How to run commands remotely on an EC2 Instance with AWS Systems Manager
Revathi Joshi
Posted on March 7, 2024
Systems Manager is a good choice when you need to view operation data for groups of resources, automate operational actions, understand and control the current state of your resources, manage hybrid environments, and maintain security and compliance.
- Using the run command, one of the automation features of Systems Manager, you can simplify management tasks by eliminating the need to use bastion hosts, SSH, or remote PowerShell.
In this article, I am going to show you how to update the packages on an EC2 instance. At first, you will create an Identity and Access Management (IAM) role, enable an agent on your instance that communicates with Systems Manager, then follow best practices by running the AWS-UpdateSSMAgent document to upgrade your Systems Manager Agent, and finally use Systems Manager to run a command on your instance.
Please visit my GitHub Repository for EC2 articles on various topics being updated on constant basis.
Let’s get started!
Objectives:
1. Create an Identity and Access Management (IAM) role
2. Create an EC2 instance
3. Update the Systems Manager Agent
4. Run a remote shell script
Pre-requisites:
- AWS user account with admin access, not a root account.
- Create an IAM role
Resources Used:
Steps for implementation to this project:
1. Create an Identity and Access Management (IAM) role
1
2
3
- Next
4
5
6
- Create role
2. Create an EC2 instance
Attach a Systems Manager role to Amazon Elastic Compute Cloud (Amazon EC2) instances to make them managed nodes.
1
2
3
4
5
6
7
3. Update the Systems Manager Agent
Now that you have an EC2 instance running the Systems Manager agent, you can automate administration tasks and manage the instance. In this step, you run a pre-packaged command, called a document, that will upgrade the agent. It is best practice to update the Systems Manager Agent when you create a new instance.
1
2
3
4
5
6
- type in AWS-UpdateSSMAgent
- then press Enter
- select the radio button on the left of AWS-UpdateSSMAgent.
- This document will upgrade the Systems Management agent on the instance
7
- Run
8
- you will see a page documenting your running command, and then overall success in green.
9
4. Run a remote shell script
Now that your EC2 instance has the latest Systems Manager Agent, you can upgrade the packages on the EC2 instance.
- In this step, you will run a shell script through Run Command.
1
2
3
- On the Run a command page, click in the search bar and
- select, Document name prefix,
- then click on Equals,
- then type in AWS-RunShellScript
- then press Enter
4
- On the Command Parameters panel and insert the following command in the Commands text box:
sudo yum update
5
- Run
6
- While your script is running remotely on the managed EC2 instance, the Overall status will be
In Progress
.
7
- Then the Overall status will turn to
Success
. - When it does, scroll down to the
Targets and outputs panel
and select the Instance ID of your instance. - Your
Instance ID
will be different than the one pictured.
8
- select the header of the Output panel to view the output of the update command from the instance.
Cleanup
Delete EC2 Instance
What we have done so far
Successfully created an EC2 instance and remotely run a command using AWS Systems Manager. You first set up a correct role/permissions through IAM. Next you launched an Amazon Linux instance that was preinstalled with the Systems Manager agent. Finally, you used Run Command to update the agent and remotely perform a yum update.
Posted on March 7, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.