SAP-C02 Amazon AWS Certified Solutions Architect Professional – New Domain 5 – Continuous Improvement for Existing Solutions Part 13

  • By
  • August 31, 2023
0 Comment

58. Understanding EC2 Run Command

Hey everyone and welcome back to the Knowledge Full video series. And in today’s lecture we’ll be exploring some of the services which are part of the Systems Manager service and in today’s lecture will be speaking specific to the run command. So the run command and in fact the entire SSM is a new feature which has been introduced recently within the AWS environment. So run command, as the title itself says, basically it allows us to run a specific set of commands within the instances that you are running. So generally let’s assume that I have a Linux server over here and I want to execute a certain command here. So what I would typically do is I would log into the server via SSH and then I would run a specific command. So this is one of the normal ways.

Now let’s assume that you have hundreds of instances and you want to run one specific command in all the hundred instances. So what is the most ideal way to achieve this? So one might say configuration management like ansible that is also an ideal way, but a tables has also allowed us to execute this specific use case with its own service call as run command. So generally, let me show you. So when you click on run command, there are various ways in which you can execute a certain use case. So the use case can be for Windows, the use case can be for Linux as well. So let me share you one of the example. So you have a specific AWS run shell script over here and if you go a bit down, there are certain commands that you can execute over here.

So what you can do is you can specify whatever command that you want to run, you can create Iptables, firewall rule or whatever you want to, you specify the commands, you specify the instances on which the commands should execute and you also can specify the timeout related values as well. So all of those things can be specified. And after you have specified your configuration, AWS run command will execute the commands that you have specified in this text box to all the EC two instances which have been selected.

Now one of the questions that you might ask is how can the run command execute the command inside the EC two instances? So let me just quickly show you. I have my EC two logged in, so if I do a quick Rpm, hype and QA on grip Amazon, you see there is an Amazon SSM agent which is installed. So if you want to work with run command, you have to install the SSM agent to all the EC two instances where you want to execute the command. So once the agent is installed you can go ahead and create your own command and that agent which is installed in the server is responsible for executing that specific command.

So I have one sample command which I have executed. So this is the command, you see, the document name is AWS run shell script. So if I go into the output, the status of this specific command has been successful. And if I go ahead and click on view output, you see it has given me the output of the command which has been ran. So basically, I had ran a command which was rpm Hyphen QA. Let me just show you. So rpm hyphen QA this is the command that I had executed with the run command. And this is the output which the run command had given me.

So this is what run command is all about. What we’ll be doing is we’ll wrap up the lecture right now, and in the upcoming lecture, we’ll look into how we can execute the run command. So there are a few steps that we have to take, like im Role Policy installation of SMS SM Agent before we can go ahead and do a run command. So this is it, about this lecture. I hope this has been informative for you, and I look forward to seeing you in the next lecture.

59. Deploying our first RunCommand

Hey everyone and welcome back. So in the earlier lecture we discussed on the high level overview on what basically the Run command is all about. So what will be doing in today’s lecture is we have one EC Two instance over here and we’ll be configuring this EC Two instance to work with the Run command. So the very first thing that you need to do is you have to create an IAM rule. So in this is EC Two instance, let me just refresh over here there is no Im role associated with it. So let’s do one thing. Let’s go to IAM and let’s create a new role. So I’ll go to the roles, I’ll create a new role. Now this role will be for EC Two. So I’ll select the EC to over here. And within this there is an easy to roll for Simple Systems Manager. So we’ll be selecting this one and I’ll click on Next permission.

So by default there is a policy which AWS has already created. So we don’t really have to select the policy. I’ll just click on Next review. I’ll give the role name as Run command and I’ll click on Create Role. So once this role is created, I’ll attach this role to the EC Two instances. So I’ll go to Instance settings attach Replace Role and here we’ll be selecting the Run command role and click on Apply. Perfect. Quickly verify whether you can see the Im role Run command and it is perfect. So once the IAM role is attached, the next thing that you need to do is you have to install the SSM Agent. Now within the documentation itself you have the command in which you can install the SSM Agent. It is simple yam Install if you are running Red Hat based system.

So in my case I am running Amazon Linux. So I’ll use this specific command to execute. So let me just log in again. Perfect. So let me just quickly install the SSN Agent. I’ll be pasting this command into the resources. So in case if you need you can directly copy paste that. Perfect. So the Amazon SSN agent has been installed. So next thing that you would want to do is just verify whether the status of this Amazon SSM Agent is running or not. So I’ll quickly do a status Amazon SSA Agent and you see it is running as expected. Perfect. So once you have Agent installed, once you have I am role configured, next thing that you can go ahead and do is you can go ahead and select the Run command and click on the Run command. So there are various ways in which you can run a command.

In our case I’ll be using the Run shell script. So now if you look into the target, you will be still seeing one EC Two instances. So this EC Two instance has the SSM Agent installed and this is the reason why you are seeing this. So once you see and select this instance, go ahead and type the command that you want to execute. So I’ll do Lsroot and I’ll do Rpm QA. So these are the two commands that I want to execute. Now, let’s quickly verify the contents of the root directory. There is a file call as test within the root directory. So this will allow us to verify the output that you can see from the run command. So these are the two commands that we’ll be executing. The working directory, I’ll just put it as Tim and within the advanced option you can store the output of your command to s three bucket, or you can enable the SMS notification as well. So along with that, you also have a ready made command which the SSN have already generated.

So whatever command that you have written over here, it is converted to the SSM specific command and you can actually run this command manually as well. However, this is something that will not be doing right now. So let’s do one thing. Let’s go ahead and click on run. Perfect. So now if we go and view results, this is the success, the status is success. And now you look into the view output, the first command. This is the first command where we did LS, this one LS root. So this was the first command that was executed and the output was test. And this is something that you see within the run command output as well. And the second command that we executed was Rpm hyphen QA and these are all the packages that were part.

Now, one thing that you will see over here is that the output is truncated. So only there are certain character limits. 2500 characters of output is shown. So if you want to see the entire output, you need to configure it with the s three bucket. So since we have not configured it with the s three bucket, we’ll only see the truncated output. But ideal case is that whenever you run a command, you configured the s three bucket as well, so that the entire output of the command would be stored in the s three bucket for you to look into. So this is the high level overview about what run command is all about. I have found it run command very useful in certain cases related to investigation or even in certain use cases where your SSH fails. So this is it about Runkama. I hope this has been informative for you and I look forward to seeing you in the next lecture.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img