AWS just made managing your EC2 fleet a whole lot easier.
With the latest update, AWS Systems Manager now supports custom configuration during on-boarding, allowing you to tailor how your EC2 instances connect to Systems Manager and how frequently they report metadata or update agents.
π Whatβs New?
When enabling the new Systems Manager experience, you can now:
π Enable or disable default EC2 permissions
π Set your own inventory collection frequency
π Control how often the SSM Agent updates
π§ Use your own IAM policies instead of AWS defaults (via opt-out)
π§ Why This Matters
Previously, on-boarding EC2 instances into Systems Manager meant:
- Manually attaching IAM roles
- Accepting AWS's default inventory schedules
- Custom scripting for agent updates
Now, it's all streamlined. You get centralized configuration across accounts and regions with less manual work.
π‘ Real-World Example
Let's say you're managing 100+ EC2 instances across multiple AWS accounts. With this new on-boarding customization:
β
Use Default Host Management Configuration (DHMC) so AWS handles permissions for you
π Set inventory collection to every 6 hours
π Update the SSM Agent every 3 days
π Or opt out of AWS defaults and use your own Infrastructure as Code (IaC) setup
Itβs flexibility and automation β your way.
π¦ Integration with IaC Tools
You can also configure these settings using tools like:
- Terraform
- CloudFormation
- AWS CDK
This makes it easier to align Systems Manager with your CI/CD pipelines and security posture.
π Final Thoughts
This update simplifies Systems Manager on-boarding and gives you fine-grained control without giving up automation. Whether you're managing a few instances or scaling across environments, this feature helps you reduce overhead and enforce standards.
βοΈ Have you tried the new Systems Manager on-boarding? Letβs discuss in the comments!
Top comments (0)