# Node Management

As noted previously, **Systems Session Manager** is a service that is used to provide cli based access to EC2 workloads without the need to expose it on the internet or without the requirement of bastion host or jump host. It is part of Node Management sub service of AWS Systems Manager

AWS SSM Session Manager is an excellent feature to connect to and manage all hybrid infrastructure remotely without having to use SSH for Linux or RDP for Windows instances. It provides the added bonus of security, as IT Teams don't need SSH/RDP ports open and access control to who can establish shell sessions using IAM policies. It also allows for logging and auditing of all activity during a shell session via Session Manager.

For this to work, an SSM agent either needs to be preinstalled or needs to be installed on the EC2 instance. It is compatible with both Windows as well as Linux

The steps to setup the same are laid out in detail [here](https://guides.radifine.com/how-to-securely-access-and-transfer-file-to-an-ec2-instance-in-private-subnet-of-vpc-in-aws).

SSM agent allows administrators to remotely execute commands, automate tasks, and manage configuration settings on those instances. It provides a secure and efficient way to perform various operational tasks, such as software patching, inventory management, and software installation with the highest privileges on the EC2 instances

Note that to connect Virtual Machines in other cloud providers i.e., Non-AWS Virtual machines or on-prem machines, **Hybrid Activations** can also be used. However, it requires Key activation for SSM Agent when installed on them. It can as summarized below:

<figure><img src="/files/bxOo0FOPbu4kqBEQLG7v" alt=""><figcaption></figcaption></figure>

Note all of the instances that have AWS SSM agent installed can be collectively managed into **Fleet Manager**

Another important feature to understand the types of automation that can be done is to check SSM Documents (present under **Shared Resources -> Documents** ). A sample SSM Document format can look like as shown below:

&#x20;&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://notes.radifine.com/aws/other-aws-services/aws-systems-manager/node-management.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.