At 2 AM, an urgent Slack message arrives from the security team: "Log4Shell (CVE-2021-44228) vulnerability—patch all servers immediately." You have 300 EC2 instances. If you search for SSH keys, connect through Bastion, and log into each one individually, you'll burn through the night. You have patching scripts, but how do you push them to 300 instances simultaneously? This is when an operator reaches for AWS Systems Manager (SSM).
SSM started in 2015 as "EC2 Run Command" and has evolved into a massive operations platform that now spans agent-based instance management, centralized configuration, automated patching, session auditing, and complex operational automation