Running commands on managed nodes - Amazon Systems Manager
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Running commands on managed nodes

This section includes information about how to send commands from the Amazon Systems Manager console to managed nodes. This section also includes information about how to cancel a command.

For information about how to send commands using Windows PowerShell, see Walkthrough: Use the Amazon Tools for Windows PowerShell with Run Command or the examples in the Amazon Systems Manager section of the Amazon Tools for PowerShell Cmdlet Reference. For information about how to send commands using the Amazon Command Line Interface (Amazon CLI), see the Walkthrough: Use the Amazon CLI with Run Command or the examples in the SSM CLI Reference.

Important

When you send a command using Run Command, don't include sensitive information formatted as plaintext, such as passwords, configuration data, or other secrets. All Systems Manager API activity in your account is logged in an S3 bucket for Amazon CloudTrail logs. This means that any user with access to S3 bucket can view the plaintext values of those secrets. For this reason, we recommend creating and using SecureString parameters to encrypt sensitive data you use in your Systems Manager operations.

For more information, see Restricting access to Systems Manager parameters using IAM policies.