AWS Systems Manager allows you to safely automate common and repetitive IT operations and management tasks. With Systems Manager Automation, you use predefined playbooks, or you can build, run, and share wiki-style automated playbooks to enable AWS resource management across multiple accounts and AWS Regions.
Basic Steps:
Create IAM Role for Ec2 instance:
IAM > Roles > Trusted Entity Type: AWS Services > Common use cases : EC2 > Next > AmazonEC2RoleforSSM
Create EC2 instances > Select the Instance > Actions > Security > Modify IAM role
Access each instances and Install "amazon-ssm-agent"
FOr Redhat:
Makesure Python is installed. If not, yum install python3
sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
sudo systemctl status amazon-ssm-agent
sudo systemctl enable amazon-ssm-agent
3. AWS Systems Manager > Node management > Fleet Manager > Now we can show the servers comes under amazon-ssm-agent
Resource Group & Tage creation
Select Each EC2 instances > Tags > Managege Tages
Name: Environment: Team
AWS Resource Groups > Create Resource Group > Tag Based > Resource Type: AWS:EC2:Instances > Create Groups based on the Tags we created.
Run Commands
AWS Systems Manager > Shared Resources > Documents > Create document > Command or session> "Type a Name" > Content YAML
AWS show a sample script, we need to edit it like a following sample
schemaVersion: '2.2'
description: Sample YAML template to install Apache
parameters:
Message:
type: "String"
description: "Welcome Message"
default: "Hello World"
mainSteps:
- action: aws:runShellScript
name: configureApache
inputs:
runCommand:
- 'sudo yum update -y'
- 'sudo yum install -y httpd'
- 'sudo systemctl start httpd.service'
- 'sudo systemctl enable httpd.service'
- 'echo "{{Message}} from $(hostname -f)" > /var/www/html/index.html'
> Now Go back to AWS Systems Manager > Documents > Owned By Me > Click on the Document > Run Command > It will execute the commands in all servers in the selected AWS resource group.