AWS EC2 (Cloud Compute Capacity)

Run arbitrary workloads on provisioned Cloud Compute Capacity in AWS

Type: Cloud Provider / Infrastructure

Website: https://aws.amazon.com/ec2/

General docs: https://aws.amazon.com/ec2/resources/

API Docs: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/making-api-requests.html

Authentication

To connect EC2 to Orchestra, you will need to follow the same process you normally do when dealing with service principals in AWS:

• An AWS IAM user with the required permissions for the job you wish to run

• An access key for the IAM user

Instructions

1. Navigate to the IAM console in the AWS account you wish to run the job in.

2. Attach the required permissions. See below for the required permissions for each job.

3. Generate a CLI access key for the User. More information is available in the AWS docs here. Once the access key is generated you can download a CSV containing your Access Key ID and Secret Access key.

Required Permissions

EC2 SSM run script. The following actions are required. You can specify the resource if desired.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "VisualEditor0",
      "Effect": "Allow",
      "Action": [
        "ssm:SendCommand",
        "ssm:ListCommands",
        "ssm:CancelCommand",
        "ssm:ListCommandInvocations"
      ],
      "Resource": "*"
    }
  ]
}

Jobs

Job name	Description
EC2 SSM Run Script	This job triggers runs a script in your EC2 instance