Shulou(Shulou.com)06/01 Report--

This article mainly introduces how AWS sends commands to EC2 to execute the script remotely. It is very detailed and has a certain reference value. Interested friends must read it!

In many cases, we need to send commands to the instance outside the EC2 instance, which will be executed by the instance. AWS provides us with this service, called Amazon EC2 Simple System Manager (SSM).

We need to install the SSM Agent program on the target instance to communicate. It is best to do this in the startup script of the instance:

Yum update-Q-yREGION=$ (curl-s http://169.254.169.254/latest/dynamic/instance-identity/document | grep region | awk-F\\ "'{print $4}') aws configure set default.region ${REGION} function install_ssm_agent () {curl https://amazon-ssm-${REGION}.s3.amazonaws.com/latest/linux_amd64/amazon-ssm-agent.rpm-o / tmp/amazon-ssm-agent.rpm 2 > / dev / null & & yum install-Q-y / tmp/amazon-ssm-agent.rpm & & status amazon-ssm-agent | | start amazon-ssm-agent} status amazon-ssm-agent | | (start amazon-ssm-agent | | install_ssm_agent)

You may notice that we get region information from 169.254.169.254. How do you do this? This is the dynamic data of the instance. For more information, please refer to retrieving dynamic data and retrieving instance metadata.

The default locale for aws is set because some aws-cli commands must be specified before they can be executed.

Note that we need to add an AmazonEC2RoleforSSM hosting policy to the IAM role of EC2 so that the instance can communicate with Run Command API. Add an AmazonSSMFullAccess hosting policy to the role of the command sender. For more information, please see configuring access permissions.

Once configured, we can use the system manager service of AWS's EC2 console to send commands, or use aws-cli or AWS SDK to do so.

The following demonstrates the command to send "run two Shell scripts to the instance ${INSTANCE_ID}":

Commands to be run:

Aws S3 cp s3://bucket/key / tmp/myscript.shchmod + x / tmp/myscript.sh & & / tmp/myscript.sh

Send our command using the aws ssm send-command command:

Aws ssm send-command\-document-name "AWS-RunShellScript"\-instance-ids ${INSTANCE_ID}\-parameters "{\" commands\ ": [\" aws S3 cp s3://bucket/key / tmp/myscript.sh\ ",\" chmod + x / tmp/myscript.sh & & / tmp/myscript.sh\ "]}"

We can check the results of the command execution, either from the system Manager service in the EC2 console, the command history, or programmatically.

You can see the exit code and the output. If the output is very long, it is recommended to specify the S3 address. Note that S3 access is also required at this time.

These are all the contents of the article "how AWS sends commands to EC2 to execute scripts remotely". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.