아무리 su - 특정유저 를 send_command의 commands에 넣어도 유저가 바뀌지 않는 문제가 있었다..
확인을 해보니... 스택 오버플로우에 나같은 사람이 있어서 참고하여 진행할수 있었다.
무조건 루트계정으로 실행되는게 맞는 것같다.
(설치용이라서 그런가..?)
공식다큐
공식다큐를 참조하면 runas로 설정할수있다고 하는데 root로만 실행되는게 이해가 되지는 않지만... id로 체크해보면 계속 root로 뜨더라...
I didn't find anything on AWS or boto3 docs that allows for that, but I was able to execute as a different user using the runuser command. In theory, you could do the same thing with a combination of sudo and su commands, but this one is pretty simpler.
For that, you can do as follows:
runuser -l userNameHere -c '/path/to/command arg1 arg2'
runuser command 설명0
runuser command 예시
Since send-command executes as root, you don't have any issues.
Note: I thought that send-command uses in some way a session managed by the SSM Session Manager, but I was wrong. I spent a good time configuring SSM Session Manager preferences and tagging IAM resources according to this doc and this one, but send-command always execute as root as far I saw.