AWS, Cloud Computing

5 Mins Read

Running Commands Using AWS Systems Manager: A Step-by-Step Guide

AWS Systems Manager (formerly known as AWS SSM) is an AWS service used to view and control AWS infrastructure. It provides a solution to automate the operational tasks for Amazon instances. It lets engineers manage the configuration of the managed instances remotely and securely. AWS System Manager is an AWS service that helps in maintaining the servers. You can automate the process and perform desired tasks on the servers without logging into the system.

Having several servers seems to be a great way for efficient utilization. But the maintenance of the servers can be tedious enough to put a huge overall cost. The engineers must log in to the machines, list the patches, select, and install the same. This sounds to be easy, but it becomes cumbersome when a bunch of machines must be maintained. It would take more time and is a manual task affecting the performance. Additionally, this may also cause manual errors like, missing instances, missing packages during the process and creating issues.

The AWS Systems Manager is a powerful tool with varied capabilities categorized into operational management, application management, change management, node management, shared resources.
Today we will focus on the ‘Run Command’ targeted to simplify operational management tasks.

Run Command: 

It is a capability of the AWS Systems manager that allows you to remotely maintain and manage the servers. Managed servers are servers that have been configured for use by SSM service.

With Run Command, we can perform:

Follow the guide below for a demo on how to use the Run command.


You will need an AWS Account to begin with. If you are new to AWS or do not have an account, you can create one using this link:

Here is a step-by-step guide to use the run command:  

 Create an IAM role for EC2-SSM: 

  1. Go to IAM Dashboard in AWS Console  
    IAM Dashboard
  2. Click on Roles on the left pane and click Create role
    Create Role

  3. Choose the AWS Service (EC2) and click next permissions
    Create Role
  4. Choose AmazonSSMFullAccess and click on next
    Amazon SSMFullAccess
  5. Give a name for the role and Click Create role
    Create Role

Create Instances with the above roles attached:

  1. Go to EC2 Dashboard in AWS
  2. Click on Launch Instance, Choose the ubuntu AMI (ami-0b9064170e32bde34)
  3. In Instance type, choose T2.micro and click on nextubuntu AMI
  4. In Instance Configure, let the instance count by 1.In the IAM role, choose the role you created in the previous task
    IAM role
  5. Keep default values for storage and move to the next stage.
  6. Add tags to the Instance
    Adding Tags
  7. Review and Create the instance.

Create a VPC Endpoint: 

  1. Go to VPC Console,
  2. Choose Endpoints towards the left pane
  3. Click on Create Endpoint
    Creating Endpoint
  4. Choose Service Category: AWS Service and select the Servicecom.a

    AWS Services
    Service Category
  5. Choose the VPC, subnet to which you want to create an endpoint
  6. Click on create Endpoint
    AWS Service
    Create Endpoint

Create a run command and execute the command:

  1. Go to System manager console
  2. Towards the left pane, choose the Run Command Service
    Run Command
  3. Click on the Run command
    Run Command
  4. Choose the Command Document that is compatible with the type of end servers ( Linux / windows)In this demo,  We are using Linux servers, so I choose AWS-ConfigureAWSPackage
  5. Scroll down, in command parameters,
    a. Action, (install)
    b. Installation type:
    c. Name: Provide the valid Package name ( eg: AmazonCloudWatchAgent, AwsEnaNetworkDriver)
    AWS-Configure AWS PAckage
  6. Targets: there are 3 ways you can identify the end servers:
    a. By specifying tags
    b. Manually choosing
    c. Choosing the resource GroupClick on Choose instance manually
    Choose instance manually
  7. In the output options, Uncheck, enable S3 output
    S3 bucket
  8. Click on the run command.
    Run command
    You will notice the execution of the command.Execution of command
    Run Command
    Run Command
    Run command
  9. Verify:

Hope this blog has shed light on the uses of ‘run command’, and how it can be used to manage and maintain the servers. It can be used to perform patch updates to the servers without SSH into the machine easily and securely.
To learn more about managing infrastructure on AWS, then here is a step-by-step guide for you.

Feel free to drop any queries and our team of experts will get back to you very soon.


Voiced by Amazon Polly


Shyla is an MCT and works on cloud platforms like AWS and Azure. She is certified as an Azure Administrator and works on DevOps tools like Ansible, and Terraform, to create and deploy highly available infrastructure on AWS and Azure.



  1. Kamesh

    Aug 5, 2021


    How to automate and schedule this run command?

  2. Swasti Ray

    May 27, 2021


    Very well written and helpful content

  3. keerthish

    May 27, 2021


    very informative and easy understandable

  4. Shailendra

    May 27, 2021


    Very nice

  5. Seeli

    May 27, 2021


    Very edifying

  6. Sophia

    May 27, 2021


    It’s good and very informative and useful

  7. Gurjot Brar

    May 27, 2021


    Very informative….

  8. Anees A A

    May 22, 2021



    • Seeli

      May 27, 2021


      Very edifying

  9. Munwar

    May 22, 2021


    Very useful and interesting blog👍

  10. Debbie Pais

    May 22, 2021


    Informative and well structured post!

  11. Shravya

    May 22, 2021


    Very informative with detailed explanation

  12. Anusha Shanbhag

    May 21, 2021


    Very inofrmative

    • Shyla

      May 28, 2021



    Click to Comment

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!