Amazon EC2 Systems Manager is a management service that helps you automatically collect software inventory, apply OS patches, create system images, and configure Windows and Linux operating systems. These capabilities help you define and track system configurations, prevent drift, and maintain software compliance of your EC2 and on-premises configurations. By providing a management approach that is designed for the scale and agility of the cloud but extends into your on-premises data center, EC2 Systems Manager makes it easier for you to seamlessly bridge your existing infrastructure with AWS.
EC2 Systems Manager is easy to use. Simply access EC2 Systems Manager from the EC2 Management Console, select the instances you want to manage, and define the management tasks you want to perform. EC2 Systems Manager is available now at no cost to manage both your EC2 and on-premises resources.
Manage Hybrid Cloud Systems
With EC2 Systems Manager you can manage systems running on AWS and in your on-premises data center through a single interface. EC2 Systems Manager uses a light-weight agent installed on your EC2 instances and on-premises servers that communicates securely with the Systems Manager service and executes management tasks. This helps you manage resources for Windows and Linux operating systems running on Amazon EC2 and in data center infrastructure such as VMware ESXi, Microsoft Hyper-V, and other platforms.
Easy to Use Automation
EC2 Systems Manager lets you easily automate complex and repetitive tasks such as applying OS patches across a large group of instances, making regular updates to AMIs, and enforcing configuration policies. EC2 Systems Manager has a simple interface to define your management tasks and then select a specific set of resources to manage. Tasks can be configured to run automatically based either on the results of software inventory collection or events registered by Amazon CloudWatch events.
Improve Visibility and Control
EC2 Systems Manager helps you easily understand and control the current state of your EC2 instance and OS configurations. With EC2 Systems Manager, you can collect software configuration and inventory information about your fleet of instances and the software installed on them. You can track detailed system configuration, OS patch levels, application configurations, and other details about your deployment. Integration with AWS Config lets you easily view changes as they occur over time.
Maintain Software Compliance
EC2 Systems Manager helps keep your systems compliant with your defined configuration policies. You can define patch baselines, maintain up-to-date anti-virus definitions, and enforce firewall policies. With EC2 Systems Manager, you can maintain software compliance and improve your security posture.
EC2 Systems Manager helps you reduce costs by providing easy to use, automated tools for tracking, updating and maintaining your software and OS configurations. With EC2 Systems Manager, you can automatically maintain systems that are compliant so you don’t waste time on manual updates, or add risk associated with non-compliant systems.
Secure Role-Based Management
EC2 Systems Manager helps improve your security posture in several ways. Through integration with AWS Identity and Access Management (IAM), you can apply granular permissions to control the actions users perform. All actions taken by EC2 Systems Manager are recorded by AWS CloudTrail, allowing you to audit changes throughout your environment.
Run Command provides a simple way of automating common administrative tasks like remotely executing shell scripts or PowerShell commands, installing software updates, or making changes to the configuration of OS, software, EC2 and instances and servers in your on-premises data center.
State Manager helps you define and maintain consistent OS configurations such as firewall settings and anti-malware definitions to comply with your policies. You can monitor the configuration of a large set of instances, specify a configuration policy for the instances, and automatically apply updates or configuration changes.
Inventory helps you collect and query configuration and inventory information about your instances and the software installed on them. You can gather details about your instances such as installed applications, DHCP settings, agent detail, and custom items. You can run queries to track and audit your system configurations.
Maintenance windows let you define a recurring window of time to run administrative and maintenance tasks across your instances. This ensures that installing patches, updates, or making other configuration changes do not disrupt business critical operations, which helps improve your application availability.
Patch Manager helps you select and deploy operating system and software patches automatically across large groups of instances. You can define a maintenance window for patches to be applied only during set times that fit your needs. These capabilities are helpful to ensure your software is always up to date and meets your compliance policies.
The Automation feature simplifies common maintenance and deployment tasks, such as updating Amazon Machine Images (AMI). With the Automation feature in EC2 Systems Manager, you can apply patches, update drivers and agents, or bake applications in to your AMI using a streamlined, repeatable, and auditable process.