AWS Classroom Series – 21/Aug/2020

AWS Systems Manager

  • This service can be used to view & control your infra on AWS.
  • A managed instance is a machine that has been configured to use with Systems Manager
  • Supported machine types are
    • ec2 instances
    • on-premise servers
    • Virtual machines
  • Operating Systems supported include Linux, Raspbian & Windows Servers
  • Capabilities:
    1. Quick Setup: a tool to quickly configure required iam roles commonly used by Systems manager for ec2 instances
    2. Operations Management: suite of capabilities to manage AWS resources
      • Explorer
      • Ops Center
      • Cloud Watch Dashboards
      • Trusted Advisor
    3. Application Management: suite of capabilities to manage your applications on AWS
      • Resource Groups
      • AWS App Config
      • Parameter Store
    4. Actions & Change: Provides capabilities for taking action against or changing your AWS Resources
      • Automation
      • Change Calender
      • Maintenance Windows
    5. Instance & Nodes: Provides capabilities for managing EC2 instances, On-premise servers & VMS (from other clouds)
      • Compliance
      • Inventory
      • Managed Instances
      • Hybrid Activations
      • Session Manager
      • Run Command
      • State Manager
      • Patch Manager
      • Distributor
    6. Shared Resources: uses the shared resources for managing & configuring AWS resources
      • Documents

How AWS System Manager Works

  • System Manager Process flow Preview
  • The steps are
    1. Configure Systems Manager:
      • Use the AWS CLI/SDK/Systems manager console to configure, schedule and automate actions to be performed on AWS Resources
    2. Verification & Processing:
      • Systems Manager verifies the configurations, permissions and sends request to SSM Agent running on your instances or servers in your hybrid environments
    3. Reporting:
      • SSM Agent reports the status of configuration changes etc to Systems Manager in AWS

SSM Agent

  • AWS Systems Manager Agent (SSM) is an amazon provided agent software that can be installed & configured on Ec2 instances, On-Premises or VMs.
  • SSM agent is responsible for Systems Manager to update, manage & configure the resources

Systems Manager Console

  • UI on AWS console Preview

Lets use AWS Systems Manager Quick Setup

  • Quick setup can be used to quickly configure required iam roles & Systems Manager capabilities to your AWS EC2 instances.
  • Quick setup helps you configure
    • AWS IAM instance profile roles for System Manager
    • A scheduled bi-weekly update of SSM Agent
    • A schedule collection of Inventory Metadata for every 30 mins
    • A daily scan of your instances to identify missing patches
    • A schedule monthly update of Cloudwatch Agent and also one-time installation of Cloud Watch Agent
  • Follow the screen shots Preview Preview Preview Preview

Setting up AWS Systems Manager

  • Steps for Setting UP AWS Systems Manager
    1. Create an Admin IAM user for AWS
    2. Create non-Admin IAM users and groups for Systems Manager
    3. Create an IAM instance profile for Systems Manager
    4. Attach an IAM instance profile to EC2 instance
    5. Create VPC Endpoints (Optional)
    6. Create Systems Manager service roles
    7. Setup integrations with other AWS Services.
  • Refer Steps with official documents.
  • Ensure SSM is setup

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin