AWS Systems Manager Documentation
AWS Systems Manager helps you to safely automate common and repetitive IT operations and management tasks across multiple accounts and AWS Regions. Systems Manager provides a central place to view and manage your resource on AWS and in multicloud and hybrid environments, so you can have visibility and control over your operations.
Explorer
Connect with ITSM / ITOM Software
IT Service Management (ITSM) tools, such as Jira Service Desk, can connect with AWS Systems Manager to make it easier for ITSM platform users to manage AWS resources. These AWS Service Management Connectors provide Jira Service Desk administrators governance and oversight over AWS products.
OpsCenter
Incident Manager
Application Manager
AWS Systems Manager Application Manager helps you investigate and remediate issues with your resources on AWS and in multicloud and hybrid environments in the context of your applications. With Application Manager, you can discover and/or define your application components, view operations data (e.g. deployment status, Amazon CloudWatch alarms, resource configurations, and operational issues) in the context of an application, and perform remedial actions such as patching and running Automation runbooks. This helps improve operational workflows for your applications and avoids the need to use different consoles to investigate and remediate operational issues. You can use Application Manager to view data and alarms and act on your existing container clusters in Amazon ECS and Amazon EKS environments. Additionally, you can also manage the full lifecycle of your AWS CloudFormation templates and stacks from within the Application Manager console.
AWS AppConfig
AWS AppConfig helps you deploy application configuration in a managed and a monitored way just like code deployments, but without the need to deploy the code if a configuration value changes. AWS AppConfig is designed to scale with your infrastructure so you can deploy configurations to any number of Amazon EC2 instances, containers, AWS Lambda functions, mobile apps, IoT devices or on-premises instances. AWS AppConfig enables you to update configurations by entering changes through the API or Console. AWS AppConfig allows you to validate those changes semantically and syntactically to ensure configurations are aligned to their respective applications’ expectation, thus enabling you to help prevent potential outages. You can deploy your application configurations with similar best practices as code deployments, including staging roll-outs, monitoring alarms, and roll back changes should an error occur.
Parameter Store
Change Manager
Automation
AWS Systems Manager is designed to help you to safely automate common and repetitive IT operations and management tasks. With Systems Manager Automation, you can author custom runbooks with a low-code visual designer, or choose predefined runbooks provided by AWS. You can execute Python or PowerShell scripts as part of a runbook in combination with other automation actions such as approvals, AWS API calls, or running commands on your EC2 instances. The service is designed so these runbooks can be scheduled in a maintenance window, triggered based on changes to AWS resources through Amazon CloudWatch Events, or executed directly through the AWS Management Console, CLIs, and SDKs. You can track the execution of each step in a runbook, require approvals, incrementally roll out changes, and halt the roll out if errors occur.
Maintenance Windows
Fleet Manager
AWS Systems Manager Fleet Manager is designed to streamline your remote server management process for servers and edge devices. With Fleet Manager, you can manage and troubleshoot your fleet running on AWS or on-premises, without the need to remotely connect to them. You can drill down to individual nodes (services, devices, or other resources) to perform common troubleshooting and management tasks such as disk and file exploration, log management, Windows Registry operations, and user management from a console. In break-glass scenarios, you can gain secure shell, CLI, and console-based Remote Desktop Protocol (RDP) access to your instances, from a console.
Compliance
AWS Systems Manager is designed to aggregate and display operational data for each resource group through a dashboard. Systems Manager eliminates the need for you to navigate across multiple AWS consoles to view your operational data. With Systems Manager you can view API call logs from AWS CloudTrail, resource configuration changes from AWS Config, software inventory, and patch compliance status by resource group. You can also integrate your AWS CloudWatch Dashboards, AWS Trusted Advisor notifications, and AWS Personal Health Dashboard performance and availability alerts into your Systems Manager dashboard. Systems Manager centralizes relevant operational data, to help you view your infrastructure compliance and performance.
Inventory
Session Manager
Run Command
AWS Systems Manager is designed to help you safely and securely remotely manage your instances at scale without logging into your servers, replacing the need for bastion hosts, SSH, or remote PowerShell. It provides a simplified way of managing common administrative tasks across groups of instances such as registry edits, user management, and software and patch installations. Through integration with AWS Identity and Access Management (IAM), you can apply granular permissions to help you control the actions users can perform on instances. The service is designed so that actions taken with Systems Manager are recorded by AWS CloudTrail, allowing you to audit changes throughout your environment.
State Manager
AWS Systems Manager provides configuration management, which helps you maintain consistent configuration of your Amazon EC2 or on-premises instances. AWS Systems Manager is designed to help you control configuration details such as server configurations, anti-virus definitions, firewall settings, and more. You can define configuration policies for your servers through the AWS Management Console or use existing scripts, PowerShell modules, or Ansible playbooks directly from GitHub or Amazon S3 buckets. AWS Systems Manager is designed to apply your configurations across your instances at a time and frequency that you define. You can query AWS Systems Manager at any time to help you view the status of your instance configurations, giving you on-demand visibility into your compliance status.
Patch Manager
AWS Systems Manager helps you select and deploy operating system and software patches across large groups of Amazon EC2 or on-premises instances. Through patch baselines, you can set rules designed to approve select categories of patches to be installed, such as operating system or high severity patches, and you can specify a list of patches that override these rules and are approved or rejected. You can also schedule maintenance windows for your patches so that they are only applied during preset times. AWS Systems Manager helps you ensure that your software is up-to-date and meets your compliance policies.
Distributor
AWS Systems Manager helps you securely distribute and install software packages, such as software agents. Systems Manager Distributor is designed to help you centrally store and systematically distribute software packages while you maintain control over versioning. You can use Distributor to create and distribute software packages and then install them using Systems Manager Run Command and State Manager. Distributor can also use Identity and Access Management (IAM) policies to control who can create or update packages in your account. You can use the existing IAM policy support for Systems Manager Run Command and State Manager to help you define who can install packages on your hosts.
Additional Information
For additional information about service controls, security features and functionalities, including, as applicable, information about storing, retrieving, modifying, restricting, and deleting data, please see https://docs.aws.amazon.com/index.html. This additional information does not form part of the Documentation for purposes of the AWS Customer Agreement available at http://aws.amazon.com/agreement, or other agreement between you and AWS governing your use of AWS’s services.