AWS just made managing your EC2 fleet a whole lot easier.
With the latest update, AWS Systems Manager now supports custom configuration during on-boarding, allowing you to tailor how your EC2 instances connect to Systems Manager and how frequently they report metadata or update agents.
🚀 What’s New?
When enabling the new Systems Manager experience, you can now:
🔐 Enable or disable default EC2 permissions
🕒 Set your own inventory collection frequency
🔄 Control how often the SSM Agent updates
🔧 Use your own IAM policies instead of AWS defaults (via opt-out)
🧠 Why This Matters
Previously, on-boarding EC2 instances into Systems Manager meant:
- Manually attaching IAM roles
- Accepting AWS's default inventory schedules
- Custom scripting for agent updates
Now, it's all streamlined. You get centralized configuration across accounts and regions with less manual work.
💡 Real-World Example
Let's say you're managing 100+ EC2 instances across multiple AWS accounts. With this new on-boarding customization:
✅ Use Default Host Management Configuration (DHMC) so AWS handles permissions for you
🕓 Set inventory collection to every 6 hours
🔁 Update the SSM Agent every 3 days
🔒 Or opt out of AWS defaults and use your own Infrastructure as Code (IaC) setup
It’s flexibility and automation — your way.
📦 Integration with IaC Tools
You can also configure these settings using tools like:
- Terraform
- CloudFormation
- AWS CDK
This makes it easier to align Systems Manager with your CI/CD pipelines and security posture.
🔚 Final Thoughts
This update simplifies Systems Manager on-boarding and gives you fine-grained control without giving up automation. Whether you're managing a few instances or scaling across environments, this feature helps you reduce overhead and enforce standards.
✍️ Have you tried the new Systems Manager on-boarding? Let’s discuss in the comments!