Working with AWS Systems Manager

• 1: Setting up AWS Systems Manager
• 2: FAQs on AWS Systems Manager

1 - Setting up AWS Systems Manager

You must set up AWS Systems Manager to use the Systems Manager Agent (SSM Agent).

You can set up Systems Manager for:

• An AWS instance
• A non-AWS instance or an on-premise platform

After the SSM Agent is installed in an instance, ensure that the auto-update option is disabled, as we do not support auto-update. If the SSM Agent gets auto updated, the service will get corrupted.

For more information about automatic updates for SSM Agent, refer to the following link:

SSM Agent Automatic Updates

Setting up Systems Manager for AWS Instance

To set up Systems Manager for an AWS instance:

1. Assign the IAM Role created in the section Prerequisites.

   For more information about attaching an IAM role to an instance, refer to the following link:

   https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#attach-iam-role

2. Start the Amazon SSM-Agent from the Services menu or run the following command to start the SSM-Agent.

   /etc/init.d/amazon-ssm-agent start

Setting up Systems Manager for non-AWS Instance

To set up Systems Manager for non-AWS instance:

1. Create a hybrid activation for the Linux instances.

   For more information about creating a managed instance activation for a hybrid environment, refer to the following link:

   https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-managed-instance-activation.html

   Important: After you successfully complete the activation, an Activation Code and Activation ID appears. Copy this information and save it. If you lose this information, then you must create a new activation.

2. Login to the CLI as an admin user and open the OS Console.

3. Using the Activation Code and Activation ID obtained in Step 1, run the following command to activate and register the SSM-Agent.

   amazon-ssm-agent -register -code <activation-code> -id <activation-id> -region <region>

   Here <region> is the identifier of the instance region.

4. Note the instance-id. This will be used to perform operations from SSM-Agent.

   For more information on how to register a managed instance, refer to the following link:

   https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-install-managed-linux.html#systems-manager-install-managed-linux-deregister-reregister

5. Start the Amazon SSM-Agent from the Services menu or run the following command to start the SSM-Agent.

   /etc/init.d/amazon-ssm-agent start

2 - FAQs on AWS Systems Manager

This section lists the FAQs on AWS Systems Manager.

What can I do when there is a problem with starting the service or the service is automatically updated?

Uninstall and reinstall the Cloud Utility AWS product.

For more information on installing and uninstalling the services, refer Add/Remove Services.

What is the name of the service?

The service name is Amazon SSM-Agent.

What can I do if the AWS Systems Manager shows a permission denied message after attaching the correct IAM Role?

Restart the service after attaching the IAM role for new permissions to take effect.

Is the Amazon SSM-Agent service available in the Services menu in the Web UI and the CLI?

Yes.

Can I manage the Amazon SSM-Agent service from the Menu option in the Web UI?

Yes, you can start or stop and restart the Amazon SSM Agent service from the Menu option in the Web UI.