aws:executeScript
– Run a script
Important
Starting December 4, 2024, you won't be able to create or update runbooks that use
the aws:executeScript
action with the Python 3.6, 3.7, or 3.8 runtimes.
Starting February 18, 2025, you won't be able to execute runbooks that use the
aws:executeScript
action with the Python 3.6, 3.7, or 3.8 runtimes.
We recommend upgrading your runbooks that use the aws:executeScript
action with Python runtimes, to Python 3.11 before December 4, 2024.
Runs the Python or PowerShell script provided using the specified runtime and handler.
Each aws:executeScript
action can run up to a maximum duration of 600
seconds (10 minutes). You can limit the timeout by specifying the
timeoutSeconds
parameter for an aws:executeScript
step.
Use return statements in your function to add outputs to your output payload. For
examples of defining outputs for your aws:executeScript
action, see Example 2:
Scripted runbook. You can also send
the output from aws:executeScript
actions in your runbooks to the Amazon CloudWatch Logs
log group you specify. For more information, see Logging Automation action output with
CloudWatch Logs.
If you want to send output from aws:executeScript
actions to CloudWatch Logs, or if
the scripts you specify for aws:executeScript
actions call AWS API
operations, an AWS Identity and Access Management (IAM) service role (or assume role) is always required to run
the runbook.
The aws:executeScript
action contains the following preinstalled
PowerShell Core modules:
-
Microsoft.PowerShell.Host
-
Microsoft.PowerShell.Management
-
Microsoft.PowerShell.Security
-
Microsoft.PowerShell.Utility
-
PackageManagement
-
PowerShellGet
To use PowerShell Core modules that aren't preinstalled, your script must install the
module with the -Force
flag, as shown in the following command. The
AWSPowerShell.NetCore
module isn't supported. Replace
ModuleName
with the module you want to install.
Install-Module
ModuleName
-Force
To use PowerShell Core cmdlets in your script, we recommend using the
AWS.Tools
modules, as shown in the following commands. Replace each
example resource placeholder
with your own
information.
-
Amazon S3 cmdlets.
Install-Module AWS.Tools.S3 -Force Get-S3Bucket -BucketName
amzn-s3-demo-bucket
-
Amazon EC2 cmdlets.
Install-Module AWS.Tools.EC2 -Force Get-EC2InstanceStatus -InstanceId
instance-id
-
Common, or service independent AWS Tools for Windows PowerShell cmdlets.
Install-Module AWS.Tools.Common -Force Get-AWSRegion
If your script initializes new objects in addition to using PowerShell Core cmdlets, you must also import the module as shown in the following command.
Install-Module AWS.Tools.EC2 -Force Import-Module AWS.Tools.EC2 $tag = New-Object Amazon.EC2.Model.Tag $tag.Key = "Tag" $tag.Value = "TagValue" New-EC2Tag -Resource
i-02573cafcfEXAMPLE
-Tag $tag
For examples of installing and importing AWS.Tools
modules, and using
PowerShell Core cmdlets in runbooks, see Using Document Builder to create
runbooks.
Input
Provide the information required to run your script. Replace each
example resource placeholder
with your own
information.
Note
The attachment for a Python script can be a .py file or a .zip file that contains the script. PowerShell scripts must be stored in .zip files.
- Runtime
-
The runtime language to be used for running the provided script.
aws:executeScript
supports Python 3.7 (python3.7), Python 3.8 (python3.8), Python 3.9 (python3.9)Python 3.10 (python3.10), Python 3.11 (python3.11) PowerShell Core 6.0 (dotnetcore2.1), and PowerShell 7.0 (dotnetcore3.1) scripts.Supported values:
python3.7
|python3.8
|python3.9
|python3.10
|python3.11
|PowerShell Core 6.0
|PowerShell 7.0
Type: String
Required: Yes
- Handler
-
The name of your function. You must ensure the function defined in the handler has two parameters,
events
andcontext
. The PowerShell runtime does not support this parameter.Type: String
Required: Yes (Python) | Not supported (PowerShell)
- InputPayload
-
A JSON or YAML object that will be passed to the first parameter of the handler. This can be used to pass input data to the script.
Type: String
Required: No
- Script
-
An embedded script that you want to run during the automation.
Type: String
Required: No (Python) | Yes (PowerShell)
- Attachment
-
The name of a standalone script file or .zip file that can be invoked by the action. Specify the same value as the
Name
of the document attachment file you specify in theAttachments
request parameter. For more information, see Attachments in the AWS Systems Manager API Reference. If you're providing a script using an attachment, you must also define afiles
section in the top-level elements of your runbook. For more information, see Schema version 0.3.To invoke a file for Python, use the
filename.method_name
format inHandler
.Note
The attachment for a Python script can be a .py file or a .zip file that contains the script. PowerShell scripts must be stored in .zip files.
When including Python libraries in your attachment, we recommend adding an empty
__init__.py
file in each module directory. This allows you to import the modules from the library in your attachment within your script content. For example:from library import module
Type: String
Required: No
Output
- Payload
-
The JSON representation of the object returned by your function. Up to 100KB is returned. If you output a list, a maximum of 100 items is returned.