Hi, I’m Fabrizio Mariani, and I work here at Blue Sentry Cloud as a DevOps Team Leader.
One of the things that I get frequently asked from our customers is “How do we manage the infrastructure operational tasks at scale, such as patching servers regularly to stay up to date with the vulnerabilities for security compliance, installing a package into a set of servers simultaneously, or simply connect to your private managed instances securely without requiring a Bastion host or a VPN connection.”
This is only scratching the surface of one of the many things that the AWS systems manager can help you achieve.
Removing complexity with the free manager services that AWS provides will make this your favorite tool to automate security and machine management.
In this video, I’m going to tell you about four of the several things that AWS systems manager can help you achieve.
This subservice front systems manager provides visibility into ec2 and on-premises compute environments.
By collecting resource metadata as instance operating system details, network configuration, installed software and packages, or any custom data about these managed instances and storing that information in S3.
Then using AWS built-in tools, it’s possible to determine which instances are running the software and configurations that are required by your organization’s policies and which instances need to be upgraded.
Serverless, scalable, durable, easy to use, and free, what else do we want?
This is one of the features that we use the most here at Blue Sentry.
It provides a centralized star to manage any configuration data, whether plain text such as a database string or secrets such as passwords or license keys are encrypted through AWS KMS.
With parameters stored, your information stays within your environment, saving you from the manual overhead of storing and managing it in configuration files.
Session manager is a fully managed capability that allows you to connect to your Amazon ec2 instances through an interactive web-based shell or through the AWS CLI.
Session manager provides secure and auditable instance management without requiring to open inbound ports in firewalls, maintain Bastion hosts, or manage SSH keys.
Role-based access through IEM controls who can use and access this service.
Let’s say you are a systems administrator who is responsible for managing hundreds or even thousands of servers and let’s say that you want to install a package such as Docker on a portion of those servers.
You could connect to each instance individually and install Docker manually but at some point that task will become repetitive and tedious.
So, we need to find a way to automate this, right?
That’s where systems manager automation comes into play.
Installations can be scheduled, rotated, checked, and logged just in a few seconds.
These are only a few of the things that AWS systems manager can do for you and your organization.
I hope this video provided some clarity around the automation that AWS has built-in for free that will automate many routines that will help make your cloud operations more efficient.