We are using Chef Provisioning AWS to deploy EC2 instances on AWS and that involves
machine/machine_batch resource which deploy the EC2 instances and then bootstrap those instances. The bootstrapping requires WinRM port 5985 to connect to the node and our security requirements don’t allow the connection and I was exploring if I can avoid bootstrapping by
machine resource and it only deploys the EC2 instances.
And if this is possible, what we could do is to install chef client in the AMI (AWS images) and put a logic to run chef-client when a new machine comes up. What additional things (like client.pem, client.rb etc) would we need to do in such a case on the node side for every new node?
I am trying to look this up in documentation as well as google it but thought would be a good idea to put the question here to get any advise I can collect.