1

I have an API (in python) which has to alter files inside an EC2 instance that is already running. I'm searching on boto3 documentation, but could only find functions to start new EC2 instances, not to connect to an already existing one.

I am currently thinking of replicating the APIs functions to alter the files in a script inside the EC2 instance, and having the API simply start that script on the EC2 instance by accessing it using some sort of SSH library.

Would that be the correct approach, or is there some boto3 function (or in some of the other Amazon/AWS libraries) that allows me to start a script inside existing instances?

Guilherme Coppini
  • 102
  • 1
  • 11

3 Answers3

4

An Amazon EC2 instance is just like any computer on the Internet. It is running an operating system (eg Linux or Windows), and it has standard security in-built. The fact that it is an Amazon EC2 instance has no impact.

So, the question really becomes: How do I run a command on a remote computer?

Typical ways of doing this include:

  • Connecting to the computer (eg via SSH) and running a command
  • Running a service on the computer that listens on a particular port (eg responding to an API request)
  • Using remote shell commands to run an operation on another computer

Fortunately, AWS offers an additional option: Use the AWS Systems Manager Run Command:

AWS Systems Manager Run Command lets you remotely and securely manage the configuration of your managed instances. A managed instance is any Amazon EC2 instance or on-premises machine in your hybrid environment that has been configured for Systems Manager. Run Command enables you to automate common administrative tasks and perform ad hoc configuration changes at scale. You can use Run Command from the AWS console, the AWS Command Line Interface, AWS Tools for Windows PowerShell, or the AWS SDKs. Run Command is offered at no additional cost.

Administrators use Run Command to perform the following types of tasks on their managed instances: install or bootstrap applications, build a deployment pipeline, capture log files when an instance is terminated from an Auto Scaling group, and join instances to a Windows domain, to name a few.

Basically, it is an agent installed on the instance (or, for that matter, on any computer on the Internet) and commands can be sent to the computer that are executed by the agent. In fact, the same command can be sent to hundreds of computers if desired.

The AWS Systems Manager Run Command can be triggered by an API call, such as a program using boto3.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
3

Unless you have a specific service running on that machine which allows you to modify mentioned files. I would make an attempt to log onto EC2 instance as to any other machine via network.

You can access EC2 machine via ssh with use of paramiko or pexpect libraries.

Rob
  • 415
  • 4
  • 12
1

If you want to use the execute a script inside of an existing EC2 instance - you could use the reference from the existing answer here : Boto Execute shell command on ec2 instance

IMO, to be able to start a script inside the EC2, the script should be present on the EC2.

hrmnjt
  • 183
  • 7