Systems Manager
- An interface for managing AWS resources
- Used for patch management for EC2s
- Used to categorize AWS resources
- view operational data from multiple AWS services
- automate operational tasks across AWS resources
- scans managed instances and reports any policy violations
- associate AWS resources by resource tag
- comprised of individual capabilities
- capabilities are grouped into categories
- Operations Management – manage AWS resources by CloudWatch Dashboards, OpsCenter, Resource Groups, Trusted Advisor and Personal Health Dashboard (PHD)
- Actions and Change category – It is used for activities related to Maintenance and Automation
- Instances and Nodes – for EC2, provides Configuration, Compliance, Inventory Management, State Management, Patch Management
- Shared Resources – involves Systems Manager Documents (SSM), Parameter Store (for configuration data)
Working
- Configure Systems Manager: Use the Systems Manager console, SDK, AWS CLI, or AWS Tools for Windows PowerShell to configure, schedule, automate, and run actions that you want to perform on AWS resources.
- Verification and processing: Systems Manager verifies the configurations, including permissions, and sends requests to the SSM Agent running on instances or servers in hybrid environment. SSM Agent performs the specified configuration changes.
- Reporting: status reporting of configuration changes and any actions being taken in Systems Manager. Reports are sent to user but should be configured.
SSM Agent
- is Amazon software
- installed and configured on
- Amazon EC2 instance
- on-premises server
- a virtual machine (VM).
- The agent also provides facility to
- Updation of resources
- Management of resources
- Configuration of resources
- The agent processes requests from Systems Manager service in AWS, and runs them as specified in request.
- Agent also dispatches the information about execution and status if any, to Systems Manager service
- Agent need to be installed on each instance for providing its services
- is preinstalled, by default, on instances created from following AMIs
- Windows Server 2003-2012 R2
- Windows Server 2016/2019
- Amazon Linux
- Amazon Linux 2
- Ubuntu Server 16.04
- Ubuntu Server 18.04
- Work with Systems Manager by
- Systems Manager Console – browser-based interface
- AWS Command Line Tools
- AWS SDKs
AWS Certified Security - Specialty Free Practice TestTake a Quiz