Amazon EC2 Run Command Receives an Update Amazon Web Services Inc. (AWS), this month updated its EC2 Run Command service. It now offers a variety of new commands, document management and sharing capabilities. AWS also open sourced the Simple Systems Manager agent Linux. The EC2 Run Command was introduced in October 2015. It was designed to make it easier for people who need a little more control or ad hoc for more than one instance. AWS evangelist Jeff Barr wrote a blog at the time that the EC2 Run Command was released. He noted that it was designed to support a wide variety of enterprise scenarios, including installing software, running ad-hoc scripts or Microsoft PowerShell command, and configuring Windows Update settings. This can be done using a variety of interface tools that AWS has created for this task. The AWS Identity and Access Management security access control system, which integrates the EC2 Run Command, allows for more precise control over what actions users can perform against instances. All permissions and changes made with the Run Command are automatically recorded to AWS CloudTrail in case of need to audit and trace usage and access. The current update, which was released in May, provides document management and sharing capabilities for command documents that are executed via the EC2 Run Command. Barr says that this will “allow you to add more rigor to administrative procedures by reducing variability, removing a source for errors,” and control is possible as command documents can be shared between accounts within an organization and even among AWS partners. Barr’s blog lists four additional commands for those who manage EC2 instances that run the Windows OS.
AWS-ListWindowsInventory: Allows for the collection of on-instance inventory information, with the ability to send results to an S3 bucket.
AWS-FindWindowsUpdates: Simply finds and lists Windows updates.
AWS-InstallMissingWindowsUpdates: Installs any missing updates.
AWS-InstallSpecificWindowsUpdates: Provides granular control for installing specific updates, and only those that can be identified via Windows Knowledge Base IDs.
Barr also notes that the Linux version the Simple Systems Manager agent can now be accessed by the general public for feedback and refinement. It is now open-sourced on GitHub. The EC2 Run Command is available at no additional cost (yes, it is free).