This scriptblock will create or update an AWS Systems Manager association

Create-SSMAssociation

$ProfileName = ''
$AWSRegion = 'us-west-2'

$AssociationName = 'MyAssociationName'
$ComplianceSeverity = [Amazon.SimpleSystemsManagement.AssociationComplianceSeverity]::MEDIUM
$MaxConcurrency = '10%'
$MaxError = '5%'
$ExecutionTimeoutInSeconds = '300'
$ScheduleExpression = 'rate(1 hour)'

$TargetTagKey = 'TagKey'
$TargetTagValues = @( 'TagValue' )

# DO THE WORK!
$scriptBlock = {
    Write-Host 'Do some work!'
}

$target = [Amazon.SimpleSystemsManagement.Model.Target]::new()
$target.Key = 'tag:{0}' -f $TargetTagKey
$target.Values = $TargetTagValues

$auth = @{
    ProfileName = $ProfileName
    Region = $AWSRegion
}

$ssmAssociation = @{
    AssociationName = $AssociationName
    ComplianceSeverity = $ComplianceSeverity
    MaxConcurrency = $MaxConcurrency
    MaxError = $MaxError
    Name = 'AWS-RunPowerShellScript'
    Parameter = @{
        commands = $scriptBlock.ToString()
        executionTimeout = $ExecutionTimeoutInSeconds
    }
    ScheduleExpression = $ScheduleExpression
    Target = @( $target )
}

$currentAssociation = Get-SSMAssociationList @auth | Where-Object {$_.AssociationName -eq $AssociationName}
if ($currentAssociation.AssociationId)
{
    $null = Update-SSMAssociation -AssociationId $currentAssociation.AssociationId @ssmAssociation @auth
}
else
{
    $null = New-SSMAssociation @ssmAssociation @auth
}