Create an Identity and Access Management (IAM) role

In order to create a role that will use AWS System Manager, we will have to create one IAM role configured for the same. For creating an IAM role follow these basic steps.

1. Open the IAM console at  https://console.aws.amazon.com/iam

2. At the left, click on Roles, and then click on Create Role.

3. On the next page, choose EC2, and then click on Next: Permissions.

4. On the next page, a search bar will appear in which type  AmazonEC2RoleforSSM, a policy list will appear click on the AmazonEC2RoleforSSM policy and click on next: Tags

5. Tags are optional, if you don’t want to add tags click on next. After this, a review page will appear where you have to type in the role name and role description. After reviewing click on create role.

Step 3: Run System Manager 1. Open System Manager service on AWS console. On the right side column under Instances and Nodes click on Managed Instance.

2. On the Managed instances page, in the Actions drop-down select Run Command.

3. On the Run a command page, click in the search bar and select Document name prefix, then click on Equal, then type in AWS-UpdateSSMAgent. Now click the button on the left of AWS-UpdateSSMAgent. This document upgrades the Systems Management agent on that instance.

4. Scroll down to the Targets panel and click the checkbox next to your managed EC2 instance.

5. Scroll down and select Run.

Next, you will see a page documenting the command that you provided being actively run and overall success in green. 

Use of the Systems Manager Run Command feature to run scripts or commands on EC2 instances or on-premises servers:

The Systems Manager Run Command feature allows users to remotely run scripts or commands on EC2 instances or on-premises servers. This can be useful for tasks such as applying patches or updates, running diagnostics, or executing custom scripts. The Run Command feature is accessible through the AWS Management Console, the AWS CLI, or the Systems Manager API.

To use the Run Command feature, users must first create an IAM role that grants permissions to the Systems Manager service. Once the role is created, users can select the target instances or servers and specify the script or command to be executed. The Run Command feature also provides options for scheduling commands to be executed at a later time or on a recurring basis.

One of the advantages of using the Run Command feature is that it allows users to execute scripts or commands on multiple instances or servers at the same time, saving time and effort. It also provides an audit trail of the commands that have been executed, allowing users to track changes and maintain a record of the actions taken on their instances or servers.

This article explores the process of running commands on EC2 instance remotely. AWS Systems Manager is a Management Tool that enables you to gain operational insights and take action on AWS resources safely and at scale. AWS Systems Manager is an always free tier product. The EC2 instance you create in this tutorial is free tier eligible.

So, let’s begin with creating an EC2 instance first.