AWS.SSM
Simple Systems Manager (SSM) is a set of capabilities that can help you manage your Amazon EC2 instances running on Windows. SSM enables you to run scripts or other common administrative tasks on your instances using either SSM Run Command or SSM Config.
Run Command extends the server administration capabilities of SSM by offering an on-demand experience for executing commands. You can use pre-defined Amazon SSM documents (formerly called configuration documents) to perform the actions listed later in this section, or you can create your own documents. With these document, you can then remotely configure your instances by sending commands using the AWS command line interface (CLI), AWS Tools for Windows PowerShell, or the Commands page in the Amazon EC2 console. Additionally, because Run Command enables you to execute PowerShell commands or scripts, you can administer your instances remotely using PowerShell as though you were logged on locally to the instance. Run Command reports the status of the command execution for each instance targeted by a command. You can also audit the command execution to understand who executed commands, when, and what changes were made. By switching between different SSM documents, you can quickly configure your instances with different types of commands.
SSM Config is a lightweight instance configuration solution. With SSM Config, you can specify a setup configuration for your instances. SSM Config is similar to EC2 User Data, which is another way of running one-time scripts or applying settings during instance launch. SSM Config is an extension of this capability. Using SSM documents, you can specify which actions the system should perform on your instances, including which applications to install, which AWS Directory Service directory to join, which Microsoft PowerShell modules to install, etc. If an instance is missing one or more of these configurations, the system makes those changes. By default, the system checks every five minutes to see if there is a new configuration to apply as defined in a new SSM document. If so, the system updates the instances accordingly. In this way, you can remotely maintain a consistent configuration baseline on your instances. SSM Config is available using the AWS CLI or the AWS Tools for Windows PowerShell.
- Join an AWS Directory Service directory (SSM Config and Run Command)
- Install, repair, or uninstall software using an MSI package (SSM Config and Run Command)
- Install PowerShell modules (SSM Config and Run Command)
- Configure CloudWatch Logs to monitor applications and systems (SSM Config and Run Command)
- Run PowerShell commands or scripts (Run Command only)
- Update the EC2Config service (Run Command only)
- Configure Windows Update settings (Run Command only)
Summary
Functions
Attempts to cancel the command specified by the Command ID. There is no guarantee that the command will be terminated and the underlying process stopped
Associates the specified SSM document with the specified instance
Associates the specified SSM document with the specified instances
Creates an SSM document
Disassociates the specified SSM document from the specified instance
Deletes the SSM document and all instance associations to the document
Describes the associations for the specified SSM document or instance
Describes the specified SSM document
Describes one or more of your instances. You can use this to get information about instances like the operating system platform, the SSM agent version, status etc. If you specify one or more instance IDs, it returns information for those instances. If you do not specify instance IDs, it returns information for all your instances. If you specify an instance ID that is not valid or an instance that you do not own, you receive an error
Gets the contents of the specified SSM document
Lists the associations for the specified SSM document or instance
An invocation is copy of a command sent to a specific instance. A command can apply to one or more instances. A command invocation applies to one instance. For example, if a user executes SendCommand against three instances, then a command invocation is created for each requested instance ID. ListCommandInvocations provide status about command execution
Lists the commands requested by users of the AWS account
Describes one or more of your SSM documents
Executes commands on one or more remote instances
Updates the status of the SSM document associated with the specified instance
Functions
Attempts to cancel the command specified by the Command ID. There is no guarantee that the command will be terminated and the underlying process stopped.
Associates the specified SSM document with the specified instance.
When you associate an SSM document with an instance, the configuration agent on the instance processes the document and configures the instance as specified.
If you associate a document with an instance that already has an associated document, the system throws the AssociationAlreadyExists exception.
Associates the specified SSM document with the specified instances.
When you associate an SSM document with an instance, the configuration agent on the instance processes the document and configures the instance as specified.
If you associate a document with an instance that already has an associated document, the system throws the AssociationAlreadyExists exception.
Creates an SSM document.
After you create an SSM document, you can use CreateAssociation to
associate it with one or more running instances.
Disassociates the specified SSM document from the specified instance.
When you disassociate an SSM document from an instance, it does not change the configuration of the instance. To change the configuration state of an instance after you disassociate a document, you must create a new document with the desired configuration and associate it with the instance.
Deletes the SSM document and all instance associations to the document.
Before you delete the SSM document, we recommend that you use DeleteAssociation to disassociate all instances that are associated with the document.
Describes the associations for the specified SSM document or instance.
Describes one or more of your instances. You can use this to get information about instances like the operating system platform, the SSM agent version, status etc. If you specify one or more instance IDs, it returns information for those instances. If you do not specify instance IDs, it returns information for all your instances. If you specify an instance ID that is not valid or an instance that you do not own, you receive an error.
Lists the associations for the specified SSM document or instance.
An invocation is copy of a command sent to a specific instance. A command can apply to one or more instances. A command invocation applies to one instance. For example, if a user executes SendCommand against three instances, then a command invocation is created for each requested instance ID. ListCommandInvocations provide status about command execution.
Lists the commands requested by users of the AWS account.