation_dimensions" : [["ImageId"]],
	"force_flush_interval" : 30
	}
	}
	EOF

	sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c file:/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json