AWS Systems Manager Full Tutorial | AWS SSM Concept + Demo

Опубликовано: 06 Ноябрь 2023
на канале: Cloud Guru

977

Learn AWS Systems Manager to help you manage your EC2 and on-premises systems at scale!

Join WhatsApp: https://www.whatsapp.com/channel/0029...

👉Get CloudWays ➜ https://www.cloudways.com/en/?id=1365224
💥CloudWays COUPON CODE: CLOUDGURU25
☝️☝️ USE THE EXCLUSIVE COUPON CODE ABOVE TO GET 25% OFF FOR 3 MONTHS💥

AWS Systems Manager - With Systems Manager, you can group resources, like Amazon EC2 instances, Amazon EKS clusters, Amazon S3 buckets, or Amazon RDS instances, by application, view operational data for monitoring and troubleshooting, implement pre-approved change work flows, and audit operational changes for your groups of resources. Systems Manager simplifies resource and application management, shortens the time to detect and resolve operational problems, and makes it easy to operate and manage your infrastructure securely at scale.

Session Manager
AWS Systems Manager provides a browser-based interactive shell and CLI for managing Windows and Linux EC2 instances, without the need to open inbound ports, manage SSH keys, or use bastion hosts. Administrators can grant and revoke access to instances through a central location by using AWS Identity and Access Management (IAM) policies. This allows you to control which users can access each instance, including the option to provide non-root access to specified users. Once access is provided, you can audit which user accessed an instance and log each command to Amazon S3 or Amazon Cloud Watch Logs using AWS CloudTrail.

Run Command
AWS Systems Manager provides you safe, secure remote management of your instances at scale without logging into your servers, replacing the need for bastion hosts, SSH, or remote PowerShell. It provides a simple way of automating common administrative tasks across groups of instances such as registry edits, user management, and software and patch installations. Through integration with AWS Identity and Access Management (IAM), you can apply granular permissions to control the actions users can perform on instances. All actions taken with Systems Manager are recorded by AWS CloudTrail, allowing you to audit changes throughout your environment.

Manually install SSM Agent on Amazon Linux 2 instances

$sudo yum install -y https://s3.region.amazonaws.com/amazo...

$sudo systemctl enable amazon-ssm-agent
$sudo systemctl start amazon-ssm-agent
$sudo systemctl status amazon-ssm-agent

If you already use other Systems Manager capabilities, such as Run Command or Parameter Store, an instance profile with the required basic permissions for Session Manager might already be attached to your instances. If an instance profile that contains the AWS managed policy AmazonSSMManagedInstanceCore is already attached to your instances, the required permissions for Session Manager are already provided.

To add permissions for Session Manager actions to an existing IAM instance profile that does not rely on the AWS-provided default policy AmazonSSMManagedInstanceCore, follow the steps in video to Adding Session Manager permissions to an existing instance profile.

#awsssm #awssystemsmanager #aws