Amazon EC2 Systems Manager – Key Points We need to know

Amazon EC2 Systems Manager is a flexible and easy to use management service that enables enterprises to securely manage and administer their workloads, running on-premises or in AWS, using a single unified AWS experience. EC2 Systems Manager is designed to be highly automation focused to enable configuration and management of instances at a large scale, while making it really simple to write and maintain automation artifacts.

It is another service which going to kill slowly others by extending support to on-premises servers. The beauty of this service is, it is absolutely free as long as you meet the pre-requisites.  It covers all we need like patching, compliance management, automation, inventory etc. Interesting one is Parameter Store using which you can store your password encrypted reducing the manual overhead of storing and managing it in configuration files. It can be easily integrated with IAM and KMS.
Even though it is supported on-premises servers, it is going to be challenging as AWS needs to push all updates directly and also collect the inventory from each endpoint in corporate data centers. We end up with making many holes on the firewalls and also lot of traffic between AWS and our data centers. This will not only overload your network but also increases your AWS bill.  It was good to have something site agents which can coordinate with agents in the sites and report back to the SSM services in the AWS cloud. This would avoid too much of client connecting directly to the AWS cloud over the link and will be easy to maintain the firewall rules as well. AWS does not recommend keeping many workloads on our premise as they want everything to be moved to the cloud so we may have to rule out anything like that in the future. Below diagram show how the service manager connects to the endpoints.


It is a strategic move as this would provide one more case to move the workload to the cloud as this would reduce the cost to like SCCM, IEM, HPCM, Flexera, etc.even though those tools have its own merits. This will force tools companies to get their tools to the AWS ecosystem. I believe AWS is leaving some vaccum for other tools to perform as AWS tools may not be as sophisticated as other dedicated vendors like Microsoft, IBM, HP etc. So that means if somebody wants to use our tools, yes it is available and  you can meet standard requirements but there are other tools available in our ecosystem for you to use if you need additional functionalities.

Find some more facts below.

What are the supported OS?

It supports the windows from 2003 to 2016.

Instances must be running a supported version of Linux.

  • 64-Bit and 32-Bit Systems
    • Amazon Linux 2014.09, 2014.03 or later
    • Ubuntu Server 16.0.4 LTS, 14.04 LTS, or 12.04 LTS
    • Red Hat Enterprise Linux (RHEL) 6.5 or later

CentOS 6.3 or later

  • 64-Bit Systems Only
    • Amazon Linux 2015.09, 2015.03 or later
    • Red Hat Enterprise Linux (RHEL) 7.x or later
    • CentOS 7.1 or later

However, Patch Manager is only supported in Windows endpoints.

Available Regions

Please remember that we do not have this services available in all the regions. If you are looking for starting this for your hybrid environment

Region Name Region Endpoint Protocol
US East (N. Virginia) us-east-1 HTTPS
US East (Ohio) us-east-2 HTTPS
US West (N. California) us-west-1 HTTPS
US West (Oregon) us-west-2 HTTPS
Asia Pacific (Singapore) ap-southeast-1 HTTPS
Asia Pacific (Sydney) ap-southeast-2 HTTPS
Asia Pacific (Tokyo) ap-northeast-1 HTTPS
Asia Pacific (Seoul) ap-northeast-2 HTTPS
EU (Frankfurt) eu-central-1 HTTPS
EU (Ireland) eu-west-1 HTTPS
South America (São Paulo) sa-east-1 HTTPS

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: