Overview Of AWS Simple System Manager (SSM)

Overview Of AWS Simple System Manager (SSM)

March 15, 2021 / Nirav Shah

“If you have 25+ instances running in AWS. All machines are Linux or Windows machines and you want to update the patches for all machines. Based on this scenario, each time we need to log in to the instance and list the patches in the inventory and select the patches that we need to install in the instances”

This will take more time and a manual process to be completed. This may cause a risk creating vulnerability issues and we may end up opening the 22 ports for all instances to access the machines and install the patches.

Solution ‘AWS Simple System Manager (SSM) is the perfect solution for the above scenario’

By SSM we can automate the task, OS patches and executing the scripts without logging the instances (Linux / Windows).

Amazon EC2 System Manager

• Helps to manage EC2 instance and On-premise systems at scales
• Patching automation for enhanced compliance
• Enable automated configuration
• Works for both Windows and Linux Os
• Support ongoing management of the system at scale
• Work across all of your windows and Linux workstations
• Run in amazon EC2 or on-premises
• Carry no additional charge to use

Amazon System Manager Agent Overview

Software that can be installed and configured on an EC2 instance. Processes systems manager requests and configuration instance.

Supported Linux operating systems:

• Amazon Linux 2014.03 and later
• Ubuntu 12.04 and later
• Rhel 6.5+
• Centos 6.3+
• Windows 2008 later

Resource Group

A resource group is a collection of AWS resources in the same region that match criteria provided in a query.

Run Command

• Remotely and securely manage servers in AWS
• Perform Operating system Changes
• Use the document to execute a script or just run a command
• Execute command across multiple instances
• Support for AWS and on-premises infrastructure
• Rate control and error control
• Perform AWS directory service domain join operations
• Application management such as configuration changes application updates at scale
• Execute third party Configuration management script such as PowerShell, Ansible etc
• Can replace a bastion Host.

State Manager

Define and maintain consistent configuration of operating system and application running in your data centre or in AWS.

Inventory

Provides visibility into the software catalogue and configuration for your Amazon EC2 instance and on-premises servers.

System Manager Documents

• Define the action that the SSM performs on our systems.
• They are written in JSON or YAML and define steps.

Maintenance Windows

Define one or more recurring windows of time during which it is acceptable for any disruptive operation to occur.

Patch Manager

An automated tool that helps you simplify your operating system patching process.

Parameter Store

Centralized store to manage your configuration data, including plain-text data or secrets, encrypted through AWS KMS.

Stay tuned for the lab session on AWS-SSM.

Hire AWS Developer