By using AWS re:Post, you agree to the Terms of Use

How to use EventBridge with Systems Manager Run Command to run shell commands?


I'm trying to use EventBridge to listen for EC2 autoscaling termination events, and send a shell command to the instance to do some work before the instance terminates.

I followed this guide: However, it doesn't explain how Target Key and Target Value input boxes are used. I don't understand why it uses tag:environment in this case. I assume I'm supposed to input the instance id of the EC2 instance, and I know that the instance id is in the json body of the termination event. Is there a way I can pass variables to the Target Key and Target Value?

2 Answers
Accepted Answer

The Target Key and Target Value is used to identify which instance(s) to run the command against. Target Key can either be an instance tag key (e.g., environment), or the literal value InstanceIds to indicate that the command should be run against a specific list of instance IDs. Target Value is a list either of tag values, if a tag key was specified for the target key (e.g., production), or a list of EC2 instance IDs.


EventBridge supports fetching data out of the event and passing it to the target via Transforms. See the transforms documentation for additional details.

answered 8 months ago
  • Thanks for confirming what they are for.

    The issue I have is that the variables declared in Transforms seems to only work for parameters besides RunCommandTarget. When I put <instanceId> in the Target Value, it seems to take it as literal.

    I'll try with <instanceId> and $.detail.EC2InstanceId some more. Do you know by any chance the correct syntax?

  • I couldn't figure out a way to pass instanceId variable to Target Value in the console UI. To work around this, I instead opted for Event Bridge -> Lambda -> System Manager Run Command, which worked. I'll mark this question as answered, but it'll be great if anyone figures out a way to directly pass instanceId.


I have this exact same need. I have instances in an ASG that need something to happen post-boot. Specifically, I am trying to get the CodeDeploy agent installed via the SSM Document that is used by Distributor.

Its not intuitive, but the solution to this is to create an SSM Automation and not Run/Send Command. If you use an Automation then you can write the EventBridge rule to target that then use the input transform. The automation will digest the input into a Target for the automation. Not great as it adds an obfuscating layer, but it is what it is.

For my specific use case, I have also explored: Creating an EventBridge rule for each autoscaling group (yuck) Targeting the Run Command for every piece of running equipment (yuck)

answered 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions