Services or capabilities described in this page might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China Regions. Only “Region Availability” and “Feature Availability and Implementation Differences” sections for specific services (in each case exclusive of content referenced via hyperlink) in Getting Started with Amazon Web Services in China Regions form part of the Documentation under the agreement between you and Sinnet or NWCD governing your use of services of Amazon Web Services China (Beijing) Region or Amazon Web Services China (Ningxia) Region (the “Agreement”). Any other content contained in the Getting Started pages does not form any part of the Agreement.

Amazon Systems Manager Documentation

Amazon Systems Manager allows you to centralize operational data from multiple services of Amazon Web Services China Regions and manage tasks across your Amazon Web Services resources. You can create logical groups of resources such as applications, different layers of an application stack, or production versus development environments. With Systems Manager, you can select a resource group and view its recent API activity, resource configuration changes, related notifications, operational alerts, software inventory, and patch compliance status. You can also act on each resource group depending on your operational needs. Systems Manager provides a central place to view and manage your Amazon Web Services resources, so you can have visibility and control over your operations.

Explorer

Amazon Systems Manager Explorer is a customizable dashboard, providing key insights and analysis into the operational health and performance of your Amazon Web Services environment. Explorer is designed to aggregate operational data from across Amazon Web Services accounts and Amazon Web Services Regions to help you prioritize and identify where action may be required.

OpsCenter

OpsCenter provides a central location where operations engineers and IT professionals can view, investigate, and resolve operational issues related to Amazon Web Services resources. OpsCenter is designed to aggregate and standardize operational issues, referred to as OpsItems, while providing contextually relevant data that helps with diagnosis and remediation. Engineers working on an OpsItem get access to information such as:
 
  • Event, resource and account details
  • Past OpsItems with similar characteristics
  • Related Amazon Config changes
  • Amazon CloudTrail logs
  • Amazon CloudWatch alarms
  • Stack information
  • Other quick-links to access logs and metrics
  • List of runbooks and recommended runbooks
  • Other information passed to OpsCenter through Services of Amazon Web Services China Regions
 
This information helps engineers to investigate and remediate operational issues faster. Engineers can use OpsCenter to view and address issues using the Systems Manager console or via the Systems Manager OpsCenter APIs.

Incident Manager

Amazon Systems Manager Incident Manager enables faster resolution of critical application availability and performance issues. It helps you prepare for incidents with response plans that bring the right people and information together. With Incident Manager, you can act when a critical issue is detected by an Amazon CloudWatch alarm or Amazon Eventbridge event. Incident Manager is designed to execute pre-configured response plans to engage responders via SMS and phone calls, link designated chat channels using Amazon Chatbot, and execute Amazon Systems Manager Automation runbooks. Incident Manager helps you improve service reliability by suggesting post-incident action items, such as automating a runbook step or adding a new alarm, based on Amazon Web Services’ post-incident analysis template.

Application Manager

Amazon Systems Manager Application Manager helps you investigate and remediate issues with your Amazon Web Services resources in the context of your applications. With Application Manager, you can discover and/or define your application components, view operations data (e.g. deployment status, Amazon CloudWatch alarms, resource configurations, and operational issues) in the context of an application, and perform remedial actions such as patching and running Automation runbooks. This helps improve operational workflows for your applications and avoids the need to use different consoles to investigate and remediate operational issues. You can use Application Manager to view data and alarms and act on your existing container clusters in Amazon ECS and EKS environments. Additionally, you can also manage the full lifecycle of your Amazon CloudFormation templates and stacks from within the Application Manager console.

AppConfig

Amazon AppConfig helps you deploy application configuration in a managed and a monitored way just like code deployments, but without the need to deploy the code if a configuration value changes. Amazon AppConfig is designed to scale with your infrastructure so you can deploy configurations to any number of Amazon EC2 instances, containers, Amazon Lambda functions, mobile apps, IoT devices or on-premises instances. Amazon AppConfig enables you to update configurations by entering changes through the API or Console. Amazon AppConfig allows you to validate those changes semantically and syntactically to ensure configurations are aligned to their respective applications’ expectation, thus enabling you to help prevent potential outages. You can deploy your application configurations with similar best practices as code deployments, including staging roll-outs, monitoring alarms, and roll back changes should an error occur.

Parameter Store

Amazon Systems Manager provides a centralized store to manage your configuration data, whether plain-text data such as database strings, or secrets such as passwords. This allows you to separate your secrets and configuration data from your code. Parameters can be tagged and organized into hierarchies, helping you manage parameters more easily. For example, you can use the same parameter name, "db-string", with a different hierarchical path, "dev/db-string” or “prod/db-string", to store different values. Systems Manager is integrated with Amazon Key Management Service (KMS), allowing you to encrypt the data you store. You can also control user and resource access to parameters using Amazon Identity and Access Management (IAM). Parameters can be referenced through other services of Amazon Web Services, such as Amazon Elastic Container Service, Amazon Lambda, and Amazon CloudFormation.

Change Manager

Amazon Systems Manager Change Manager is designed to simplify the way you request, approve, implement, and report on operational changes to your application configuration and infrastructure on Amazon Web Services Cloud and on-premises. With Change Manager, you can use pre-approved change workflows to help avoid unintentional results when making operational changes. Change Manager helps you safely implement changes, while helping you to detect schedule conflicts with important business events and notify impacted approvers. Using Change Manager’s change reports, you can monitor progress and audit operational changes across your organization, providing improved visibility and accountability.

Automation

Amazon Systems Manager is designed to help you to safely automate common and repetitive IT operations and management tasks. With Systems Manager Automation, you can use predefined playbooks, or you can build, run, and share wiki-style automated playbooks to enable Amazon Web Services resource management across multiple accounts and Amazon Web Services China Regions. You can execute Python or PowerShell scripts as part of a playbook in combination with other automation actions such as approvals, Amazon API calls, or running commands on your EC2 instances. The service is designed so these playbooks can be scheduled in a maintenance window, triggered based on changes to Amazon Web Services resources through Amazon CloudWatch Events, or executed directly through the Amazon Web Services Management Console, CLIs, and SDKs. You can track the execution of each step in a playbook, require approvals, incrementally roll out changes, and halt the roll out if errors occur.

Maintenance Windows

Amazon Systems Manager lets you schedule windows of time to run administrative and maintenance tasks across your instances. This helps you to select a convenient and safe time to install patches and updates or make other configuration changes, improving the availability and reliability of your services and applications.

Fleet Manager

Amazon Systems Manager Fleet Manager is designed to streamline your remote server management process. With Fleet Manager, you can manage and troubleshoot your fleet of servers running on Amazon Web Services Cloud and on-premises. You can drill down to individual servers to perform common troubleshooting and management tasks using a centralized graphical user interface. Perform a variety of system administration tasks, including disk and file exploration, log management, Windows Registry operations, and user management, without needing to remotely connect to your virtual machines, saving your administrators time and effort.

Compliance

Amazon Systems Manager is designed to aggregate and display operational data for each resource group through a dashboard. Systems Manager eliminates the need for you to navigate across multiple consoles to view your operational data. With Systems Manager you can view API call logs from Amazon CloudTrail, resource configuration changes from Amazon Config, software inventory, and patch compliance status by resource group. You can also integrate your Amazon CloudWatch Dashboards, Amazon Trusted Advisor notifications, and Amazon Personal Health Dashboard performance and availability alerts into your Systems Manager dashboard. Systems Manager centralizes relevant operational data, to help you view your infrastructure compliance and performance.

Inventory

Amazon Systems Manager helps you collect information about your instances and the software installed on them, so you can better understand your system configurations and installed applications. You can collect data about applications, files, network configurations, Windows services, registries, server roles, updates, and any other system properties. The gathered data enables you to manage application assets, track licenses, monitor file integrity, discover applications not installed by a traditional installer, and more.

Session Manager

Amazon Systems Manager provides a browser-based interactive shell and CLI for managing Windows and Linux EC2 instances, without the need to open inbound ports, manage SSH keys, or use bastion hosts. Administrators can grant and revoke access to instances through a central location by using Amazon Identity and Access Management (IAM) policies. This helps you to control which users can access each instance, including the option to provide non-root access to specified users. The service is designed so that once access is provided, you can audit which user accessed an instance and log each command to Amazon S3 or Amazon Cloud Watch Logs using Amazon CloudTrail.

Run Command

Amazon Systems Manager is designed to help you safely and securely remotely manage your instances at scale without logging into your servers, replacing the need for bastion hosts, SSH, or remote PowerShell. It provides a simple way of managing common administrative tasks across groups of instances such as registry edits, user management, and software and patch installations. Through integration with Amazon Identity and Access Management (IAM), you can apply granular permissions to help you control the actions users can perform on instances. The service is designed so that all actions taken with Systems Manager are recorded by Amazon CloudTrail, allowing you to audit changes throughout your environment.

State Manager

Amazon Systems Manager provides configuration management, which helps you maintain consistent configuration of your Amazon EC2 or on-premises instances. Amazon Systems Manager is designed to help you control configuration details such as server configurations, anti-virus definitions, firewall settings, and more. You can define configuration policies for your servers through the Amazon Web Services Management Console or use existing scripts, PowerShell modules, or Ansible playbooks directly from GitHub or Amazon S3 buckets. Amazon Systems Manager is designed to apply your configurations across your instances at a time and frequency that you define. You can query Amazon Systems Manager at any time to help you view the status of your instance configurations, giving you on-demand visibility into your compliance status.

Patch Manager

Amazon Systems Manager helps you select and deploy operating system and software patches across large groups of Amazon EC2 or on-premises instances. Through patch baselines, you can set rules designed to approve select categories of patches to be installed, such as operating system or high severity patches, and you can specify a list of patches that override these rules and are approved or rejected. You can also schedule maintenance windows for your patches so that they are only applied during preset times. Amazon Systems Manager helps you ensure that your software is up-to-date and meets your compliance policies.

Distributor

Amazon Systems Manager helps you securely distribute and install software packages, such as software agents. Systems Manager Distributor is designed to help you centrally store and systematically distribute software packages while you maintain control over versioning. You can use Distributor to create and distribute software packages and then install them using Systems Manager Run Command and State Manager. Distributor can also use Identity and Access Management (IAM) policies to control who can create or update packages in your account. You can use the existing IAM policy support for Systems Manager Run Command and State Manager to help you define who can install packages on your hosts.

Connect with ITSM / ITOM Software

IT Service Management (ITSM) tools, such as Jira Service Desk, can connect with Amazon Systems Manager to make it easier for ITSM platform users to manage Amazon Web Services resources. These Amazon Service Management Connectors provide Jira Service Desk administrators governance and oversight over Amazon Web Services products.

Additional Information

For additional information about service controls, security features and functionalities, including, as applicable, information about storing, retrieving, modifying, restricting, and deleting data, please see https://docs.amazonaws.cn/en_us. This additional information does not form part of the Documentation for purposes of the Sinnet Customer Agreement for Amazon Web Services (Beijing Region), Western Cloud Data Customer Agreement for Amazon Web Services (Ningxia Region) or other agreement between you and Sinnet or NWCD governing your use of services of Amazon Web Services China Regions.