Skip to content

What is State Manager and how much do you need it in AWS ?

How to keep configuration constant on AWS EC2 - State Manager

If you are using AWS and you don’t know what State Manager is yet, I encourage you to read this article. If you’ve ever asked yourself one of the following questions and haven’t found an answer to it yet, then this article is definitely for you 🙂

  • What to do when users need to access the EC2 machine, but like to change settings on it?
  • How to keep configuration unchanged on EC2?
  • How to make sure that certain services are turned on all the time and others turned off?
  • What will you do if the user disables ssh? How do you log into the server then?
  • How to keep the same version of services on all machines?
  • How do I always have the latest version of the services?

AWS has a very nice operations center for the platform called AWS Systems Manager. It allows you to do many things, such as automating tasks, updating services, enforcing the application of appropriate policies, and much much more. Overall, a very extensive ‘operations center’ that allows you to automate a lot of things.

I’ve already written a bit about it in the following articles:

This is my first article in 2022, and I hope it helps you get a good start to your year with the AWS Cloud.

AWS State Manager

Today I wanted to deal with another part of AWS System Manager and introduce you to the State Manager service. The service allows you to maintain the proper state of EC2. It also allows you to periodically run scripts or machines.

aws state manager 2022 cloud

Automatic update of the SSM agent

For easier understanding of the topic, I will show, on a practical example, step by step how to use AWS State Manager to perform an automatic update of Systems Manager Service Agent on EC2 machines.

  • Just go to AWS Systems Manager and select ‘State Manager‘ from the left menu in the Node Management section.
  • Now click on ‘Create association’.
  • It’s not required, but it’s a good idea to add a name for example “SSMAgent-Update”.
  • Now select the document type – ‘AWS-UpdateSSMAgent‘.
  • You can leave Parameters sections unchanged.
  • In the Targets section, you specify on which machines you want to run automatic update of the SSM Agent. I checked “Choose all instances” because I want to bind it to all instances.
  • Now you set the schedule. I chose the interval of 14 days. Every 2 weeks, the Agent’s SSM version will be checked and updated if it is necessary.
  • No advanced options are needed to update the Agent, so I leave this section unchanged.
  • I also leave Rate Control unchanged. The task can be performed on 50 machines at the same time and in case of errors on more than 10% of the instances, it will be aborted.
  • I don’t need logs and information about this task, so I won’t save log to S3.
  • Now just click Save Changes and the automation for updating the SSM Agent will be saved and the process scheduled according to the schedule.
state manager ssm agent update

Automatic start EC2

On the EC2 machine, you can set the crontab to restart automatically or shut down. Scheduling the start at a specific time will not be so easy. Fortunately, thanks to the State Manager feature, you can easily schedule any machine to start at a specific time.

  • Go to AWS Systems Manager and select State Manager from the left menu in the Node Management section.
  • Now click on Create association.
  • It is not required, but it is a good idea to add a name for example “Start-EC2-test”.
  • Now select the document type – AWS-StartEC2Instance.
  • Leave Execution on ‘Simple execution‘, this will simplify the configuration.
  • In the ‘Input parameters‘ section you can check ‘Show interactive instance picker‘ and select from the list the machines that you want to start automatically. Then select a role to run EC2. It’s best if you create a dedicated role for this. I have already written about creating roles in other articles, such as How to automatically run EC2 in the AWS cloud?
  • In the ‘Specify schedule‘ section, you set the schedule. Since I want the machines to start every day at 8:00 am, I chose the ‘Every Day at 08:00’ option.
  • That’s it, just click Save Changes.
state manager start ec2 config 2022
state manager start ec2 targets 2022

If you want to run all EC2s with specific tag at a certain time, in the Execution section, select ‘Rate control’ instead of ‘Simple execution’. And follow the recommendations.

Summary

Instead of updating the SSM agent, or running EC2, you can, for example, run a script that will restore settings every morning. This is good in case someone changes them during the day and you want to keep the right configuration. Running a script is probably one of the most frequently chosen options. With it, you can easily do whatever you can think of on selected machines and at a specific time, and manage everything from one place.

Here you will find documentation about AWS System Manager and its components.

If you plan to automate with the AWS cloud, then it’s good to know AWS Systems Manager and its components like State Manager.

How to automatically start EC2 in the AWS cloud?
How to automatically execute a command on EC2 in AWS?
Tags: