AWS Systems Manager
User Guide

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

AWS Systems Manager OpsCenter

OpsCenter provides a central location where operations engineers and IT professionals can view, investigate, and resolve operational work items (OpsItems) related to AWS resources. OpsCenter is designed to reduce mean time to resolution for issues impacting AWS resources. This Systems Manager capability aggregates and standardizes OpsItems across services while providing contextual investigation data about each OpsItem, related OpsItems, and related resources. OpsCenter also provides Systems Manager Automation documents (runbooks) that you can use to quickly resolve issues. You can specify searchable, custom data for each OpsItem. You can also view automatically-generated summary reports about OpsItems by status and source.

OpsCenter is integrated with Amazon CloudWatch Events. This means you can create CloudWatch Events rules that automatically create OpsItems for any AWS service that publishes events to CloudWatch Events. For example, you can configure SSM OpsItems as the target for the following types of events, and hundreds more:

  • Security issues, such as alerts from AWS Security Hub

  • Performance issues, such as a throttling event for Amazon DynamoDB or degraded Amazon Elastic Block Store (EBS) volume performance

  • Failures, such as an Amazon EC2 Auto Scaling group failure to launch an instance or a Systems Manager Automation execution failure

  • Health alerts, such as an AWS Health alert for scheduled maintenance

  • State changes, such as an Amazon EC2 instance state change from Running to Stopped

OpsCenter is also integrated with Amazon CloudWatch Application Insights for .NET and SQL Server. This means you can automatically create OpsItems for problems detected in your applications.

Operations engineers and IT professionals can create, view, and edit OpsItems by using the OpsCenter page in the AWS Systems Manager console, public API actions, the AWS CLI, AWS Tools for Windows PowerShell, or the AWS SDKs. You can also use AWS Lambda with Amazon SNS to create OpsItems from sources like CloudWatch alarms. OpsCenter public API actions also enable you to integrate OpsCenter with your case management systems and health dashboards.

How Can OpsCenter Benefit My Organization?

AWS Systems Manager OpsCenter enables a standard and unified experience for viewing, working on, and remediating issues related to AWS resources. A standard and unified experience improves the time it takes to remedy issues, investigate related issues, and train new operations engineers and IT professionals. A standard and unified experience also reduces the number of manual errors entered into the system of managing and remediating issues.

More specifically, OpsCenter offers the following benefits for operations engineers and organizations:

  • You no longer need to navigate across multiple console pages to view, investigate, and resolve OpsItems related to AWS resources. OpsItems are aggregated, across services, in a central location.

  • You can view service-specific and contextually relevant data for OpsItems that are automatically generated by Amazon CloudWatch Events and CloudWatch Application Insights for .NET and SQL Server.

  • You can specify the Amazon Resource Name (ARN) of a resource related to an OpsItem. By specifying related resources, OpsCenter uses built-in logic to help you avoid creating duplicate OpsItems.

  • You can view details and resolution information about similar OpsItems.

  • You can quickly view information about and execute Systems Manager Automation documents (runbooks) to resolve issues.

What Are the Features of OpsCenter?

  • Automated and manual OpsItem creation

    OpsCenter is integrated with Amazon CloudWatch Events. This means you can create CloudWatch rules that automatically create OpsItems for any AWS service that publishes events to CloudWatch Events. You can also manually create OpsItems.

    OpsCenter is also integrated with Amazon CloudWatch Application Insights for .NET and SQL Server. This means you can automatically create OpsItems for problems detected in your applications.

  • Detailed and searchable OpsItems

    Each OpsItem includes multiple fields of information, including a title, ID, priority, description, the source of the OpsItem, and the date/time it was last updated. Each OpsItem also includes the following configurable features:

    • Status: Open, In progress, Resolved, or Open and In progress.

    • Related resources: A related resource is the impacted resource or the resource that triggered the Amazon CloudWatch Events event that created the OpsItem. Each OpsItem includes a Related resources section where OpsCenter automatically lists the Amazon Resource Name (ARN) of the related resource. You can also manually specify ARNs of related resources. For some ARN types, OpsCenter automatically creates a deep link that displays details about the resource without having to visit other console pages to view that information. For example, if you specify the ARN of an EC2 instance, you can view all of the EC2-provided details about that instance in OpsCenter. You can manually add the ARNs of additional related resources. Each OpsItem can list a maximum of 100 related resource ARNs. For more information, see Working with Related Resources.

    • Related and Similar OpsItems: The Related OpsItems feature lets you specify the IDs of OpsItems that are in some way related to the current OpsItem. The Similar OpsItem feature automatically reviews OpsItem titles and descriptions and then lists other OpsItems that may be related or of interest to you.

    • Searchable and private operational data: Operational data is custom data that provides useful reference details about the OpsItem. For example, you can specify log files, error strings, license keys, troubleshooting tips, or other relevant data. You enter operational data as key-value pairs. The key has a maximum length of 128 characters. The value has a maximum size of 20 KB.

      This custom data is searchable, but with restrictions. For the Searchable operational data feature, all users with access to the OpsItem Overview page (as provided by the DescribeOpsItems API action) can view and search on the specified data. For the Private operational data feature, the data is only viewable by users who have access to the OpsItem (as provided by the GetOpsItem API action).

    • Deduplication: By specifying related resources, OpsCenter uses built-in logic to help you avoid creating duplicate OpsItems. Additionally, OpsItems that are automatically created from an event in CloudWatch include a deduplication string to reduce the number of duplicate OpsItems. For more information, see Reducing Duplicate OpsItems.

  • Easy remediation using runbooks

    Each OpsItem includes a Runbooks section with a list of Systems Manager Automation documents that you can use to automatically remediate common issues with AWS resources. After you execute a runbook from an OpsItem, the runbook is automatically associated with the related resource of the OpsItem for future reference and easy execution. Additionally, if you automatically set up OpsItem rules in CloudWatch by using OpsCenter, then CloudWatch automatically associates runbooks for common events. For more information, see Remediating OpsItem Issues Using Systems Manager Automation.

  • Change notification: You can specify the ARN of an Amazon Simple Notification Service (SNS) topic and publish notifications anytime an OpsItem is changed or edited. The SNS topic must exist in the same AWS Region as the OpsItem.

  • Comprehensive OpsItem search capabilities: OpsCenter provides multiple search options to help you quickly locate OpsItems. Here a few examples of how you can search: OpsItem ID, Title, Last modified time, Operational data value, Source, and Automation ID of a runbook execution, to name a few. You can further limit search results by using status filters.

  • OpsItem summary reports

    OpsCenter includes a summary report page that automatically displays the following sections:

    • Status summary: a summary of OpsItems by status (Open, In progress, Resolved, Open and In progress).

    • Sources with most open OpsItems: a breakdown of the top AWS services with open OpsItems.

    • OpsItems by source and age: a count of OpsItems grouped by source and days since creation.

    For more information about viewing OpsCenter summary reports, see Viewing OpsCenter Summary Reports.

  • IAM access control

    By using AWS Identity and Access Management (IAM) policies, you can control which members of your organization can create, view, list, and update OpsItems. You can also assign tags to OpsItems and then create IAM policies that give access to users and groups based on tags. For more information, see Getting Started with OpsCenter.

  • Logging and auditing capability support

    You can audit and log OpsCenter user actions in your AWS account through integration with other AWS services. For more information, see Auditing and Logging OpsCenter Activity.

  • Console, CLI, PowerShell, and SDK access to OpsCenter capabilities

    You can work with OpsCenter by using the AWS Systems Manager console, AWS CLI, AWS Tools for PowerShell, or the AWS SDK of your choice.

How Does OpsCenter Work with Amazon CloudWatch Events? Which Service Should I Use?

Amazon CloudWatch Events delivers a near real-time stream of system events that describe changes in AWS resources. Using simple rules that you can quickly set up, you can match events and route them to one or more target functions or streams. Generally speaking, CloudWatch Events lets you know there is a problem with your resources.

OpsCenter helps you investigate and remediate the problem. OpsCenter brings together data from CloudWatch Events or data entered manually by engineers so that your engineers can perform a thorough investigation. OpsCenter also provides Automation runbooks for quickly remediating those issues. OpsCenter integrates with CloudWatch Events by enabling you to automatically create OpsItems (or you can manually create OpsItems) to address the following types of issues: performance degradation, state changes, execution failures, maintenance notifications, and security alerts.

Does OpsCenter Integrate with My Existing Case Management System?

OpsCenter is designed to complement your existing case management systems. You can integrate OpsItems into your existing case management system by using public API actions. You can also maintain manual lifecycle workflows in your current systems and use OpsCenter as an investigation and remediation hub.

For information about OpsCenter public API actions, see the following API actions in the AWS Systems Manager API Reference.

Is There a Charge to Use OpsCenter?

Yes. For more information, see AWS Systems Manager Pricing.

Does OpsCenter Work with My On-Premises and Hybrid Managed Instances?

Yes. You can use OpsCenter to investigate and remediate issues with your on-premises managed instances that are configured for Systems Manager. For more information about setting up and configuring on-premises servers and virtual machines for Systems Manager, see Setting Up AWS Systems Manager for Hybrid Environments.

What are the resource limits for OpsCenter?

Resource Default limit

Total number of OpsItems allowed per account per AWS Region (including Open and Resolved OpsItems)

500,000

Maximum number of OpsItems per account per month

10,000

Maximum operational data value size

20 KB

Maximum number of associated Automation runbooks per OpsItem

10

Maximum number of Automation runbook executions stored in operational data under a single associated runbook

10

Maximum number of related resources you can specify per OpsItem

100

Maximum number of related OpsItems you can specify per OpsItem

10

Maximum length of a deduplication string

64 characters