Few weeks back, Amazon introduced EC2 Run Command which helps you instances in a manner that is both easy and secured. This feature was introduced to support a wide range of enterprise scenarios which includes, software installation, running scripts, Powershell commands, configuring Windows Update settings, etc. It can be accessed from various places including AWS Management Console, the AWS Command Line Interface (CLI), the AWS Tools for Windows PowerShell, and the AWS SDKs.

This feature was introduced after taking feedback from numerous users. This will make executing commands more secure, reliable, convenient, and scalable. You can create your own commands and exercise fine-grained control over execution privileges by using AWS Identity and Access Management (IAM).

Here are some of the ways that you can make use of Run Command in your AWS environment:

  • Install and configure third-party agents and software.
  • Manage local groups and users.
  • Check for installed software or patches, and act on the results.
  • Restart a Windows service or service.
  • Update a scheduled task.

All these features were available with Run command but only limited to Windows platform which was a disappointment for a lot of users. On December 15th, 2016 EC2 Run command update was launched and similar functionality was available for instances running Linux environments like Ubuntu, CentOS, etc.

Similar to Windows, this feature is designed to help administer EC2 instances in an easy and secure way, regardless of how many you are running. You can install patches, alter configuration files, and more. This feature will serve the following management needs:

 

  • A need to implement configuration changes across their instances on a consistent yet ad hoc basis.
  • A need for reliable and consistent results across multiple instances.
  • Control over who can perform changes and what can be done.
  • A clear audit path of what actions were taken.
  • A desire to be able to do all of the above without the need for unfettered SSH access.

 

Using Run Command on Linux:

Run Command makes use of an agent (amazon-ssm-agent) that runs on each instance. It is available for the following Linux distributions:

  • Amazon Linux AMI (64 bit) – 2015.09, 2015.03, 2014.09, and 2014.03.
  • Ubuntu Server (64 bit) – 14.04 LTS, 12.04 LTS
  • Red Hat Enterprise Linux (64 bit) – 7.x

Below are the things that can be done with Run Command:

  • Run shell commands or scripts
  • Add users or groups
  • Configure user or group permissions
  • View all running services
  • Start or stop services
  • View system resources
  • View log files
  • Install or uninstall applications
  • Update a scheduled (cron) task

 

The feature is currently available in the US East (Northern Virginia), US West (Oregon), and Europe (Ireland) regions. There’s no charge for the command, but you will be billed for other AWS resources that you consume.