As we all know AWS Systems Manager provides configuration management, which helps you maintain consistent configuration of your Amazon EC2 or on-premises instances. You can create a document in JSON or YAML format and perform the operations on the EC2 Instance. You can access the EC2 console without launching a session through Sessions Manager. You can configure a state manager association with the EC2 instance and periodically run a custom document on top of that.
In this article, I will give a step-by-step walk-through of Systems Manager setup and executing document workflows on top of EC2 Instances.
1: Create an IAM Role for the EC2 Instance. It needs SSM permission to communicate for any automated operations from the Systems Manager Console.
Add the below permissions and give a name to the role as EC2RoleSSM
AmazonSSMManagedInstanceCore
AmazonEC2RoleforSSM
Once the role is created, it will be listed as below
Go to systems manager services, we will concentrate on the Node Management section. As of now, NO managed instances are available so the fleet manager is taking us to the Get Started Page. Once the Ec2 instance is configured we can able to see the instance as a managed instance.
2. Launch an EC2 instance ( Redhat Linux Version ) and attach the EC2RoleSSM IAM Role.
NOTE: By default, Amazon Linux has the Agent installed, so for demonstration purposes I considered RHEL
I logged into the EC2 instance using local the pem key through local git bash and switched to root for convenience purpose.
Install wget and use wget to download the amazon-ssm-agent.rpm
Command to download the wget and SSM packages
1.yum install wget
2. wget https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
3. yum install amazon-ssm-agent.rpm
Start/Enable/Status commands for SSM agent
systemctl enable amazon-ssm-agent
systemctl start amazon-ssm-agent
systemctl status amazon-ssm-agent
Start the SSM Agent to enable the connection between EC2 and the AWS Systems Manager.
Monitor the SSM logs using the below command
tail -f /var/log/amazon/ssm/amazon-ssm-agent.log
Now we can see the instance available in Systems Manager => Fleet Manager section as shown below.
Now EC2 Instances can be managed using AWS Systems Manager.
Let’s concentrate on the Run Command Functionality first from the below list of features.
As of now, docker is not installed in the machine. We will install using Run Command.
3: Click on Run Command è select platform type as linux and select Configure Docker as shown below.
Click RUN
This will install the Docker in the EC2 Instance.
Once the Command is completed successfully, we can see the docker availability.
Command status from console
State Manager
Now we will use State Manager to uninstall docker from the RHEL EC2 Instance.
Click on Create an Association first
Select Uninstall from action choose the instance manually and the rest of the parameters as shown below and click on Create Association.
Once document execution completed.
Now we can check the docker status from cli
In this way, we can use AWS Systems Manager to execute custom documents, run automation, establish sessions, and configure parameter stores.
The founder of TacoBIG.com.He is a Cloud Architect from Bangalore interested in contributing guidance to Cloud related communities. He loves to read books and share knowledge with others. He is keen on understanding Financial wisdom and sharing thoughts on how to achieve financial freedom.
