Automation using AWS Systems Manger - Run command/Document
In this article we are going to understand how to execute a shell scripts/commands on EC2 instances from Systems Manager's Run command section.
Table of contents
- Systems Manager
- AWS Systems Manager run command
- Step 1: Create an IAM role
- Step 2 : Launch EC2 Instance
- Step 3 : Configuring Sessions manager under SSM
- Step 4 : Executing our script or command under Run command feature of SSM
- Step 5 : Grab the EC2 instance public IP and paste it in Brower to access our application
- Clean up
- Conclusion
Before we jump into the demo, need to understand the key terms
Systems Manager
AWS Systems Manager allows you to centralize operational data from multiple AWS services and automate tasks across your resources on AWS
AWS Systems Manager run command
It provides safe, secure remote management of your instances at scale without logging into your servers, replacing the need for bastion hosts, SSH, or remote PowerShell. It provides a simple way of automating common administrative tasks across groups of instances
Step 1: Create an IAM role
Click on Create Role
select Trusted entity type as "AWS service"
select usecase as "EC2" then click Next
Under add permissions section , select "AmazonSSMFullAccess" for this demo purpose [In real time always prefer least-privileged as per the organization standards] and click next
Give proper name to identify the role then review, and create
Step 2 : Launch EC2 Instance
Navigate to EC2 service in AWS console and click on Launch an instance
Name = SERVER-1
AMI = Amazon Linux
Instance Type = t2.micro
Key = proceed without key
Security Group = default SG
In advanced details ---> IAM instance profile = EC2-SSM-DEMO-ROLE [Role that we created in step 1]
Finally click on Launch instance
Step 3 : Configuring Sessions manager under SSM
Open systems manager service in AWS console and click on "session manager"
hit on "Start session"
Validate whether we can able to see our Ec2 instance under it or not, if its showing we are good to proceed with our demo, else check the SSM agent installation under get system log of EC2 instance [Actions-->Monitor and Troubleshoot-->Get system log ]
Step 4 : Executing our script or command under Run command feature of SSM
click on Run command under SSM --->Node Management ---> Run command
Then click on Run command --> type AWS-RunShellScript under command document to execute shell script or cpmmand
Under command parameters paste our shell script [to install httpd web server]
#!/bin/bash yum install httpd -y service httpd start chkconfig httpd on echo "<h1> This is to Test SSM agent demo lab <h1>" >> /var/www/html/index.html
Under Target selection ---> Choose Instances Manually ---> Select our Ec2 instance [launched in Step2 ]
Output option ---> uncheck Enable an S3 bucket
Finally click on Run and see the below output with command status as Success
Step 5 : Grab the EC2 instance public IP and paste it in Brower to access our application
Note : Make sure you open port 80 under Ec2 instance Security Group to access the application
Clean up
Terminate Ec2 instance
Delete the IAM role
Conclusion
In this way by using SSM we can able to automate the application deployments in multiple EC2 instances at a time .
#aws #ssm #systemsmanager