Important Features and Services of SSM

SSM Inventory

SSM Inventory allows users to collect metadata about instances, on-site servers, and VMs managed by SSM. This metadata can include information about the OS, installed software, network configuration, running services, and more. We can use the SSM Inventory to create a centralized inventory of all our managed instances and automate tasks such as software patching, deployment, and configuration management.

Points to note:

• Inventory data can be viewed in the AWS Management Console or sent to S3 buckets for storage.
• SSM Inventory allows for automatic inventory collection. We can schedule regular inventory collection to keep our inventory data up to date.
• We can encrypt the inventory data that SSM Inventory collects with KMS.

SSM State Manager

The SSM State Manager allows users to automate the process of maintaining the desired state of their managed instances. With State Manager, we can create associations that specify a desired configuration state for managed instances and then automatically apply that state to the instances on a schedule or in response to specific events.

Here are some use cases for State Manager:

• Installing software updates on a schedule.
• Running scripts on instances to configure them.
• Enforcing security policies.
• Applying maintenance windows.

Note: We can use CloudFormation to create and manage State Manager associations as part of our IAC strategy.