Systems Manager prerequisites - AWS Systems Manager

Systems Manager prerequisites

The prerequisites for using AWS Systems Manager to manage your Amazon Elastic Compute Cloud (Amazon EC2) instances, on-premises servers, and virtual machines (VMs) are covered step by step in the Setting Up chapters of this user guide:

This topic provides an overview of these prerequisites.

To complete prerequisites for using Systems Manager

  1. Create an AWS account and configure the required AWS Identity and Access Management (IAM) roles.

  2. Verify that Systems Manager is supported in the AWS Regions where you want to use the service.

  3. Verify that your instances run a supported operating system.

  4. For Amazon EC2 instances, create an IAM instance profile and attach it to your machines.

  5. For on-premises servers and VMs, create an IAM service role for a hybrid environment.

  6. (Recommended) Create a VPC endpoint in Amazon Virtual Private Cloud (Amazon VPC) to use with Systems Manager.

    If you don't use a VPC endpoint, configure your managed instances to allow HTTPS (port 443) outbound traffic to the Systems Manager endpoints. For information, see (Optional) Create a Virtual Private Cloud endpoint.

  7. On on-premises servers, VMs, and Amazon EC2 instances created from Amazon Machine Images (AMIs) that aren't supplied by AWS, ensure that a Transport Layer Security (TLS) certificate is installed.

  8. For on-premises servers and VMs, register the machines with Systems Manager through the managed instance activation process.

  9. Install or verify installation of the SSM Agent on each of your managed instances.


SSM Agent initiates all connections to the Systems Manager service in cloud. For this reason, you don't need to configure your firewall to allow inbound traffic to your instances for Systems Manager.

If EC2 instances you have created aren't displaying in Systems Manager after you've follow these steps, see Troubleshooting Amazon EC2 managed instance availability.

Integration with IAM and Amazon EC2

User access to Systems Manager, its capabilities, and its resources are controlled through policies that you use or create in AWS Identity and Access Management. If you plan to use computing resources provided by AWS and on-premises servers and virtual machines (VMs), you also need to understand Amazon Elastic Compute Cloud before you set up Systems Manager for your organization. Understanding how these services work is essential to successfully set up Systems Manager.

For more information about Amazon EC2, see the following:

For more information about IAM, see the following: