Monitoring AWS EC2 Run Command Execution

AWS launched EC2 Run Command in October 2015 to provide a simple way of automating common administrative tasks like installing software or patches, running shell commands, performing operating system changes, managing local groups and users, altering configuration files and more in Windows instances. AWS quickly followed the launch with the same feature for Linux instances, and in May 2016, they added the power to Manage & Share Commands, and the ability to use additional predefined commands along with any custom commands that users have created for their accounts.

Continuing to improve EC2 Run Command for users, this summer, AWS added the ability to use EC2’s powerful “Run Command” feature with a single log-in to execute commands in multiple locations, including EC2 instances, on-premises servers or virtual machines (VMs) from other cloud providers. And before July came to a close, AWS announced yet another feature where EC2 Run Command can notify you of the status of your command or a code block within a command changes. Importantly, users can then receive the reports through CloudWatch Events or even through Amazon SNS.This is a true benefit because it allows users to use Run Command in true building block fashion, invoking commands and processing results as they arrive.

Let’s walk through how this can be accomplished. Amazon SNS (Simple Notification Service) is a service that lets you trigger an event that can be configured to send you an email. To monitor EC2 Run Command execution via SNS:

1. Sign in to the AWS Management Console and open the Amazon SNS console at https://console.aws.amazon.com/sns/..
2. Now that you are signed in Amazon SNS, you are ready to create a topic. A topic is a communication channel to send messages and subscribe to notifications. It provides an access point for publishers and subscribers to communicate with each other. You can create a topic named MyTopic or whatever you like. After you create the topic, copy or make a note of the Topic ARN.
3. To receive messages published to a topic, you have to subscribe an endpoint to that topic. In our example you can subscribe an endpoint to the topic you just created in the previous section. You can configure the subscription to send the topic messages to your email account.
4. In the left navigation pane, click Topics and then select the topic you want to publish to. Click the Publish to topic button. Once the message is published, Amazon SNS attempts to deliver that message to the endpoint that is subscribed to the topic.
5. You can now use your email application to open the message from AWS Notifications and read the message.

You can also monitor the execution of your commands using CloudWatch Events. The Amazon CloudWatch system event stream, known as CloudWatch Events, enables you to respond quickly to application availability issues or resource changes, with notifications from AWS services delivered in near-real-time. You simply write rules to indicate which events are of interest to your application and what automated action to take when a rule matches an event. The three main components of CloudWatch Events are events, rules, and targets.

To Monitor EC2 Run Command execution via CloudWatch events:

1. Sign in to the AWS Management Console and open the CloudWatch console at https://console.aws.amazon.com/cloudwatch/.
2. In the navigation pane, choose Events.
3. Click on Create rule and choose an event source and then hit Save.
4. Check the CloudWatch metrics a few seconds later.
5. Check also the CloudWatch log and inspect the output from the code.

Providing a simple way of automating common administrative tasks, AWS EC2 Run Command helps improve workload reliability and decrease potential risk. With the ability to monitor its output through SNS and CloudWatch, users can now easily flag any potential problems which means you can use Run Command in true building block fashion invoking commands and processing results as they arrive. If your organization is interested in achieving the benefits associated with increased cloud-based automation but don’t know where to start, reach out today to get started with our proprietary assessment.

Did you find this useful? 

Interested in getting tips, best practices and commentary delivered regularly? Click the button below to sign up for our blog and set your topic and frequency preferences.