AWS Systems Manager OpsCenter

AWS Systems Manager OpsCenter

The ever-growing portfolio of AWS makes it complicated to manage services and product offering for a specific use case. AWS portfolio in its current form is overwhelming for many enterprise and small customers.

AWS services

To make itself relevant to startups and enterprise AWS can’t afford to not release services with this speed. However, they still need to keep things simpler for anyone to be able to adapt to it quickly. 

This is where AWS’ System Manager OpsCenter comes in.

Definition: OpsCenter

OpsCenter provides a central location where operations engineers and IT professionals can view, investigate, and resolve operational work items (OpsItems) related to AWS resources.

AWS Systems Manager OpsCenter enables a standard and unified experience for viewing, working on, and remediating issues related to AWS resources. A standard and unified experience improves the time it takes to remedy issues, investigate related issues, and train new operations engineers and IT professionals. A standard and unified experience also reduces the number of manual errors entered into the system of managing and remediating issues.

OpsCenter is integrated with Amazon CloudWatch Events. This means you can create CloudWatch Events rules that automatically create OpsItems for any AWS service that publishes events to CloudWatch Events. For example, you can configure SSM OpsItems as the target for the following types of events, and hundreds more:

  1. Security issues, such as alerts from AWS Security Hub
  2. Performance issues, such as a throttling event for Amazon DynamoDB or degraded Amazon Elastic Block Store (EBS) volume performance
  3. Failures, such as an Amazon EC2 Auto Scaling group failure to launch an instance or a Systems Manager Automation execution failure
  4. Health alerts, such as an AWS Health alert for scheduled maintenance
  5. State changes, such as an Amazon EC2 instance state change from Running to Stopped

How it works

1 Configure sources for automatic OpsItems creation

  1. Here we Configure CloudWatch Events Permissions for Automatically Creating OpsItems. This is done by creating an OpsCenter policy for CloudWatch Events. Than we create an OpsCenter role for CloudWatch Events. We can then attach the OpsCenter policy to the OpsCenter role for CloudWatch Events. Finally, we configure User or Group Permissions for OpsCenter
  2. For some ARN types, OpsCenter automatically creates a deep link that displays details about the resource without having to visit other console pages to view that information. For example, you can specify the ARN of an Amazon EC2 instance. In OpsCenter, you can then view all of the details that Amazon EC2 provides about that instance. To view a list of resource types that automatically create deep links to related resources.

2 Associate remediation actions with OpsItems types and execute runbooks to solve issues with your resources: AWS Systems Manager Automation helps you quickly remediate issues with AWS resources identified in your Ops Items. Automation uses predefined SSM Automation documents (runbooks) to remediate commons issues with AWS resources. For example, Automation includes runbooks to perform the following actions:

  1. Stop, start, restart, and terminate Amazon Relational Database Service (Amazon RDS) and Amazon Elastic Compute Cloud (Amazon EC2) instances.
  2. Create AWS resources such as Amazon Machine Images (AMIs), Amazon Elastic Block Store (Amazon EBS) snapshots, and Amazon DynamoDB backups.
  3. Configure a resource to use AWS services, including Amazon CloudWatch Events, AWS CloudTrail, and Amazon Simple Storage Service (Amazon S3) bucket logging and versioning.
  4. Attach an AWS Identity and Access Management (IAM) instance profile to an instance.
  5. Troubleshoot RDP and SSH connectivity issues for EC2 instances.
  6. Reset access for an EC2 instance.

3 Track your OpsItems: OpsCenter includes a summary page that automatically displays the following information

  1. OpsItem status summary: a summary of OpsItems by status (Open and In progress, Open, or In Progress).
  2. Sources with most open OpsItems: a breakdown of the top AWS services that have open OpsItems.
  3. OpsItems by source and age: a count of OpsItems, grouped by source and days since creation.


OpsCenter offers the following benefits for operations engineers and organizations:

  1. You no longer need to navigate across multiple console pages to view, investigate, and resolve OpsItems related to AWS resources. OpsItems are aggregated, across services, in a central location.
  2. You can view service-specific and contextually relevant data for OpsItems that are automatically generated by Amazon CloudWatch Events.
  3. You can specify the Amazon Resource Name (ARN) of a resource related to an OpsItem. By specifying related resources, OpsCenter uses built-in logic to help you avoid creating duplicate OpsItems.
  4. You can view details and resolution information about similar OpsItems.
  5. You can quickly view information about and execute Systems Manager Automation documents (runbooks) to resolve issues.

OpsCenter is currently available in all commercial Regions (excluding China Regions). This feature is priced on a pay-per-use model. You can access OpsCenter directly from the Systems Manager console and start improving your operational health today.