Originally posted on 2023-03-02
These have been gathered over the past few years. Here are the things that I think people should consider if they’re using SSM in multiple accounts and multiple regions.
NOTE: There’s never a one-size fits all solution. Sometimes these suggestions may not work for you.
… this still needs more work! …
- Use
TargetLocations
to run automation documents in other accounts - Separate tasks into groups
- Group 1 -
backplane
- Tasks that need to run to maintain/manage the backplane infrastructure - Do not share documents for ephemeral/deployment tasks
- Why? Documents can not be deleted while they are shared. This can create ops challenges when a document needs to be updated but it is shared with multiple accounts.