How to Centralize AWS SSM with multiples accounts

I'm trying to setup AWS SSM with one environment to administer all organizations/accounts that my clients have.

I tried to setup using this article: Centralized Multi-account and Multi-region Patching with AWS Systems Manager Automation but I have not been successful using SSM Automation.

Can anyone clarify if there is another, more simple way?


SSM does not allow centralization of all resources, only of automations. What are allowed to be done are hybrid activations, however these are suitable for On Premise environments and not for configurations between accounts on AWS.

On the other hand, SSM currently released a quick setup that allows you to configure other regions in a single location, but I did not perform the test by setting all the resources. The ideal is just to use the automation option that allows multi-account.

AWS also has landing zones which is a standard to be followed for dividing configurations and administrations between clouds, such as having a private cloud for security and logging using the AWS Control Tower. But there is nothing documented about centralizing SSM with Landing zones

https://aws.amazon.com/pt/solutions/implementations/aws-landing-zone/