com.amazonaws.services.simplesystemsmanagement

Interface AWSSimpleSystemsManagement

All Known Subinterfaces:

AWSSimpleSystemsManagementAsync

All Known Implementing Classes:

AbstractAWSSimpleSystemsManagement, AbstractAWSSimpleSystemsManagementAsync, AWSSimpleSystemsManagementAsyncClient, AWSSimpleSystemsManagementClient

public interface AWSSimpleSystemsManagement

Interface for accessing Amazon SSM.

Simple Systems Manager (SSM) is a set of capabilities that can help you manage your Amazon EC2 instances running on Windows. SSM enables you to run scripts or other common administrative tasks on your instances using either SSM Run Command or SSM Config.

Run Command extends the server administration capabilities of SSM by offering an on-demand experience for executing commands. You can use pre-defined Amazon SSM documents (formerly called configuration documents) to perform the actions listed later in this section, or you can create your own documents. With these document, you can then remotely configure your instances by sending commands using the AWS command line interface (CLI), AWS Tools for Windows PowerShell, or the Commands page in the Amazon EC2 console. Additionally, because Run Command enables you to execute PowerShell commands or scripts, you can administer your instances remotely using PowerShell as though you were logged on locally to the instance. Run Command reports the status of the command execution for each instance targeted by a command. You can also audit the command execution to understand who executed commands, when, and what changes were made. By switching between different SSM documents, you can quickly configure your instances with different types of commands.

SSM Config is a lightweight instance configuration solution. With SSM Config, you can specify a setup configuration for your instances. SSM Config is similar to EC2 User Data, which is another way of running one-time scripts or applying settings during instance launch. SSM Config is an extension of this capability. Using SSM documents, you can specify which actions the system should perform on your instances, including which applications to install, which AWS Directory Service directory to join, which Microsoft PowerShell modules to install, etc. If an instance is missing one or more of these configurations, the system makes those changes. By default, the system checks every five minutes to see if there is a new configuration to apply as defined in a new SSM document. If so, the system updates the instances accordingly. In this way, you can remotely maintain a consistent configuration baseline on your instances. SSM Config is available using the AWS CLI or the AWS Tools for Windows PowerShell.

SSM is currently not supported on Linux instances.

You can use Run Command and SSM Config to do the following:

• Join an AWS Directory Service directory (SSM Config and Run Command)

• Install, repair, or uninstall software using an MSI package (SSM Config and Run Command)

• Install PowerShell modules (SSM Config and Run Command)

• Configure CloudWatch Logs to monitor applications and systems (SSM Config and Run Command)

• Run PowerShell commands or scripts (Run Command only)

• Update the EC2Config service (Run Command only)

• Configure Windows Update settings (Run Command only)

SSM documents run with administrative privilege on Windows instances because the EC2Config service runs in the Local System account. If a user has permission to execute any of the pre-defined SSM documents (any document that begins with AWS-*) then that user also has administrator access to the instance. Delegate access to SSM Config and Run Command judiciously. This becomes extremely important if you create your own SSM documents. Amazon Web Services does not provide guidance about how to create secure SSM documents. You create SSM documents and delegate access to Run Command actions at your own risk. As a security best practice, we recommend that you assign access to "AWS-*" documents, especially the AWS-RunPowerShellScript document, to trusted administrators only. You can create low-level SSM documents for low security tasks and delegate access to non-administrators.

Method Summary

Methods

Modifier and Type	Method and Description
CancelCommandResult	cancelCommand(CancelCommandRequest cancelCommandRequest) Attempts to cancel the command specified by the Command ID.
CreateAssociationResult	createAssociation(CreateAssociationRequest createAssociationRequest) Associates the specified SSM document with the specified instance.
CreateAssociationBatchResult	createAssociationBatch(CreateAssociationBatchRequest createAssociationBatchRequest) Associates the specified SSM document with the specified instances.
CreateDocumentResult	createDocument(CreateDocumentRequest createDocumentRequest) Creates an SSM document.
DeleteAssociationResult	deleteAssociation(DeleteAssociationRequest deleteAssociationRequest) Disassociates the specified SSM document from the specified instance.
DeleteDocumentResult	deleteDocument(DeleteDocumentRequest deleteDocumentRequest) Deletes the SSM document and all instance associations to the document.
DescribeAssociationResult	describeAssociation(DescribeAssociationRequest describeAssociationRequest) Describes the associations for the specified SSM document or instance.
DescribeDocumentResult	describeDocument(DescribeDocumentRequest describeDocumentRequest) Describes the specified SSM document.
DescribeInstanceInformationResult	describeInstanceInformation(DescribeInstanceInformationRequest describeInstanceInformationRequest) Describes one or more of your instances.
ResponseMetadata	getCachedResponseMetadata(AmazonWebServiceRequest request) Returns additional metadata for a previously executed successful request, typically used for debugging issues where a service isn't acting as expected.
GetDocumentResult	getDocument(GetDocumentRequest getDocumentRequest) Gets the contents of the specified SSM document.
ListAssociationsResult	listAssociations(ListAssociationsRequest listAssociationsRequest) Lists the associations for the specified SSM document or instance.
ListCommandInvocationsResult	listCommandInvocations(ListCommandInvocationsRequest listCommandInvocationsRequest) An invocation is copy of a command sent to a specific instance.
ListCommandsResult	listCommands(ListCommandsRequest listCommandsRequest) Lists the commands requested by users of the AWS account.
ListDocumentsResult	listDocuments() Simplified method form for invoking the ListDocuments operation.
ListDocumentsResult	listDocuments(ListDocumentsRequest listDocumentsRequest) Describes one or more of your SSM documents.
SendCommandResult	sendCommand(SendCommandRequest sendCommandRequest) Executes commands on one or more remote instances.
void	setEndpoint(String endpoint) Overrides the default endpoint for this client ("https://ssm.us-east-1.amazonaws.com").
void	setRegion(Region region) An alternative to setEndpoint(String), sets the regional endpoint for this client's service calls.
void	shutdown() Shuts down this client object, releasing any resources that might be held open.
UpdateAssociationStatusResult	updateAssociationStatus(UpdateAssociationStatusRequest updateAssociationStatusRequest) Updates the status of the SSM document associated with the specified instance.

Method Detail

setEndpoint

void setEndpoint(String endpoint)

Overrides the default endpoint for this client ("https://ssm.us-east-1.amazonaws.com"). Callers can use this method to control which AWS region they want to work with.

Callers can pass in just the endpoint (ex: "ssm.us-east-1.amazonaws.com") or a full URL, including the protocol (ex: "https://ssm.us-east-1.amazonaws.com"). If the protocol is not specified here, the default protocol from this client's ClientConfiguration will be used, which by default is HTTPS.

For more information on using AWS regions with the AWS SDK for Java, and a complete list of all available endpoints for all AWS services, see: http://developer.amazonwebservices.com/connect/entry.jspa?externalID= 3912

This method is not threadsafe. An endpoint should be configured when the client is created and before any service requests are made. Changing it afterwards creates inevitable race conditions for any service requests in transit or retrying.

Parameters:

endpoint - The endpoint (ex: "ssm.us-east-1.amazonaws.com") or a full URL, including the protocol (ex: "https://ssm.us-east-1.amazonaws.com") of the region specific AWS endpoint this client will communicate with.

setRegion

void setRegion(Region region)

An alternative to setEndpoint(String), sets the regional endpoint for this client's service calls. Callers can use this method to control which AWS region they want to work with.

By default, all service endpoints in all regions use the https protocol. To use http instead, specify it in the ClientConfiguration supplied at construction.

This method is not threadsafe. A region should be configured when the client is created and before any service requests are made. Changing it afterwards creates inevitable race conditions for any service requests in transit or retrying.

Parameters:

region - The region this client will communicate with. See Region.getRegion(com.amazonaws.regions.Regions) for accessing a given region. Must not be null and must be a region where the service is available.

See Also:

Region.getRegion(com.amazonaws.regions.Regions), Region.createClient(Class, com.amazonaws.auth.AWSCredentialsProvider, ClientConfiguration), Region.isServiceSupported(String)

cancelCommand

CancelCommandResult cancelCommand(CancelCommandRequest cancelCommandRequest)

Attempts to cancel the command specified by the Command ID. There is no guarantee that the command will be terminated and the underlying process stopped.

Parameters:

cancelCommandRequest -

Returns:

Result of the CancelCommand operation returned by the service.

Throws:

InvalidCommandIdException

InvalidInstanceIdException - The instance is not in valid state. Valid states are: Running, Pending, Stopped, Stopping. Invalid states are: Shutting-down and Terminated.

DuplicateInstanceIdException - You cannot specify an instance ID in more than one association.

createAssociation

CreateAssociationResult createAssociation(CreateAssociationRequest createAssociationRequest)

Associates the specified SSM document with the specified instance.

When you associate an SSM document with an instance, the configuration agent on the instance processes the document and configures the instance as specified.

If you associate a document with an instance that already has an associated document, the system throws the AssociationAlreadyExists exception.

Parameters:

createAssociationRequest -

Returns:

Result of the CreateAssociation operation returned by the service.

Throws:

AssociationAlreadyExistsException - The specified association already exists.

AssociationLimitExceededException - You can have at most 2,000 active associations.

InternalServerErrorException - An error occurred on the server side.

InvalidDocumentException - The specified document does not exist.

InvalidInstanceIdException - The instance is not in valid state. Valid states are: Running, Pending, Stopped, Stopping. Invalid states are: Shutting-down and Terminated.

UnsupportedPlatformTypeException - The document does not support the platform type of the given instance ID(s).

InvalidParametersException - You must specify values for all required parameters in the SSM document. You can only supply values to parameters defined in the SSM document.

createAssociationBatch

CreateAssociationBatchResult createAssociationBatch(CreateAssociationBatchRequest createAssociationBatchRequest)

Associates the specified SSM document with the specified instances.

When you associate an SSM document with an instance, the configuration agent on the instance processes the document and configures the instance as specified.

If you associate a document with an instance that already has an associated document, the system throws the AssociationAlreadyExists exception.

Parameters:

createAssociationBatchRequest -

Returns:

Result of the CreateAssociationBatch operation returned by the service.

Throws:

InternalServerErrorException - An error occurred on the server side.

InvalidDocumentException - The specified document does not exist.

InvalidInstanceIdException - The instance is not in valid state. Valid states are: Running, Pending, Stopped, Stopping. Invalid states are: Shutting-down and Terminated.

InvalidParametersException - You must specify values for all required parameters in the SSM document. You can only supply values to parameters defined in the SSM document.

DuplicateInstanceIdException - You cannot specify an instance ID in more than one association.

AssociationLimitExceededException - You can have at most 2,000 active associations.

UnsupportedPlatformTypeException - The document does not support the platform type of the given instance ID(s).

createDocument

CreateDocumentResult createDocument(CreateDocumentRequest createDocumentRequest)

Creates an SSM document.

After you create an SSM document, you can use CreateAssociation to associate it with one or more running instances.

Parameters:

createDocumentRequest -

Returns:

Result of the CreateDocument operation returned by the service.

Throws:

DocumentAlreadyExistsException - The specified SSM document already exists.

MaxDocumentSizeExceededException - The size limit of an SSM document is 64 KB.

InternalServerErrorException - An error occurred on the server side.

InvalidDocumentContentException - The content for the SSM document is not valid.

DocumentLimitExceededException - You can have at most 100 active SSM documents.

deleteAssociation

DeleteAssociationResult deleteAssociation(DeleteAssociationRequest deleteAssociationRequest)

Disassociates the specified SSM document from the specified instance.

When you disassociate an SSM document from an instance, it does not change the configuration of the instance. To change the configuration state of an instance after you disassociate a document, you must create a new document with the desired configuration and associate it with the instance.

Parameters:

deleteAssociationRequest -

Returns:

Result of the DeleteAssociation operation returned by the service.

Throws:

AssociationDoesNotExistException - The specified association does not exist.

InternalServerErrorException - An error occurred on the server side.

InvalidDocumentException - The specified document does not exist.

InvalidInstanceIdException - The instance is not in valid state. Valid states are: Running, Pending, Stopped, Stopping. Invalid states are: Shutting-down and Terminated.

TooManyUpdatesException - There are concurrent updates for a resource that supports one update at a time.

deleteDocument

DeleteDocumentResult deleteDocument(DeleteDocumentRequest deleteDocumentRequest)

Deletes the SSM document and all instance associations to the document.

Before you delete the SSM document, we recommend that you use DeleteAssociation to disassociate all instances that are associated with the document.

Parameters:

deleteDocumentRequest -

Returns:

Result of the DeleteDocument operation returned by the service.

Throws:

InternalServerErrorException - An error occurred on the server side.

InvalidDocumentException - The specified document does not exist.

AssociatedInstancesException - You must disassociate an SSM document from all instances before you can delete it.

describeAssociation

DescribeAssociationResult describeAssociation(DescribeAssociationRequest describeAssociationRequest)

Describes the associations for the specified SSM document or instance.

Parameters:

describeAssociationRequest -

Returns:

Result of the DescribeAssociation operation returned by the service.

Throws:

AssociationDoesNotExistException - The specified association does not exist.

InternalServerErrorException - An error occurred on the server side.

InvalidDocumentException - The specified document does not exist.

InvalidInstanceIdException - The instance is not in valid state. Valid states are: Running, Pending, Stopped, Stopping. Invalid states are: Shutting-down and Terminated.

describeDocument

DescribeDocumentResult describeDocument(DescribeDocumentRequest describeDocumentRequest)

Describes the specified SSM document.

Parameters:

describeDocumentRequest -

Returns:

Result of the DescribeDocument operation returned by the service.

Throws:

InternalServerErrorException - An error occurred on the server side.

InvalidDocumentException - The specified document does not exist.

describeInstanceInformation

DescribeInstanceInformationResult describeInstanceInformation(DescribeInstanceInformationRequest describeInstanceInformationRequest)

Describes one or more of your instances. You can use this to get information about instances like the operating system platform, the SSM agent version, status etc. If you specify one or more instance IDs, it returns information for those instances. If you do not specify instance IDs, it returns information for all your instances. If you specify an instance ID that is not valid or an instance that you do not own, you receive an error.

Parameters:

describeInstanceInformationRequest -

Returns:

Result of the DescribeInstanceInformation operation returned by the service.

Throws:

InternalServerErrorException - An error occurred on the server side.

InvalidInstanceIdException - The instance is not in valid state. Valid states are: Running, Pending, Stopped, Stopping. Invalid states are: Shutting-down and Terminated.

InvalidNextTokenException - The specified token is not valid.

InvalidInstanceInformationFilterValueException - The specified filter value is not valid.

InvalidFilterKeyException - The specified key is not valid.

getDocument

GetDocumentResult getDocument(GetDocumentRequest getDocumentRequest)

Gets the contents of the specified SSM document.

Parameters:

getDocumentRequest -

Returns:

Result of the GetDocument operation returned by the service.

Throws:

InternalServerErrorException - An error occurred on the server side.

InvalidDocumentException - The specified document does not exist.

listAssociations

ListAssociationsResult listAssociations(ListAssociationsRequest listAssociationsRequest)

Lists the associations for the specified SSM document or instance.

Parameters:

listAssociationsRequest -

Returns:

Result of the ListAssociations operation returned by the service.

Throws:

InternalServerErrorException - An error occurred on the server side.

InvalidNextTokenException - The specified token is not valid.

listCommandInvocations

ListCommandInvocationsResult listCommandInvocations(ListCommandInvocationsRequest listCommandInvocationsRequest)

An invocation is copy of a command sent to a specific instance. A command can apply to one or more instances. A command invocation applies to one instance. For example, if a user executes SendCommand against three instances, then a command invocation is created for each requested instance ID. ListCommandInvocations provide status about command execution.

Parameters:

listCommandInvocationsRequest -

Returns:

Result of the ListCommandInvocations operation returned by the service.

Throws:

InvalidCommandIdException

InvalidInstanceIdException - The instance is not in valid state. Valid states are: Running, Pending, Stopped, Stopping. Invalid states are: Shutting-down and Terminated.

InvalidFilterKeyException - The specified key is not valid.

InvalidNextTokenException - The specified token is not valid.

listCommands

ListCommandsResult listCommands(ListCommandsRequest listCommandsRequest)

Lists the commands requested by users of the AWS account.

Parameters:

listCommandsRequest -

Returns:

Result of the ListCommands operation returned by the service.

Throws:

InvalidCommandIdException

InvalidInstanceIdException - The instance is not in valid state. Valid states are: Running, Pending, Stopped, Stopping. Invalid states are: Shutting-down and Terminated.

InvalidFilterKeyException - The specified key is not valid.

InvalidNextTokenException - The specified token is not valid.

listDocuments

ListDocumentsResult listDocuments(ListDocumentsRequest listDocumentsRequest)

Describes one or more of your SSM documents.

Parameters:

listDocumentsRequest -

Returns:

Result of the ListDocuments operation returned by the service.

Throws:

InternalServerErrorException - An error occurred on the server side.

InvalidNextTokenException - The specified token is not valid.

InvalidFilterKeyException - The specified key is not valid.

listDocuments

ListDocumentsResult listDocuments()

Simplified method form for invoking the ListDocuments operation.

See Also:

listDocuments(ListDocumentsRequest)

sendCommand

SendCommandResult sendCommand(SendCommandRequest sendCommandRequest)

Executes commands on one or more remote instances.

Parameters:

sendCommandRequest -

Returns:

Result of the SendCommand operation returned by the service.

Throws:

DuplicateInstanceIdException - You cannot specify an instance ID in more than one association.

InvalidInstanceIdException - The instance is not in valid state. Valid states are: Running, Pending, Stopped, Stopping. Invalid states are: Shutting-down and Terminated.

InvalidDocumentException - The specified document does not exist.

InvalidOutputFolderException - The S3 bucket does not exist.

InvalidParametersException - You must specify values for all required parameters in the SSM document. You can only supply values to parameters defined in the SSM document.

UnsupportedPlatformTypeException - The document does not support the platform type of the given instance ID(s).

updateAssociationStatus

UpdateAssociationStatusResult updateAssociationStatus(UpdateAssociationStatusRequest updateAssociationStatusRequest)

Updates the status of the SSM document associated with the specified instance.

Parameters:

updateAssociationStatusRequest -

Returns:

Result of the UpdateAssociationStatus operation returned by the service.

Throws:

InternalServerErrorException - An error occurred on the server side.

InvalidInstanceIdException - The instance is not in valid state. Valid states are: Running, Pending, Stopped, Stopping. Invalid states are: Shutting-down and Terminated.

InvalidDocumentException - The specified document does not exist.

AssociationDoesNotExistException - The specified association does not exist.

StatusUnchangedException - The updated status is the same as the current status.

TooManyUpdatesException - There are concurrent updates for a resource that supports one update at a time.

shutdown

void shutdown()

Shuts down this client object, releasing any resources that might be held open. This is an optional method, and callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client has been shutdown, it should not be used to make any more requests.

getCachedResponseMetadata

ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request)

Returns additional metadata for a previously executed successful request, typically used for debugging issues where a service isn't acting as expected. This data isn't considered part of the result data returned by an operation, so it's available through this separate, diagnostic interface.

Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic information for an executed request, you should use this method to retrieve it as soon as possible after executing a request.

Parameters:

request - The originally executed request.

Returns:

The response metadata for the specified request, or null if none is available.