Systems Manager Automation runbook reference
To help you get started quickly, Amazon Systems Manager provides predefined runbooks. These runbooks are maintained by Amazon Web Services, Amazon Web Services Support, and Amazon Config. The runbook reference describes each of the predefined runbooks provided by Systems Manager, Amazon Web Services Support, and Amazon Config.
Important
If you run an automation workflow that invokes other services by using an Amazon Identity and Access Management
(IAM) service role, be aware that the service role must be configured with
permission to invoke those services. This requirement applies to all Amazon
Automation runbooks (AWS-*
runbooks) such as the
AWS-ConfigureS3BucketLogging
,
AWS-CreateDynamoDBBackup
, and
AWS-RestartEC2Instance
runbooks, to name a few. This
requirement also applies to any custom Automation runbooks you create that
invoke other Amazon services by using actions that call other services. For
example, if you use the aws:executeAwsApi
,
aws:createStack
, or aws:copyImage
actions, then
you must configure the service role with permission to
invoke those services. You can enable permissions to other Amazon services by
adding an IAM inline policy to the role. For more information, see Add an Automation inline policy to invoke other Amazon services.
This reference includes topics that describe each of the Systems Manager runbooks that are owned by Amazon, Amazon Web Services Support, and Amazon Config. Runbooks are organized by the relevant Amazon Web Services service. Each page provides an explanation of the required and optional parameters that you can specify when using the runbook. Each page also lists the steps in the runbook and the output of the automation, if any.
This reference does not include a separate page for runbooks that
require approval such as the AWS-CreateManagedLinuxInstanceWithApproval
or
AWS-StopEC2InstanceWithApproval
runbook. Any runbook name that includes
WithApproval
, means the runbook includes the aws:approve
action. This action temporarily pauses an automation until designated principals
either approve or reject the action. After the required number of approvals is reached, the
automation resumes.
For information about running automations, see Running a simple automation. For information about running automations on multiple targets, see Running automations that use targets and rate controls.
Topics
- View runbook content
- API Gateway
- Amazon Batch
- Amazon CloudFormation
- CloudFront
- CloudTrail
- CloudWatch
- Amazon DocumentDB
- CodeBuild
- Amazon CodeDeploy
- Amazon Config
- Amazon Connect
- Amazon Directory Service
- Amazon AppSync
- Amazon Athena
- DynamoDB
- Amazon EBS
- Amazon EC2
- Amazon ECS
- Amazon EFS
- Amazon EKS
- Elastic Beanstalk
- Elastic Load Balancing
- Amazon EMR
- Amazon OpenSearch Service
- EventBridge
- Amazon Glue
- Amazon FSx
- GuardDuty
- IAM
- Amazon Kinesis Data Streams
- Amazon KMS
- Lambda
- Amazon Managed Workflows for Apache Airflow
- Neptune
- Amazon RDS
- Amazon Redshift
- Amazon S3
- Amazon SES
- SageMaker
- Secrets Manager
- Security Hub
- Amazon Shield
- Amazon SNS
- Amazon SQS
- Step Functions
- Systems Manager
- Third-party
- Amazon VPC
- Amazon WAF
- Amazon WorkSpaces
- X-Ray
View runbook content
You can view the content for runbooks in the Systems Manager console.
To view runbook content
Open the Amazon Systems Manager console at https://console.amazonaws.cn/systems-manager/
. In the navigation pane, choose Documents.
-or-
If the Amazon Systems Manager home page opens first, choose the menu icon ( ) to open the navigation pane, and then choose Documents in the navigation pane.
-
In the Categories section, choose Automation documents.
-
Choose a runbook, and then choose View details.
-
Choose the Content tab.