Trying to run a bash on AWS SSM

Question

i'm trying to run a few bash commands/scripts in AWS' Systems Manager using an automation document.

i keep getting this error

below are my settings in the automation document.

There is no way for me to define what type of string it is.

here's a printout of the code. i was told by aws to put ' at the beginning and end of it.

'#### errocodes'
'#### 0 hanadb state = OK'
'#### 10    hanadb state = STOPPED'
'#### 20    hanadb state = WARNING'
'#### 30    hanadb state = ERROR'
''
'# stop hana db'
'echo "Stopping Hana DB"'
'sudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function Stop'
''
'# check hana db state'
'echo "Checking if Hana DB is running."'
'HANADBSTATUS=`sudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function GetProcessList`'
'sleep 20'
'if [[ "$HANADBSTATUS" =~ "GRAY" ]]'
'then'
'    echo "Hana DB is stopped."'
'    exit 10'
'else'
'i=1'
'while [[ ! "$HANADBSTATUS" =~ "GRAY" ]] && [[ "$i" -lt 11 ]]'
'   do'
'       echo "Warning: HANA DB is running. Checking 10 times with 20 second intervalls until script aborts. This is check $i." '
'       sudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function Stop'
'       sleep 20'
'       # check db state again'
'       HANADBSTATUS=`sudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function GetProcessList`'
'       ((i++))'
'       if [ "$i" = 10 ]'
'           then'
'               echo "Error: retried $i-Times. Couldnt stop DB. Exiting Script."'
'               echo "Script aborts with Error 0"'
'               exit 0'
'       fi'
'   done'
'   if [[ "$HANADBSTATUS" =~ "GRAY" ]]'
'    then'
'        echo "Hana DB is stopped."'
'        exit 10'
'   fi'
'fi'

Answer 1

For those who may stumble here for an answer. Yes, you can execute a bash script via ssm document, use aws provided ssm document "aws:runShellScript" to execute your script. ssm agent need to be installed on the EC2 with the appropriate instance profile attached with needed ssm permissions.

You don't need to single or double quote before and after your commands as mentioned in the question. Key is to use -| as script identifier and then type in your commands with proper indentation (2 spaces in my case)

Here is a sample ssm document doing so

---
schemaVersion: "2.2"
description: Execute a shell script on an ec2 instance based on application and environment parameter

#-----------------------------------------
# Parameters
#-----------------------------------------
parameters:
  application:
  type: String
  description: Name of an application

environment:
  type: String
  description: Application environment
  allowedValues:
    - dev
    - test
    - qa
    - prod

#-----------------------------------------
# Main steps
#-----------------------------------------
mainSteps:
- action: "aws:runShellScript"
  name: "ExecuteBashScript"
  description: |
    Run a bash script on an EC2 instance
  onFailure: Abort
  timeoutSeconds: 300
  inputs:
  runCommand:
  - |
  # check if the instance belongs to the application
  echo "Checking if the current instance belongs to the application [{{ application }}]"
  currentInstance=`curl http://169.254.169.254/latest/meta-data/instance-id`
  applicationTag=`aws ec2 describe-tags --region={{ buildRegion }} --filters "Name=resource-id,Values=$currentInstance" --output text | grep application | awk '{print $5}'`
  environmentTag=`aws ec2 describe-tags --region={{ buildRegion }} --filters "Name=resource-id,Values=$currentInstance" --output text | grep environment | awk '{print $5}'`
  echo "Current instance is [$currentInstance] with application tag as [$applicationTag] and environment tag as [$environmentTag]"

  if [[ "$applicationTag" == "{{ application }}" && "$environmentTag" == "{{ environment }}" ]]
  then
    echo "Current instance [$currentInstance] with environment [$environmentTag] does belong to the application [{{ application }}] and environment [{{ environment }}]"
    // other logic
  else
    echo "Current instance [$currentInstance] with environment [$environmentTag] doesn't belong to the application [{{ application }}] and environment [{{ environment }}], exiting now ...."  && exit -1
  fi