This thread is a bit old, but since I’ve spent a frustrating afternoon discovering a simple solution, I might as well share it.
NB This is not a strict answer to the OP’s question, as it doesn’t use ssh. But, one point of boto3 is that you don’t have to – so I think in most circumstances this would be the preferred way of achieving the OP’s goal, as s/he can use his/her existing boto3 configuration trivially.
AWS’ Run Command is built into botocore (so this should apply to both boto and boto3, as far as I know) but disclaimer: I’ve only tested this with boto3.
def execute_commands_on_linux_instances(client, commands, instance_ids):
"""Runs commands on remote linux instances
:param client: a boto/boto3 ssm client
:param commands: a list of strings, each one a command to execute on the instances
:param instance_ids: a list of instance_id strings, of the instances on which to execute the command
:return: the response from the send_command function (check the boto3 docs for ssm client.send_command() )
"""
resp = client.send_command(
DocumentName="AWS-RunShellScript", # One of AWS' preconfigured documents
Parameters={'commands': commands},
InstanceIds=instance_ids,
)
return resp
# Example use:
ssm_client = boto3.client('ssm') # Need your credentials here
commands = ['echo "hello world"']
instance_ids = ['an_instance_id_string']
execute_commands_on_linux_instances(ssm_client, commands, instance_ids)
For windows instance powershell commands you’d use an alternative option:
DocumentName="AWS-RunPowerShellScript",