Automated and Consistent Security Coverage for Amazon EC2 Workloads with Uptycs and AWS Systems Manager

By Justin Harris, Cloud Solution Sales – Uptycs
By Garrett Blondell, Solutions Architect – Uptycs
By John Brunot – Partner Solutions Architect – AWS

Uptycs

Are you looking for a smarter, more efficient, and customizable approach to securing your Amazon Elastic Compute Cloud (Amazon EC2) instances? With the deep integration of Uptycs with AWS Systems Manager, organizations can achieve comprehensive security and control while reducing operational overhead.

In this post, we’ll explore the key benefits of integrating Uptycs with AWS Systems Manager for automated, seamless deployment, enhanced visibility, and effortless management of Uptycs sensors across Amazon EC2 cloud workloads.

Uptycs is an AWS Specialization Partner and AWS Marketplace Seller with Competencies in Containers and Security that helps you make better risk decisions about vulnerabilities and threats through agent-based cloud security and compliance.

AWS Systems Manager is a suite of tools designed to simplify the management of AWS resources like EC2 instances. It offers a unified interface for managing instances, operating systems, applications, and other AWS resources, such as AWS Fargate, AWS Lambda, and Kubernetes worker nodes.

AWS Systems Manager provides a centralized approach to handle tasks like patch management, software inventory, and system configurations across hybrid cloud environments.

Uptycs CNAPP and XDR Security Platform

AWS customers require an integrated cloud security solution with expansive capabilities to address the evolving threat landscape. Uptycs is a unified cloud-native application protection (CNAPP) and endpoint security platform that provides a comprehensive and robust security foundation for your AWS infrastructure and EC2 instances.

Uptycs offers visibility, control, and protection for your cloud workloads, whether they reside on-premises or in the AWS cloud.

By integrating Uptycs with AWS Systems Manager, customers can leverage the combined capabilities of both platforms to strengthen their cloud workload security. This integration automates the process of deploying the Uptycs sensor across multiple instances, ensuring consistent installation and reducing potential security vulnerabilities.

The integration ensures that Systems Manager checks all EC2 workloads to see if they match the defined state, like having the Uptycs sensor installed. If an EC2 instance doesn’t match this state, the Uptycs sensor will be installed. This process provides preventative security and ensures all EC2 instances are always covered by the Uptycs sensor, enhancing your security posture.

Uptycs sensor deployment methods:

• Automated deployment: The integration automates the installation and management of Uptycs sensors across a customer’s EC2 cloud workloads, saving time and reducing the potential for human error.
• Full coverage: The integration ensures all EC2 instances have the Uptycs agent installed, ensuring full coverage and reducing potential security vulnerabilities.
• Customization: Users can customize the Distributor Package and State Manager Association to suit their specific needs, offering adaptability to various infrastructure and security requirements.

How the Uptycs Sensor Works

• The automation template creates an Amazon Simple Storage Service (Amazon S3) bucket, installs the necessary software for the Uptycs sensor, and then leverages AWS Systems Manager to create a distributor package.
• The distributor package contains the automation software leveraged by AWS Systems Manager.
• The native AWS functions within Systems Manager ensure Uptycs sensors are loaded based on the defined criteria, (OS, metadata, etc.) that are configured in AWS Systems Manager’s State Manager.

Components include:

• Uptycs: Cloud-native, sensor-based security solution that provides continuous monitoring, detection, and response capabilities for modern cloud workloads.
• State Manager: Automates the process of keeping instances in a desired state.
• Systems Manager Document: Defines the desired state of the infrastructure.
• Distributor Packages: Used to distribute software and updates to multiple computers or instances.

Prerequisites

• Uptycs subscription and admin access
• AWS Command Line Interface (AWS CLI) with console permissions
• Amazon EC2, AWS IAM, Amazon S3, State Manager permissions
• Terraform
• Python version 3.6 or higher
• AWS account with at least one region enabled for host management
• Amazon EC2 instances must be Systems Manager managed nodes, meaning they’re configured with the AWS Systems Manager Agent (SSM Agent). For more information, see the documentation.

Solution Implementation and Support

The Uptycs onboarding process assists customers with the Uptycs and Systems Manager sensor installation. Support includes automation scripts, detailed diagrams, deployment guides, and templates. Distributor Packages and State Manager associations can be customized from the supplied .zip and manifest.json files.

Users can verify the successful creation of the package in the AWS Management Console.

The following architecture diagram shows Uptycs Distributor Package setup for a single AWS account using Systems Manager integration.

Figure 1 – Uptycs distributor package architecture (single account).

Deployment Options

Integrating Uptycs with AWS Systems Manager streamlines sensor deployment. Systems already in place can pose challenges, but Systems Manager enables remote Uptycs sensor installation across your cloud workloads. It offers versatile deployment options, accommodating various scenarios from single accounts to organization-wide setups.

Additionally, using metadata and tagging methods, customers gain precise control over sensor deployment without the need for extra coding, ensuring an efficient process.

Integrating AWS Systems with Uptycs

Integrating Uptycs with AWS Systems Manager for seamless deployment of Uptycs sensors across Amazon EC2 cloud workloads is a straightforward process that brings numerous benefits to organizations.

Here’s a simplified step-by-step guide:

• Clone the Uptycs AWS Systems Manager integration repository to create a local copy of the solution.
• Create your Uptycs API credential file by downloading it from the Uptycs console. The script requires this file to download relevant files from the Uptycs API and place them in the correct folder.
• Execute the stage-package.py script in the ssm-distributor folder to create the distributor package. This script will build.zip files and a manifest.json file, placing them in a local folder, and uploading them to an S3 bucket in your AWS account.
• Verify the contents of the S3 bucket in your AWS console to ensure the Distributor Package and files have been successfully uploaded.
• Choose to set up the Distributor Package and State Manager Association using either Terraform or AWS CloudFormation, based on your preference. Both options are provided in the repository.
  • Terraform: Move to the terraform folder, modify the variables.tf and setup.tfvars files to set the required variables, initialize Terraform using the terraform init command, create a plan using terraform plan, and apply the resources using terraform apply -var-file=setup.tfvars --auto-approve.
  • CloudFormation: Refer to the CloudFormation document provided in the repository for instructions.
• Once the setup is complete, verify the successful creation of the distributor package and State Manager Association in your AWS console under AWS Systems Manager.

By following these steps, organizations can integrate Uptycs with AWS Systems Manager for automated deployment of Uptycs sensors across EC2 workloads.

Conclusion

Integrating AWS Systems Manager with Uptycs is a significant step towards securing your cloud workloads and safeguarding your digital assets. This integration ensures consistent installation, reduces potential security vulnerabilities, and enhances the security posture of your AWS infrastructure.

With Uptycs and AWS Systems Manager working together, organizations can achieve unified management, comprehensive visibility, automated patch management, and proactive threat detection and response, empowering them to secure their cloud environments effectively.

You can also learn more about Uptycs on AWS Marketplace.

.

.

Uptycs – AWS Partner Spotlight

Uptycs is an AWS Specialization Partner that helps you make better risk decisions about vulnerabilities and threats through agent-based cloud security and compliance.

Contact Uptycs | Partner Overview | AWS Marketplace