Menu
Amazon EC2 Systems Manager
User Guide

Joining EC2 Instances to a Domain Using Systems Manager Run Command

You can use the AWS-JoinDirectoryServiceDomain command to join an instance to an AWS Directory Service domain. Before executing this command you must create a directory. We recommend that you learn more about the AWS Directory Service. For more information, see What Is AWS Directory Service?.

Note

This procedure does not include information about how to configure Run Command for Amazon SNS notifications. To learn more about how to execute commands that return notifications, see Configuring Amazon SNS Notifications for Run Command.

To join an instance to a domain using Run Command

  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.

  2. In the navigation pane, choose Run Command.

  3. Choose Run a command.

  4. For Command document, choose AWS-JoinDirectoryServiceDomain.

  5. For Target instances, choose the instances where you want the command to run. If you do not see an instance in this list, it might not be configured properly for Run Command. For more information, see Systems Manager Prerequisites.

  6. For Directory Id, type the ID of an AWS directory. For example: d-1234567890.

  7. For Directory Name, type the directory name. For example: example.com.

  8. For Directory OU, type the organizational unit (OU) and directory components (DC) for the directory. For example, OU=Computers,OU=example,DC=test,DC=example,DC=com.

  9. (Optional) For DNS IP Addresses, type an IP address. For example: 198.51.100.1. Choose the plus sign to add more IP addresses.

  10. For Comment, we recommend providing information that will help you identify this command in your list of commands.

  11. For Timeout (seconds), type the number of seconds that Run Command should attempt to reach an instance before it is considered unreachable and the command execution fails. The minimum is 30 seconds, the maximum is 30 days, and the default is 10 minutes.

  12. For S3 bucket, type the name of the S3 bucket for command output.

    Important

    The Run Command Output page in the Amazon EC2 console truncates output after 2500 characters. Configure an Amazon S3 bucket before executing commands using Run Command. If your command output was longer than 2500 characters, you can view the full output in your Amazon S3 bucket. For more information, see Create a Bucket.

  13. For S3 key prefix, type the name of a subfolder in the S3 bucket. A subfolder can help you organize Run Command output if you execute multiple commands against multiple instances.

For information about how to run commands using Windows PowerShell, see Systems Manager Run Command Walkthrough Using the AWS Tools for Windows PowerShell or the AWS Tools for Windows PowerShell Reference. For information about how to run commands using the AWS CLI, see the SSM CLI Reference.

Canceling a Command

You can attempt to cancel a command as long as the service shows that it is in either a Pending or Executing state. However, even if a command is still in one of these states, we cannot guarantee that the command will be terminated and the underlying process stopped.

To cancel a command using the console

  1. In the navigation pane, choose Run Command.

  2. Select the command invocation that you want to cancel.

  3. Choose Actions, Cancel Command.

To cancel a command using the AWS CLI

Use the following command.

Copy
aws ssm cancel-command --command-id "command ID" --instance-ids "instance ID"

For information about the status of a cancelled command, see Setting Up Events and Notifications.

View Command Output

Use the following procedure to view the results of command execution in the EC2 console.

To view command output

  1. In the Amazon EC2 console, select a command in the list.

  2. Choose the Output tab.

  3. Choose View Output.

  4. The command output page shows the results of your command execution.