March 15, 2021 / Eternal Team
“If you have 25+ instances running in AWS. All machines are Linux or Windows machines and you want to update the patches for all machines. Based on this scenario, each time we need to log in to the instance and list the patches in the inventory and select the patches that we need to install in the instances”
This will take more time and a manual process to be completed. This may cause a risk creating vulnerability issues and we may end up opening the 22 ports for all instances to access the machines and install the patches.
Solution ‘AWS Simple System Manager (SSM) is the perfect solution for the above scenario’
By SSM we can automate the task, OS patches and executing the scripts without logging the instances (Linux / Windows).
Amazon EC2 System Manager
Amazon System Manager Agent Overview
Software that can be installed and configured on an EC2 instance. Processes systems manager requests and configuration instance.
Supported Linux operating systems:
A resource group is a collection of AWS resources in the same region that match criteria provided in a query.
Define and maintain consistent configuration of operating system and application running in your data centre or in AWS.
Provides visibility into the software catalogue and configuration for your Amazon EC2 instance and on-premises servers.
System Manager Documents
Define one or more recurring windows of time during which it is acceptable for any disruptive operation to occur.
An automated tool that helps you simplify your operating system patching process.
Centralized store to manage your configuration data, including plain-text data or secrets, encrypted through AWS KMS.
Stay tuned for the lab session on AWS-SSM.