1 Risposta
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
Hello.
If you are running EC2 in a private subnet, you can use Systems Manager functionality by creating a NAT Gateway or a VPC endpoint as described in the document below.
However, if you are accessing S3 or DynamoDB from EC2, you will also need to create a VPC endpoint for S3 or DynamoDB.
https://docs.aws.amazon.com/systems-manager/latest/userguide/setup-create-vpc.html
Also, if you are running Automation, I think it is possible to call it from Lambda or Eventbridge scheduler instead of from EC2, so you may want to consider using this.
https://docs.aws.amazon.com/systems-manager/latest/userguide/running-automations-event-bridge.html
Contenuto pertinente
- AWS UFFICIALEAggiornata 7 mesi fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 2 anni fa
Hello, thanks for response. I want to run sh script to perform admin functions on ec2. So I have master sh script which is invoked by ssm run command, then master script downloads actual script from s3 and pass control to that script and at the end, update ddb to store status.
I am thinking if ssm agent is able to talk to ssm service, then it sbould be possible to execute ssm automation from awwcli commands within ec2.
I searched additionally, there is command to execute or invoke ssm automation , I am going to try that.
Purpose is to avoid gateway endpoint as it is region specific and interace Endpoint has cost
To use the ssm run command to run scripts in EC2, EC2 must be registered as a managed instance in Systems Manager. To register as a managed instance, SSM Agent must be able to communicate with Systems Manager, so if you are running EC2 in a private subnet, you will need to configure a NAT Gateway or VPC endpoint.