AWS Elastic Beanstalk ebextensions: Update the IIS App Pool using commands to another App Pool Identity

So I had a .Net application that needed to leverage the Network Service application identity instead of the OOB ApplicationPoolIdentity that comes with a default shipped EBS windows server with IIS. The solution? An ebextenion of course!

0) We’re going to have a step 0 assuming you already have a development AWS account with credits to push servers to Elastic Beanstalk. If you have not do this part then do some reading here: https://aws.amazon.com/elasticbeanstalk/

1) Once you have an account and have configured your Visual Studio environment to your account appropriately then proceed to open your VS solution.

2) Create a folder in your solution called .ebextensions

3) Create your config file (if you don’t have an editor Notepad++ will do) within that folder and edit it in YAML format

The following example below will update the DefaultAppPool app identity to Network Service leveraging powershell and the commands/command features:

files:
  "C:\\Robo\\Update_App_Pool.ps1":
    content: |
      Write-Verbose 'Update the application pool'
      Set-Location C:\\Robo
      import-module WebAdministration
      Set-ItemProperty IIS:\AppPools\DefaultAppPool -name processModel.identityType -value 2
  
commands:
  update_app_pool: 
    command: powershell.exe -ExecutionPolicy Bypass -File "C:\\Robo\\Update_App_Pool.ps1"
    ignoreErrors: False
    waitAfterCompletion: 0	

4) Save the Deploy this with your application into EBS you should see the updated app pool identity as the application is deployed.

Hope this helps. Questions are welcome!

If you want to venture deeper into this then start here: http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers.html

Validate here: http://www.yamllint.com/

Ready to send email in Amazon SES? Let’s Go!

First, consult with AWS and get your credentials:

http://docs.aws.amazon.com/ses/latest/DeveloperGuide/using-credentials.html
and
http://docs.aws.amazon.com/ses/latest/DeveloperGuide/send-using-smtp-net.html

Secondly, let’s make a more easily updatable emailSettings section (encrypt it later, see here if you need help):

  <appSettings>
    <add key="MailFrom" value="donotreply@youremaildomain.com"/>
    <add key="MailTo" value="whoareyousendingto@theiremaildomain.com"/>
    <add key="MailHost" value="	email-smtp.youramazonseshost.com"/>
    <add key="MailPort" value="587"/>
    <add key="MailServerUserName" value="awsSESusername"/>
    <add key="MailServerPassword" value="awsSESpassword"/>
  </appSettings>

Then, include the reference:

	using System.Net.Mail;		

Finally, write your method:

	public static void sendEmail(string to, string from, string subject, string body)
	{
		try
		{
			// Initialize client and message
			using (SmtpClient mailclient = new SmtpClient(ConfigurationManager.AppSettings["MailHost"].ToString(), Convert.ToInt32(ConfigurationManager.AppSettings["MailPort"])))
			{
				// Create message
				mailclient.UseDefaultCredentials = false;
				mailclient.EnableSsl = true;
				mailclient.Credentials = new System.Net.NetworkCredential(ConfigurationManager.AppSettings["MailServerUserName"].ToString(), ConfigurationManager.AppSettings["MailServerPassword"].ToString());
				MailMessage message = new MailMessage(from, to);
				message.Subject = subject;
				message.Body = body;
				message.IsBodyHtml = true;
				mailclient.Send(message);
			}
		}
		catch (SmtpException ex)
		{                
			// Service was not available to send message keep trying
			if (ex.StatusCode.Equals(SmtpStatusCode.ServiceNotAvailable))
			{
				sendEmail(to, from, subject, body);
			}
		}
	}

Great! Now you can call it and send an email

string htmlBody = "<b>Hi! It's my message</b>";
sendEmail(ConfigurationManager.AppSettings["MailTo"].ToString(), ConfigurationManager.AppSettings["MailFrom"].ToString(), "Your Email Subject", htmlBody); 

You can always put whoever and whatever when you call the method using To, From, Subject and Body.

Enjoy! Questions are welcome.