Learn AWS Systems Manager to automate management tasks by remotely running commands on your Amazon EC2 instances at scale.
Objectives:
1. Learn AWS Systems Manager a Management tool that enables to take action on AWS EC2 instances safely & at scale
2. Learn to use run command, one of the automation features of Systems Manager, to simplify management tasks by eliminating the need to use bastion hosts, SSH, or remote PowerShell.
Step 1: In AWS Console, go to IAM Service.
In side panel click on Roles under Access Management. Click on Create Role.
Configure as follows:
Select type of trusted entity: AWS service
Choose a use case: EC2
Click on Next: Permissions
In next step: Attach permission policies, search for AmazonEC2RoleforSSM, and select that policy as below.
Skip Add Tags step and continue.
In the Review step configure as follows:
Role name: EC2RoleForSystemManager
Role description: This Role provides EC2 access to Systems Manager
Click on Create Role.
Step 2: In EC2 service, click on the Launch Instances.
Step 3: After clicking on the launch instance you will be redirected to this page. Here search/select Amazon Linux 2 AMI.
Step 4: Choose an Instance Type over here.
Select General purpose type t2.micro Instance Type.
Click on Next: Configure Instance Details at the bottom right of the screen.
Step 5: Here you will Configure Instance Details.
In the Subnet field select on the drop down list and select one of the subnets from list. Here we select 1a for this instance.
In IAM Role field select the role created in Step 1.
Step 6: Click Next: Add Storage at bottom right of screen.
In this step keep all the default settings as they are and click on the
Next: Add Tags button at the bottom right of the screen.
Keep all the default settings as they are.
Click on the Next: Configure Security Group at the bottom right of the screen.
Step 7: Configure Security Group:
Create a new security group and name it as LINUX_WEB_SERVER_GROUP
Description: Security Groups for webservers
Keep the default SSH rule and add a new rule.
From the drop-down list select HTTP Rule.
Warning: Rules with source of 0.0.0.0/0 allow all IP addresses to access your instance.
Note: We recommend setting security group rules to allow access from known IP addresses only. While using this feature for production make sure the known IP address is entered.
Click on Review and Launch button on the bottom right corner
Step 8: Review Instance Launch
Here are all the details regarding your instance. Read them once and check if all the configurations are correct
Click on the Launch button at the bottom right corner.
Select the existing key pair and launch instance.
Step 9: Similarly Launch one more instance and select 1b subnet while configuration.
Confirm that both the instances are in Running state.
Step 10: In AWS Console, go to AWS Systems Manager Service.
In the Side Panel click on Run Command under Node Management.
Click on Run Command button.
In the step of Run a command, Search the document as follows:
Document name prefix : Equals : AWS-UpdateSSMAgent
Press Enter.
Select the Radio Button.
Scroll down to Targets.
Select Choose Instances Manually. And Select the 2 instances created above.
Scroll to the bottom and click on Run to run the command.
In the next page, wait until the Status changes from In Progress to Success.
Thus we have updated the EC2 Instance SSM Agent so as to operate commands over the instance remotely.
Step 11: Go back to Run Command under Node Management.
Click again on Run Command button.
In the step of Run a command, Search the document as follows:
Document name prefix : Equals : AWS-RunShellScript
Press Enter.
Select the Radio Button.
Scroll down to Command parameters. Give the following script:
sudo yum -y update
sudo yum -y install httpd
sudo chkconfig httpd on
sudo service httpd start
sudo echo "<html><h1>Hello! How are You? This is your Web Server!</h1></html>" > /var/www/html/index.html
Scroll down to Targets.
Select Choose Instances Manually. And Select the 2 instances created above.
Scroll to the bottom and click on Run to run the command.
In the next page, wait until the Status changes from In Progress to Success.
Step 12: Check the Web Server Is Running.
Go to EC2 Console, select instance one at a time.
Copy the IPv4 Public IP or the DNS name in description below.
Run the IP address in a new tab of your browser to check if the web server is running.
If the message is visible, it message means the web server is running.
Note: If you no longer need these instances make sure to terminate them.
Was this document helpful? How can we make this document better. Please provide your insights. You can download PDF version for reference.
For AWS certification / AWS trainings needs contact us.