AWS just made managing your EC2 fleet a whole lot easier.
With the latest update, AWS Systems Manager now supports custom configuration during on-boarding, allowing you to tailor how your EC2 instances connect to Systems Manager and how frequently they report metadata or update agents.
๐ Whatโs New?
When enabling the new Systems Manager experience, you can now:
๐ Enable or disable default EC2 permissions
๐ Set your own inventory collection frequency
๐ Control how often the SSM Agent updates
๐ง Use your own IAM policies instead of AWS defaults (via opt-out)
๐ง Why This Matters
Previously, on-boarding EC2 instances into Systems Manager meant:
- Manually attaching IAM roles
- Accepting AWS's default inventory schedules
- Custom scripting for agent updates
Now, it's all streamlined. You get centralized configuration across accounts and regions with less manual work.
๐ก Real-World Example
Let's say you're managing 100+ EC2 instances across multiple AWS accounts. With this new on-boarding customization:
โ
Use Default Host Management Configuration (DHMC) so AWS handles permissions for you
๐ Set inventory collection to every 6 hours
๐ Update the SSM Agent every 3 days
๐ Or opt out of AWS defaults and use your own Infrastructure as Code (IaC) setup
Itโs flexibility and automation โ your way.
๐ฆ Integration with IaC Tools
You can also configure these settings using tools like:
- Terraform
- CloudFormation
- AWS CDK
This makes it easier to align Systems Manager with your CI/CD pipelines and security posture.
๐ Final Thoughts
This update simplifies Systems Manager on-boarding and gives you fine-grained control without giving up automation. Whether you're managing a few instances or scaling across environments, this feature helps you reduce overhead and enforce standards.
โ๏ธ Have you tried the new Systems Manager on-boarding? Letโs discuss in the comments!
Top comments (0)