Automate operational tasks across AWS resources using Systems Manager

Image by Bethany Drouin from Pixabay

What Is AWS Systems Manager? - AWS Systems Manager

AWS Systems Manager helps to manage EC2 instances’ life-cycle, by allowing to execute SSH commands.

It also supports automation of common maintenance and deployment tasks such as stopEC2Instance, startEC2Instance, CreateSnapshot and many more.

It also allows running scripts (using “State Manager”) from location like Github or S3, including shell scripts, python scrips, Ansible playbooks etc. on-demand or on-schedule.

There are many supported document types. Here are some most useful :

• AWS-RunRemoteScript
• AWS-RunShellScript (Requires Python installed on target instance)
• AWS-RunAnsiblePlaybook (Requires Ansible installed on target instance)
• AWS-RunDockerAction

All Systems Manager operations (State Manager, Automation, Run Command, etc.) require “aws-ssm-agent” to be installed on the target EC2 instance.

For executing System Manager commands/scripts/playbooks, there could be a dedicated EC2 instance (Bastian host) setup with required dependencies installed such as aws-ssm-client, Python, Ansible, AWS CLI/SDK/API, ElasticSearch plugin etc. that can use execute commands/scripts on other EC2 instances using an SSH client in the script.

Useful links :

Remotely Run Commands on an EC2 Instance

Systems Manager Automation Document Details Reference

Automate Running Tasks Using Amazon EC2 Systems Manager Maintenance Windows

Run Scripts Stored in Private or Public GitHub Repositories Using Amazon EC2 Systems Manager

Reference: Cron and Rate Expressions for Systems Manager

Using AWS Systems Manager as a Backup solution

AWS Systems Manager is a powerful service to execute automated commands/scripts/playbooks on on-demand or on-schedule bases.

One good use-case of this is when AWS services backup needs to be taken using custom scripts instead of using native Backup services.

State Manager allows to create Associations that can run a Document on-demand or on-schedule, on a single EC2 instance or group of instances.

Here is the github link to download sample backup solution using Systems Manager :

sanket-bengali/aws-backup-ssm

This sample project includes below use-cases :

1. Neo4j DB backup using custom SSM document
2. Neo4j DB snapshot using Python script (on an EC2 instance with SSM agent installed)
3. RDS (PostgreSQL) DB snapshot (from an EC2 instance with SSM agent installed)
4. RDS (Aurora PostgreSQL) DB cluster snapshot create (using RDS snapshot)
5. RDS (Aurora PostgreSQL) DB cluster snapshot restore
6. RDS (Aurora PostgreSQL) DB cluster snapshot create (using AWS Backup service)

AWS Systems Manager screenshots

State Manager Associations

Association details 1 : name

Association details 2 : type of document (from available list)

Association details 3 : script params (source type, path, command to execute etc.)

Association details 4 : target instances (single or group)

Association details 5 : schedule or on-demand

Association details 6 : extra options

Association execution history

Association execution details

Execution output details

Output logs