Menu
Sign In to the Console
Amazon Elastic Compute Cloud
User Guide for Linux Instances

Amazon EC2 Run Command Prerequisites

Amazon EC2 Run Command has the following limitations and prerequisites. For information about Windows prerequisites, see Amazon EC2 Run Command Prerequisites in the Amazon EC2 User Guide for Windows Instances.

Limitations

Run Command is only available in these regions.

Note

For servers and VMs in your hybrid environment, we recommend that you choose the region closest to your data center or computing environment.

Prerequisites

RequirementDetailsFor More Information

Supported Operating System

Instances must be running a supported version of Linux.

64-Bit and 32-Bit Systems

  • Amazon Linux 2014.09, 2014.03 or later

  • Ubuntu Server 14.04 LTS or 12.04 LTS

  • Red Hat Enterprise Linux (RHEL) 6.5 or later

  • CentOS 6.3 or later

64-Bit Systems Only

  • Amazon Linux 2015.09, 2015.03 or later

  • Red Hat Enterprise Linux (RHEL) 7.x or later

  • CentOS 7.1 or later

Finding a Linux AMI

SSM Agent

SSM Agent processes Run Command requests and configures your machine as specified in the request. You must download and install SSM Agent to your EC2 instance, on-premises servers or VMs, or VMs hosted by other cloud providers.

The source code for SSM Agent is available on GitHub so that you can adapt the agent to meet your needs. We encourage you to submit pull requests for changes that you would like to have included. However, Amazon Web Services does not currently provide support for running modified copies of this software.

Installing the SSM Agent

Access to Run Command

Before you can execute commands using Run Command, you must configure an AWS Identity and Access Management (IAM) EC2 instance role for instances that will process commands. You must also configure a separate user role for users executing commands. Both roles require permission policies that enable them to communicate with the SSM API.

Note

For servers and VMs in your hybrid environment, you must also create an IAM service role that enables your on-premises server or VM or VM hosted by another cloud provider to communicate with the SSM service. For more information, see Create an IAM Service Role.

Delegating Access to Amazon EC2 Run Command

Internet Access

Verify that your EC2 instances have outbound Internet access. Inbound Internet access is not required.

Internet Gateways

Amazon S3 Bucket (Optional)

You can store command output in an Amazon Simple Storage Service (S3) bucket. Command output in the Amazon EC2 console is truncated after 2500 characters. Additionally, you might want to create an Amazon S3 key prefix (a subfolder) to help you organize Run Command output.

Create a Bucket


Note

SSM communicates with the SSM Agent on your instance by using the EC2 Messaging service. If you monitor traffic, you will see your instances communicating with ec2messages.* endpoints.

After you configure prerequisites, see Executing a Command Using Amazon EC2 Run Command for step-by-step procedures using the Amazon EC2 console. To view AWS Command Line Interface (AWS CLI) and AWS Tools for Windows PowerShell examples, see Amazon EC2 Run Command Walkthroughs.

Related Topics