As discussed briefly during the introduction to the State Manager service, automation documents are simple JSON-based documents that are designed to help you get started with the automation service quickly and efficiently. You can leverage the predefined automation documents or, alternatively, create your own set. In this section, we will look at how to leverage an existing automation document to patch your Dev EC2 instance and create a new AMI from it:

1. From the EC2 Management Console, select the Documents option from the Systems Manager Shared Resources section.
2. Using the Documents dashboard, you can filter and view only the documents that have Automation set as the Document Type.

3. Select AWS-UpdateLinuxAmi and click on the Content tab to view the automation document as shown here:

The AWS-UpdateLinuxAmi document comprises five distinctive steps, each explained briefly here:

• launchInstance: This step basically launches a new EC2 instance using your Systems Manager IAM instance profile as well as with a user data script that will install the latest copy of the SSM agent on this instance. The SSM agent is vital as it will enable the next steps to be executed using the Run Command as well as State Manger.
• updateOSSoftware: With the instance launched and the SSM agent installed, the next step is responsible for updating the packages in your Linux instance. This is done by executing an update script that methodologically updates the packages and any other software that may be marked for upgrades. You also get the capability to include or exclude a particular set of packages from this step using the IncludePackages and ExcludePackages parameters respectively. If no packages are included, the program updates all available packages on the instance.
• stopInstance: Once the instance is updated with the latest set of packages, the next action simply powers off the instance so that it can be prepped for the image creation process.
• createImage: This step creates a new AMI from your updated Linux instance. The image contains a descriptive name that links it to the source ID and creation time of the image.
• terminateInstance: The final step in the automation document, this step essentially cleans up the execution by terminating the running Linux instance.

Let's look at few simple steps using which we can invoke this particular automation document manually using the automation dashboard.