This action helps you to execute remote bash command for AWS EC2 instance without SSH or other accessing.
(This action internally uses AWS SSM Send-Command.)
- To use this action, you have to set AWS IAM Role
AmazonSSMFullAccessto your IAM user. - Also your EC2 Instance must have IAM Role including
AmazonSSMFullAccess.
name: AWS SSM Send-Command Example
on:
push:
branches: [master]
jobs:
start:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: AWS SSM Send-Command
uses: boltandrke/aws-ssm-send-command@master
id: ssm
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
instance-ids: ${{ secrets.INSTANCE_ID }}
branch: ${{ steps.meta.branch }}
tag: ${{ steps.meta.tag }}
sha: ${{ steps.meta.sha }}
comment: Hello world!
# Catch SSM outputs
- name: Get the outputs
run: echo "The Command id is ${{ steps.ssm.outputs.command-id }}"Required Your IAM access key id.
Required Your IAM secret access key id.
Required AWS EC2 Instance region. (e.g. us-west-1, us-northeast-1, ...)
Required The id of AWS EC2 instance id (e.g i-xxx...)
# single instance
instance-ids: i-0b1f8b18a1d450000
# multiple instances (maxium 50 values)
instance-ids: |
i-0b1f8b18a1d450000
i-0b1f8b18a1d450001
i-0b1f8b18a1d450002Repo branch name
# default
branch: mainRepo tag name
# default
tag: v1.2.3Repo sha
# default
tag: dqjoi22Logging message attached AWS SSM.
# default
comment: Executed by Github ActionsAWS SSM Run-Command id. (uuid type)
# example
6cf26b6f-b68f-4e20-b801-f6ee5318d000This error occurs when you are not set AWS IAM role about SSM. Please set the IAM permission AmazonSSMFullAccess (recommended)
This error occurs when you are not attach AWS IAM role to your EC2 instance. Please set the IAM role AmazonSSMFullAccess (recommended)
In almost error cases, those issues would be resolved when you set IAM Role to your
AWS AccountandEC2 IAM Role.