Running Commands Using AWS Systems Manager: A Step-by-Step Guide

AWS Systems Manager (formerly known as AWS SSM) is an AWS service used to view and control AWS infrastructure. It provides a solution to automate the operational tasks for Amazon instances. It lets engineers manage the configuration of the managed instances remotely and securely. AWS System Manager is an AWS service that helps in maintaining the servers. You can automate the process and perform desired tasks on the servers without logging into the system.

The AWS Systems Manager is a powerful tool with varied capabilities categorized into operational management, application management, change management, node management, shared resources.

Prerequisites: 
You will need an AWS Account to begin with. If you are new to AWS or do not have an account, you can create one using this link:

https://aws.amazon.com/free/

Create an IAM role for EC2-SSM
*Go to IAM Dashboard in AWS Console
*Click on Roles on the left pane and click Create role
*Choose the AWS Service (EC2) and click next permissions
*Choose AmazonSSMFullAccess and click on next
*Give a name for the role and Click Create role

Create Instances with the above roles attached
*Go to EC2 Dashboard in AWS
*Click on Launch Instance
*In Instance type, choose T2.micro and click on next
*In Instance Configure, let the instance count by 1
*In the IAM role, choose the role you created in the previous task
*Keep default values for storage and move to the next stage.
*Add tags to the Instance
*Review and Create the instance.

Creating a VPC Endpoint
*Go to VPC Console
*Choose Endpoints towards the left pane
*Click on Create Endpoint
*Choose Service Category: AWS Service and select the Servicecom.amazonaws.us-east-2.ssm
*Choose the VPC, subnet to which you want to create an endpoint
*Click on create Endpoint

Creating a run command and execute the command
*Go to System manager console
*Towards the left pane, choose the Run Command Service
*Click on the Run command
*Choose the Command Document that is compatible with the type of end servers to choose AWS-ConfigureAWSPackage
*Scroll down, in command parameters,
Action, (install)
Name Installation type
Name: Provide the valid Package name ( eg: AmazonCloudWatchAgent, AwsEnaNetworkDriver)

*Targets: there are 3 ways you can identify the end servers
By specifying tags
Manually choosing
Choosing the resource GroupClick on Choose instance manually
*In the output options, Uncheck, enable S3 output
*Click on the run command.





Recent Comments

No comments

Leave a Comment
We use cookies to personalise content , provide live chat and to analyse our web traffic.
Accept all cookies
Manage your cookies
Essential site cookies