AWS Systems Manager features

AWS Systems Manager enhances visibility to easily see managed and unmanaged nodes in environments across their organizations’ AWS accounts and Regions— all in one place by using a delegated administrator account. Once unmanaged nodes are remediated, meaning they are managed by Systems Manager, you can leverage the full suite of Systems Manager tools to perform operational tasks. You can also quickly gain a comprehensive understanding of node information such as instance ID, name, OS name and version, agents installed, and tags for improved operational efficiency.

Once nodes are managed, you can run operational tasks such as patching. You can automate operating system and software patching across cloud, on-premises, and across AWS accounts and Regions. Using patch baselines, you can auto-approve certain patch categories and override rules. You can also schedule maintenance windows for patching. Systems Manager helps you update software and is patch compliant.

AWS Systems Manager provides you safe, secure remote management of your nodes at scale without logging into your servers, replacing the need for bastion hosts, SSH, or remote PowerShell. It provides a simple way of automating common operational tasks across groups of nodes such as registry edits, user management, and software and patch installations.

AWS Systems Manager simplifies node management at scale by helping customers correctly install the SSM Agent on their nodes. You can schedule diagnoses on a recurring basis to identify SSM Agent issues, such as networking misconfigurations and outdated software, and remediate issues using pre-defined runbooks.

You can extend your visibility and control of your nodes via Amazon Q Developer. You can use natural language querying in Amazon Q Developer to quickly search and summarize node data across AWS accounts and Regions, helping you identify issues and take action faster.