From cd74be9fa268127f7320efbcce21cbe0e8bc2421 Mon Sep 17 00:00:00 2001
From: bhoff <bruce.hoff@sagebase.org>
Date: Mon, 7 Oct 2024 08:16:39 -0700
Subject: [PATCH] IT-3860: Changed document type from 'Command' to 'Automation'
 to be compatible with SSM Automation

---
 .../Scheduled-Script-Automation.yaml          | 38 ++++++++++---------
 1 file changed, 20 insertions(+), 18 deletions(-)

diff --git a/org-formation/090-systems-manager/Scheduled-Script-Automation.yaml b/org-formation/090-systems-manager/Scheduled-Script-Automation.yaml
index b7945e51..03ff3a07 100644
--- a/org-formation/090-systems-manager/Scheduled-Script-Automation.yaml
+++ b/org-formation/090-systems-manager/Scheduled-Script-Automation.yaml
@@ -257,12 +257,12 @@ Resources:
   AutomationDocumentScriptExecution:
     Type: "AWS::SSM::Document"
     Properties:
-      DocumentType: "Command" # Automation
-      Name: "Automation-Run-Script-5" # TODO
+      DocumentType: Automation
+      Name: "Automation-Run-Script"
       Content:
-        schemaVersion: "2.2" # 0.3
+        schemaVersion: '0.3'
         description: "Run a parameterized script on EC2 instances"
-#        assumeRole: '{{ AutomationAssumeRole }}' TODO
+        assumeRole: '{{ AutomationAssumeRole }}'
         parameters:
           ScriptUrl:
             type: String
@@ -284,26 +284,28 @@ Resources:
             default: 120
         mainSteps:
         - name: "runScript" # Note: spaces and hyphens are not allowed in this name
-          action: "aws:runShellScript" # aws:runCommand
-#          timeoutSeconds: '{{ ExecutionTimeoutSeconds }}' # TODO causes error "Invalid request provided: JSON not well-formed. at Line: 43, Column: 24"
+          action: aws:runCommand
           onFailure: Abort
           inputs:
+            # see https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-action-runcommand.html
+            DocumentName: AWS-RunShellScript
+            MaxConcurrency: !Ref MaximumConcurrency
+            MaxErrors: !Ref MaximumErrors           
             Targets:
             - Key: 'tag:{{ TargetTagName }}'
               Values:
                 - '{{ TargetTagValue }}'
+            TimeoutSeconds: '{{ ExecutionTimeoutSeconds }}'
             Parameters:
               ScriptUrl: '{{ ScriptUrl }}'
               SsmParameterNameToEnvvarMap: '{{ SsmParameterNameToEnvvarMap }}'
-            MaxConcurrency: !Ref MaximumConcurrency
-            MaxErrors: !Ref MaximumErrors
-            runCommand:
-            - "sudo su root"
-            - "SSM_TO_ENV_MAP=( {{ SsmParameterNameToEnvvarMap }} )"
-            - "for KV in ${SSM_TO_ENV_MAP[@]} ; do"
-            - "  export ${KV%%:*}=${KV##*:}"
-            - "done"
-            - "SCRIPT_PATH=/tmp/script.sh"
-            - "wget -O $SCRIPT_PATH {{ ScriptUrl }}"
-            - "chmod +x $SCRIPT_PATH"
-            - "$SCRIPT_PATH"
+              Commands:
+              - "sudo su root"
+              - "SSM_TO_ENV_MAP=( {{ SsmParameterNameToEnvvarMap }} )"
+              - "for KV in ${SSM_TO_ENV_MAP[@]} ; do"
+              - "  export ${KV%%:*}=${KV##*:}"
+              - "done"
+              - "SCRIPT_PATH=/tmp/script.sh"
+              - "wget -O $SCRIPT_PATH {{ ScriptUrl }}"
+              - "chmod +x $SCRIPT_PATH"
+              - "$SCRIPT_PATH"