RUN Command on AWS

As you may be aware, RunCommand works with the SSM service. Because of this, it requires some prerequisites [2] to be achieved before being able to configure it.

For this use case, having in mind your configuration, you just need to attach the instance role[3] to each instance that will be chose a target for the command.

This are the steps you need to follow:

1. Open the IAM console at
2. In the navigation pane, choose Roles, and then choose Create New Role.
3. On the Select role type page, under AWS Service Role, choose Select in the Amazon EC2 section.
4. On the Attach Policy page, choose the option beside AmazonEC2RoleforSSM, and then choose Next Step.
5. On the Set role name and review page, type a name in the Role name box, and then type a description.
6. Choose Create Role. The system returns you to the Roles page.

Once you have done this, you need to attach the role to your instance. Follow these steps to do so:

1. Open the EC2 console
2. In the navigation pane, choose instances, and then select the instance that will have the role available.
3. Click on Actions, Instance Settings and Attach/Replace IAM Role.
4. Select the role you just created in the previous steps.
5. Click on Apply.

At this point, you should be able to list your instances as target for RunCommand.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s