What is Amazon Systems Manager? - Amazon Systems Manager
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

What is Amazon Systems Manager?

Amazon Systems Manager (formerly known as SSM) is an Amazon service that you can use to view and control your infrastructure on Amazon. Using the Systems Manager console, you can view operational data from multiple Amazon services and automate operational tasks across your Amazon resources. Systems Manager helps you maintain security and compliance by scanning your managed instances and reporting on (or taking corrective action on) any policy violations it detects.

A managed instance is a machine configured for use with Systems Manager. Systems Manager also helps you configure and maintain your managed instances. Supported machine types include Amazon Elastic Compute Cloud (Amazon EC2) instances, on-premises servers, and virtual machines (VMs), including VMs in other cloud environments. Supported operating system types include Windows Server, macOS, Raspberry Pi OS (formerly Raspbian), and multiple distributions of Linux.

Using Systems Manager, you can associate Amazon resources together by applying the same identifying resource tag to each of them. You can then view operational data for these resources as a resource group, to help monitor and troubleshoot.

For example, you can assign a resource tag of "Operation=Standard OS Patching" to the following resources:

  • A group of Amazon EC2 instances

  • A group of on-premises servers in your own facility

  • A Systems Manager patch baseline that specifies which patches to apply to your managed instances

  • An Amazon Simple Storage Service (Amazon S3) bucket to store patching operation log output

  • A Systems Manager maintenance window that specifies the schedule for the patching operation

After tagging the resources, you can view a consolidated dashboard in Systems Manager that reports the status of all the resources that are part of the patching operation in Standard OS Patching operation. If a problem arises with any of these resources, you can take corrective action immediately.

Capabilities in Systems Manager

Systems Manager is comprised of individual capabilities, which are grouped into five categories: Operations Management, Application Management, Change Management, Node Management, and Shared Resources.

This collection of capabilities is a powerful set of tools and features that you can use to perform many operational tasks. For example:

  • Group Amazon resources together by any purpose or activity you choose, such as application, environment, Region, project, campaign, business unit, or software lifecycle.

  • Centrally define the configuration options and policies for your managed instances.

  • Centrally view, investigate, and resolve operational work items related to Amazon resources.

  • Automate or schedule a variety of maintenance and deployment tasks.

  • Use and create runbook-style SSM documents that define the actions to perform on your managed instances.

  • Run a command, with rate and error controls, that targets an entire fleet of managed instances.

  • Securely connect to a managed instance without having to open an inbound port or manage SSH keys.

  • Separate your secrets and configuration data from your code by using parameters, with or without encryption, and then reference those parameters from other Amazon services.

  • Perform automated inventory by collecting metadata about your Amazon EC2 and on-premises managed instances. Metadata can include information about applications, network configurations, and more.

  • View consolidated inventory data from multiple Amazon Web Services Regions and Amazon Web Services accounts that you manage.

  • See which resources in your account are out of compliance and take corrective action from a centralized dashboard.

  • View active summaries of metrics and alarms for your Amazon resources.

Systems Manager simplifies resource and application management, shortens the time to detect and resolve operational problems, and helps you operate and manage your Amazon infrastructure securely at scale.

Note

Amazon Systems Manager was formerly known as Amazon Simple Systems Manager (SSM) and Amazon EC2 Systems Manager (SSM). For more information, see Systems Manager service name history.

Systems Manager supported Amazon Web Services Regions

Systems Manager is available in the Amazon Web Services Regions listed in Systems Manager service endpoints in the Amazon Web Services General Reference. Before starting your Systems Manager configuration process, we recommend that you verify the service is available in each of the Amazon Web Services Regions you want to use it in.

For on-premises servers and VMs in your hybrid environment, we recommend that you choose the Region closest to your data center or computing environment.

Systems Manager pricing

Some Systems Manager capabilities charge a fee. For more information, see Amazon Systems Manager Pricing.

Systems Manager service name history

Systems Manager was formerly known as "Amazon Simple Systems Manager (SSM)" and "Amazon EC2 Systems Manager (SSM)". The original abbreviated name of the service, "SSM", is still reflected in various Amazon resources, including a few other service consoles. Some examples:

  • Systems Manager Agent: SSM Agent

  • Systems Manager parameters: SSM parameters

  • Systems Manager service endpoints: ssm.us-east-2.amazonaws.com

  • Amazon CloudFormation resource types: AWS::SSM::Document

  • Amazon Config rule identifier: EC2_INSTANCE_MANAGED_BY_SSM

  • Amazon Command Line Interface (Amazon CLI) commands: aws ssm describe-patch-baselines

  • Amazon Identity and Access Management (IAM) managed policy names: AmazonSSMReadOnlyAccess

  • Systems Manager resource ARNs: arn:aws:ssm:us-east-2:111222333444:patchbaseline/pb-07d8884178EXAMPLE

Related API references

Related content

  • The following resources can help you work directly with Systems Manager.

    The following related resources can help you as you work with this service.

    • Classes & Workshops – Links to role-based and specialty courses, in addition to self-paced labs to help sharpen your Amazon skills and gain practical experience.

    • Amazon Developer Tools – Links to developer tools, SDKs, IDE toolkits, and command line tools for developing and managing Amazon applications.

    • Amazon Whitepapers – Links to a comprehensive list of technical Amazon whitepapers, covering topics such as architecture, security, and economics and authored by Amazon Solutions Architects or other technical experts.

    • Amazon Web Services Support Center – The hub for creating and managing your Amazon Web Services Support cases. Also includes links to other helpful resources, such as forums, technical FAQs, service health status, and Amazon Trusted Advisor.

    • Amazon Web Services Support – The primary webpage for information about Amazon Web Services Support, a one-on-one, fast-response support channel to help you build and run applications in the cloud.

    • Contact Us – A central contact point for inquiries concerning Amazon billing, account, events, abuse, and other issues.

    • Amazon Site Terms – Detailed information about our copyright and trademark; your account, license, and site access; and other topics.