AWS SSM gives control over managing remote command executions using EC2 RunCommand. By integrating with AWS Identity and Access Management (IAM), SSM gives more control over managing remote command executions but also provides logs of the remote commands for auditing purpose.
I created a new Document in Systems Manager with the sample data (aws:runPowerShellScript that simply calls Write-Output with the message parameter). When I call mySSMClient.SendCommandAsync() to run this document on an EC2 instance, it fails. The log output in C:\ProgramData\Amazon\SSM\Logs shows the following errors.