Setting up AWS Systems Manager for hybrid environments - AWS Systems Manager
AWS services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with AWS services in China.

Setting up AWS Systems Manager for hybrid environments

This section describes the setup tasks that account and system administrators perform for a hybrid environment. A hybrid environment includes on-premises servers and virtual machines (VMs) that have been configured for use with Systems Manager, including VMs in other cloud environments. After these steps are complete, users who have been granted permissions by the AWS account administrator can use AWS Systems Manager to configure and manage their organization's on-premises servers and virtual machines (VMs).


macOS is not currently supported for Systems Manager hybrid environments.

If you plan to use Systems Manager to manage Amazon Elastic Compute Cloud (EC2) instances, or to use both EC2 instances and your own resources in a hybrid environment, follow the steps in Setting up AWS Systems Manager first.

Configuring your hybrid environment for Systems Manager enables you to do the following:

  • Create a consistent and secure way to remotely manage your hybrid workloads from one location using the same tools or scripts.

  • Centralize access control for actions that can be performed on your servers and VMs by using AWS Identity and Access Management (IAM).

  • Centralize auditing and your view into the actions performed on your servers and VMs by recording all actions in AWS CloudTrail.

    For information about using CloudTrail to monitor Systems Manager actions, see Logging AWS Systems Manager API calls with AWS CloudTrail.

  • Centralize monitoring by configuring EventBridge and Amazon SNS to send notifications about service execution success.

    For information about using EventBridge to monitor Systems Manager events, see Monitoring Systems Manager events with Amazon EventBridge.

About managed instances

After you finish configuring your servers and VMs for Systems Manager as described in this section, your hybrid machines are listed in the AWS Management Console and described as managed instances. EC2 instances configured for Systems Manager are also described as managed instances. In the console, however, the IDs of your hybrid instances are distinguished from EC2 instances with the prefix "mi-". EC2 instance IDs use the prefix "i-".

For more information, see AWS Systems Manager Managed Instances.

About instance tiers

AWS Systems Manager offers a standard-instances tier and an advanced-instances tier for servers and VMs in your hybrid environment. The standard-instances tier enables you to register a maximum of 1,000 on-premises servers or VMs per AWS account per AWS Region. If you need to register more than 1,000 on-premises servers or VMs in a single account and Region, then use the advanced-instances tier. Advanced instances also enable you to connect to your hybrid machines by using AWS Systems Manager Session Manager. Session Manager provides interactive shell access to your instances.

For more information, see Configuring instance tiers.