Menu
AWS Systems Manager
User Guide

Automation QuickStart

This section includes two walkthroughs to help you execute a simple Systems Manager Automation workflow within minutes. Each walkthrough offers a different approach for setting up and executing Automation workflows. We suggest that you perform these walkthroughs in a test environment where you have adminstrator permissions in AWS Identity and Access Management (IAM).

QuickStart #1: Executing an Automation Workflow as the Current Authenticated User

This walkthrough shows you how to execute an Automation workflow that restarts a managed instance by using the AWS-RestartEC2Instance document. The workflow executes in the context of the current IAM user. This means that you don't need to configure additional IAM permissions as long as you have permission to run the Automation document and any actions called by the document. If you have administator permissions in IAM, then you have permission to run this Automation.

To execute the Automation document as the current authenticated user

  1. Open the AWS Systems Manager console at https://console.aws.amazon.com/systems-manager/.

  2. In the navigation pane, choose Managed Instances.

  3. Copy the instance ID of one more managed instances that you want to restart.

  4. In the navigation pane, choose Automation, and then choose Execute automation.

  5. In the Automation document list choose AWS-RestartEC2Instance.

  6. In the Document details section, verify that Document version is set to 1 (Default).

  7. Leave the default settings for the Execution Mode and Targets and Rate Control sections.

  8. In the Input parameters section, paste one or more IDs in the Instance ID box. Separate instance IDs with a comma (,).

    Note

    You can copy and paste a vertical list of instance IDs (IDs separated by carriage returns), because the system automatically separates each instance ID.

  9. Choose Execute automation. The console displays the status of the Automation execution.

QuickStart #2: Executing an Automation Workflow by Using an IAM Service Role

This walkthrough shows you how to execute an Automation workflow that restarts a managed instance by using the AWS-RestartEC2Instance document. The workflow executes the Automation by using an IAM service role (or assume role. The service role gives the Automation service permission to perform actions on your behalf. Configuring a service role is useful when you want restrict permissions and execute actions with least privilege. For example, if you want to restrict a user's privileges on a resource, such as an EC2 instance, but you want the user to execute an Automation workflow that performs a specific and allowable set of actions. In this scenario, you can create a service role with higher privileges and allow the user to execute the Automation workflow.

Before You Begin

Before you complete the following procedure, you must create the IAM service role and configure a trust relationship for Automation. For more information, see the following procedures: Task 1: Create a Service Role for Automation and Task 2: Add a Trust Relationship for Automation.

To execute the Automation document by using a service role

  1. Open the AWS Systems Manager console at https://console.aws.amazon.com/systems-manager/.

  2. In the navigation pane, choose Managed Instances.

  3. Copy the instance ID of one more managed instances that you want to restart.

  4. In the navigation pane, choose Automation, and then choose Execute automation.

  5. In the Automation document list choose AWS-RestartEC2Instance.

  6. In the Document details section, verify that Document version is set to 1 (Default).

  7. Leave the default settings for the Execution Mode and Targets and Rate Control sections.

  8. In the Input parameters section, paste one or more IDs in the Instance ID box. Separate instance IDs with a comma (,).

    Note

    You can copy and paste a vertical list of instance IDs (IDs separated by carriage returns), because the system automatically separates each instance ID.

  9. In the Automation Assume Role box, paste the ARN of the IAM service role.

  10. Choose Execute automation. The console displays the status of the Automation execution.

For more examples of how use Systems Manager Automation, see Systems Manager Automation Walkthroughs. For information about how to get started with Automation, see Setting Up Automation.