Run command after 5 minutes of init script/userdata execution

We had an issue in AWS ECS cluster while running cloudwatch agent. In recent version of cloudwatch agent a new Iptables rule gets added which prevent the cloudwatch agent to communicate with cloudwatch. To make things working in ECS cluster we have to remove this rule

But Cloudwatch agent starts only after execution of init script in EC2 machine, which follows the exit code. So normal sleep command will not work in the userdata script.

For which we ran below sh file through scheduling a job through “at now” command. put the below command in a sh file.

sudo iptables -S | grep 51678 | sed 's/-A //g' | xargs sudo iptables -D

Keep below command in userdata file.

yum install at -y systemctl start atd at now +3 min < /home/ec2-user/iptable_rule_delete.sh

Originally published at http://theleadcoder.wordpress.com on December 2, 2020.