Automate EC2 into System Manager


Besides setting up DHMC, is there a way to setup either a config rule or event bridge rule, that will check if an ec2 is managed by SM. If not, then either add the correct IAM role, or add device into SM?

1 Answer


The AWS Config rule "ec2-instance-managed-by-systems-manager" may be helpful.

After creating a Config rule using this rule, I think it is possible to have EventBridge detect "complianceType" of "NON_COMPLIANT".
If you refer to the events in the document below, the event pattern will be as follows.

  "source": ["aws.config"],
  "detail-type": ["Config Rules Compliance Change"],
  "detail": {
    "messageType": ["ComplianceChangeNotification"],
    "configRuleName": ["ec2-instance-managed-by-systems-manager"],
    "newEvaluationResult": {
      "complianceType": ["NON_COMPLIANT"]
profile picture
answered 4 months ago
profile picture
reviewed 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions