Amazon EC2 Simple Systems Manager (SSM) is an Amazon Web Services tool that allows an IT professional to automatically configure virtual servers in a cloud or in on-premises data center. An IT pro uses scripts, commands or the Elastic Compute Cloud (EC2) console to manage EC2 instances, virtual machines (VMs) or servers hosted on other clouds, or within local environments such as Windows.
Amazon EC2 Simple Systems Manager includes the EC2 Run Command feature, which an IT team uses as needed to execute commands for VMs, as well as an SSM Config feature that enables a team to set configuration preferences.
Before using the EC2 Run Command, an administrator must register on-premises servers and VMs, which are called "managed instances" after registration. An instance must be launched with an AWS Identity and Access Management role to grant required permissions.
The SSM service includes predefined documents to remotely configure instances with a variety of actions. An IT administrator can also choose to create a document specific to his or her company. A developer then executes these actions on the Commands page of the EC2 console using AWS Tools for Windows PowerShell, through the AWS Command Line Interface or through software development kits.
EC2 Run Command records the status of each command on each instance. It also enables an auditor to see who executed the commands and when.
SSM Config, which is only available for Windows instances, lets a developer specify a configuration setup for instances. A developer uses SSM documents to specify which actions the system should perform on instances, such as application and component installation, joining an instance to a Microsoft Active Directory domain or delivering custom log file data to Amazon CloudWatch. The system checks for a new configuration every five minutes, allowing a company to maintain consistent configurations across its instances.