Default Host Management Configuration and custom instance profile

When you have Default Host Management Configuration (DHMC) enabled and later assign a custom instance profile to an EC2 instance, the custom instance profile will override the DHMC default profile for that specific instance. The instance will not have permissions from both profiles simultaneously.

The DHMC creates and applies a default IAM role to manage EC2 instances in your AWS account and region. However, when you attach a custom instance profile to an instance, you're essentially providing a new set of permissions specific to that instance. This custom profile takes precedence over the DHMC default profile.

It's important to note that if you want the instance to retain the capabilities provided by the DHMC, you should ensure that your custom instance profile includes the necessary permissions. You may want to review the permissions in the AmazonSSMManagedEC2InstanceDefaultPolicy (the policy used by DHMC) and incorporate any required permissions into your custom profile.

Remember that any changes made to the IAM role you choose for an instance apply only to that specific instance, not to all managed EC2 instances in the region and account. If you need to maintain certain DHMC functionalities while using a custom profile, you'll need to explicitly include those permissions in your custom IAM role.

In summary, the custom instance profile will completely override the DHMC default profile for the instance to which it's attached, rather than combining permissions from both profiles.

Sources
Managing EC2 instances automatically with Default Host Management Configuration - AWS Systems Manager
Configure instance permissions required for Systems Manager - AWS Systems Manager