This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Getting Started

1: SSM agent
2: Prerequisites
3: AWS Marketplace deployment
4: Terraform deployment

Before deploying Ohlala Operations for Amazon EC2, ensure you have the following:

An AWS account
One or more Windows EC2 instances to manage.
AWS Systems Manager Agent (SSM Agent) installed and running on your instances (recommended for remote execution).
review the prerequisites

Deployment Options

You can deploy Ohlala Operations for Amazon EC2 using one of the following methods:

1. AWS Marketplace (preferred)

Follow our documentation AWS marketplace deployment.

2. Terraform Deployment

Work in progress

Troubleshooting

If you encounter issues:

Ensure your AWS account has been granted access to the AMI through the AWS marketplace subscription.
Verify that your EC2 instances have the correct IAM roles.
Check that AWS Systems Manager Agent is installed and running.
Review logs for any error messages.

Next Steps

Explore the full capabilities of Ohlala Operations for Amazon EC2 by setting up automation workflows and optimizing your Windows EC2 management.

For assistance, contact contact@ohlala.cloud.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

1 - SSM agent

Ohlala Operations for Amazon EC2 relies on the AWS Systems Manager (SSM) Agent to manage Windows EC2 instances effectively. The SSM Agent enables Systems Manager to update, manage, and configure these resources.

Inclusion in AWS AMIs

The SSM Agent is preinstalled on several Amazon Machine Images (AMIs) provided by AWS. Notably, it is included in:

Windows Server 2012 R2: AMIs published in November 2016 or later.
Windows Server 2016, 2019, 2022, and 2025: All standard versions (excluding Nano versions).

For a comprehensive list of AMIs with the SSM Agent preinstalled, refer to the AWS documentation.

Network Prerequisites

To ensure proper communication between the SSM Agent and AWS Systems Manager, consider the following network requirements:

Outbound Internet Access: The SSM Agent requires outbound access to the internet to communicate with the Systems Manager service. If your instances do not have direct internet access, you can set up VPC endpoints to facilitate this communication.
Instance Metadata Service (IMDS): The SSM Agent utilizes the Instance Metadata Service. Ensure that your instances can access the IPv4 address 169.254.169.254. Both IMDSv1 and IMDSv2 are supported.
No Inbound Ports Required: The SSM Agent initiates all communication with the Systems Manager service; therefore, no inbound ports need to be opened in your instance’s security group for Systems Manager functionality.

For detailed technical information about the SSM Agent, including installation and configuration guidance, visit the AWS Systems Manager User Guide.

IAM Instance Profiles

Typically, managing EC2 instances with AWS Systems Manager requires attaching an IAM instance profile to each instance to grant necessary permissions.

However, Ohlala Operations for Amazon EC2 simplifies this process by configuring the Default Host Management Configuration (DHMC) by default. This approach eliminates the need for manual instance profile assignment, ensuring that Systems Manager has the required permissions to manage all instances in your AWS account and region.

For more information, refer to the AWS documentation on DHMC.

For detailed technical information about the SSM Agent, including installation and configuration guidance, visit the AWS Systems Manager User Guide.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

2 - Prerequisites

A VPC is required with at least two public subnets.

Ohlala Automation for Amazon EC2 requires access to AWS Systems Manager service either through internet or a VPC endpoint AWS Documentation.

An existing EC2 key pair is required.

You’ll also probably need a couple of Windows Server EC2 to test the features.

3 - AWS Marketplace deployment

The easiest way to deploy Ohlala Operations for Amazon EC2 is through the AWS marketplace.

Click on View purchase options:

Ohlala Operations for Amazon EC2 on the AWS marketplace

On the next screen, click on Accept terms:

Accept terms

It may take a minute for the subscription to go through:

Terms accepted

Once the subscription is accepted, you can click on Continue to Configuration:

Continue to Configuration

You can select the fulfillment options (only one option is available for now: Autoscaling Group with public Load Balancer), the software version (latest is 042025) and the region of your choice:

Options

You’re now ready to start deploying Ohlala Operations for Amazon EC2. Click on Launch:

Launch this software

The AWS marketplace has opened the Cloudformation console and has already prefilled the template. Click Next:

Cloudformation template

Choose a unique stack name. The Imageid is already prefilled for you. Select an instance type (c6a.large or c5a.large is recommended for most deployments). Select an existing EC2 Key Pair. Select your VPC from the list and choose two public subnets to deploy the solution to. Finally, enter the CIDR you want to authorize to access the Ohlala Operations for Amazon EC2 web portal:

Warning

Pay attention to the instance type you select. Based on your regions, you may have a limited choice of instance types.

Cloudformation parameters

On the next page, scroll to the bottom and tick the box I acknowledge that AWS CloudFormation might create IAM resources with custom names. and click Next:

CloudFormation IAM acknowledgement

Finally, click Submit:

Submit CloudFormation

After a few minutes, the CloudFormation template is deployed and you can access Ohlala Operations for Amazon EC2 from the URL provided in the output of the CloudFormation template:

Output URL

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

4 - Terraform deployment

Work in progress

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨