You can run administration tasks like a run command document that are potentially disruptive manually or during a predefined maintenance window.  A maintenance window gives you the ability to schedule tasks such as patching an operating system, updating drivers on your ec2 instances, installing software, or schedule tasks on supported resources.  You can set limits for simultaneous executions and allowable error rates. 

A maintenance window is an independent resource that allows you to define and run complex tasks using a Run command document, an AWS Step Functions, or an AWS Lambda Function.  You can also view a history of all tasks executed in a maintenance window if needed. 

How does a maintenance window work? 

First, you need to define a schedule which specifies the time window when potentially disruptive actions can take place.  You can define the start time and the end time. You can also use Cron or Rate expressions to define the time period. 

You can also need to specify the duration of the maintenance window in hours. 

Once a maintenance window is created you can register targets to it by name which assigns a set of instances to your maintenance window. You specify instance tags, choose a resource group or choose instances manually.

You can also Register to run a command document task, register to run an Automation document Task, register to execute a Lambda Function Task or register to execute Step Functions Task.

Maintenance windows can run any number of tasks on your managed instances avoiding operational downtime so that you can run administration tasks that are potentially disruptive during a predefined period where changes can be applied.