"Program to create centralized Windows Instances of Multiple Accounts and Cross-Platform EC2 Instances Using AWS Systems Manager"

In this article, I have given a code which can be used as reference while writing a  program to create centralized Windows Instances of Multiple Accounts and Cross-Platform EC2 Instances Using AWS Systems Manager.

Connect to your windows instance open Powerhell ISE window and use below code- which is divided into 3 sections

  1. Uninstalling of SSM Agent
  2. Registration Code
  3. Tagging Instances


# STEP 1 - Uninstalling of SSM Agent
    [switch] $removeProgramData

function Log-Info {
        [string] $message
    Write-Host("[INFO] {0}" -f $message)

function Log-Warning {
        [string] $message
    Write-Warning("{0}" -f $message)

$ServiceName = ".\\AmazonSSMAgent"
$InstalledPath = Join-Path $env:programFiles -ChildPath "Amazon" | Join-Path -ChildPath "SSM"
$CustomizedSeelog = Join-Path $InstalledPath -ChildPath "seelog.xml"
$CustomizedAppConfig = Join-Path $InstalledPath -ChildPath "amazon-ssm-agent.json"
$ProgramDataAmazonFolder = Join-Path $env:programData -ChildPath "Amazon"
$ProgramDataSSMFolder= Join-Path $ProgramDataAmazonFolder -ChildPath "SSM"

Log-Info("Uninstalling Amazon SSM Agent begins")

# Check if Amazon SSM Agent service is already installed or running
Log-Info("Checking if $ServiceName exists in Windows service")
$ExistingService = Get-CimInstance -ClassName Win32_Service -Filter "Name='$ServiceName'"
if($ExistingService) {
    Log-Info("Checking if {0} is running as windows service" -f $ServiceName)

    # If Amazon SSM Agent service is already running or waiting, check the state
    if($ExistingService.State -in "Running", "Waiting") {
        # Stop the service if running
        Log-Info("Stopping {0} in windows service" -f $ServiceName)
        try {
            $ErrorActionPreference = "Stop";
            net stop $ServiceName
        } catch {
            $ex = $Error[0].Exception
            Log-Warning("{0}.. exit!" -f $ex)
            Exit 1

    # Delete Amazon SSM Agent service
    Log-Info("Deleting $ServiceName from service")
    $silent = $ExistingService | Invoke-CimMethod -MethodName Delete

    Start-Sleep 1

# If removeProgramData is set as argument, remove program data
Log-Info("Checking if removeProgramData argument is set")
if($removeProgramData) {
    Log-Info("Removing program data since removeProgramData is set")

    # Remove ProgramDataSSMFolder
    if(Test-Path $ProgramDataSSMFolder) {
        Log-Info("Removing SSM ProgramData directory: {0}" -f $ProgramDataSSMFolder)
        Remove-Item $ProgramDataSSMFolder -Recurse

    # Check if ProgramDataAmazonFolder is empty and if so, remove the folder as well
    if((Test-Path $ProgramDataAmazonFolder) -and ((Get-ChildItem -Path $ProgramDataAmazonFolder -Recurse | Measure-Object).Count -eq 0)) {
        Log-Info("Removing Amazon ProgramData directory: {0}" -f $ProgramDataSSMFolder)
        Remove-Item $ProgramDataAmazonFolder

# Remove files and directories excluding customized files in installed path
Log-Info("Checking if any file exists in installed path excluding customized files")
if(Test-Path $InstalledPath) {
    Log-Info("Removing files and directories excluding {0} and {1} if exists" -f $CustomizedSeelog, $CustomizedAppConfig)
    Get-ChildItem $InstalledPath | ForEach-Object {
        if($_.FullName -ne $CustomizedSeelog -and $_.FullName -ne $CustomizedAppConfig) {
            Log-Info("Removing {0}" -f $_)
            Remove-Item $_.FullName -Recurse

Log-Info("Checking if installed path is empty")
if((Test-Path $InstalledPath) -and ((Get-ChildItem -Path $InstalledPath -Recurse | Measure-Object).Count -eq 0)) {
    Log-Info("Removing $InstalledPath since it is empty")
    Remove-Item $InstalledPath

Log-Info("Uninstalling Amazon SSM Agent successfully ended!`n")

# STEP 2 - Registration of Windows Instances to move in centralized account i.e. SS Account

$code = "xxxxxxxxxxxxxxxxxxxxxxxxxxx"
$id = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
$region = "us-east-1"
$dir = $env:TEMP + "\ssm"
New-Item -ItemType directory -Path $dir -Force
cd $dir
(New-Object System.Net.WebClient).DownloadFile("https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/windows_amd64/AmazonSSMAgentSetup.exe", $dir + "\AmazonSSMAgentSetup.exe")
Start-Process .\AmazonSSMAgentSetup.exe -ArgumentList @("/q", "/log", "install.log", "CODE=$code", "ID=$id", "REGION=$region") -Wait
Get-Content ($env:ProgramData + "\Amazon\SSM\InstanceData\registration")
Get-Service -Name "AmazonSSMAgent"

# STEP 3 - Tagging of Windows Instances

$instanceId = Invoke-WebRequest -Uri -UseBasicParsing | Out-File -FilePath .\p2.txt
echo $instanceId
$ivalue = cat .\p2.txt | where {$_ -match "i-" }
echo $ivalue
$instid = $ivalue.Substring(20)
echo $instid
$miobject = Get-Content ($env:ProgramData + "\Amazon\SSM\InstanceData\registration") | ConvertFrom-Json
#echo $mivalue | 
#$miextract = $mivalue.substring(22)
echo $miextract
Install-Module -Scope CurrentUser -Name AWSPowerShell.NetCore -Force
Import-Module "C:\Program Files (x86)\AWS Tools\PowerShell\AWSPowerShell\AWSPowerShell.psd1"
Import-Module AWSPowerShell
$tag = New-Object Amazon.EC2.Model.Tag
$tag.key = "ManagedInstanceId"
$tag.value = $miextract
New-EC2Tag -Resource $instid -Tag $tag
$aliases=aws iam list-account-aliases --output text
$tag = New-Object Amazon.EC2.Model.Tag
$tag.key = "SourceAccount"
$tag.value = $aliases.substring(15)
New-EC2Tag -Resource $instid -Tag $tag

“If you are passionate about technology and like to share your knowledge or the latest on technology, mail us on info@saniconservices.com and get featured on our blog page”

I hope you find this program useful to create centralized Windows Instances of Multiple Accounts and Cross-Platform EC2 Instances Using AWS Systems Manager.

In conclusion: Over the years SANICON – A One-Stop Cloud Solution Company have provided the most credible cloud infrastructure as a service and cutting-edge IT technology & services across various domains which helped businesses digital transformation and also helped to make, implement and operate the right choices and models for business growth.

Reach out to us today at sales@saniconservices.com to get a reliable and affordable cloud managed service and IT technology partner

Visit website www.saniconservices.com to learn more about all great products and services offered.

Leave a Reply

Your email address will not be published. Required fields are marked *