AWS Management Tools Blog

Category: Amazon EC2 Systems Manager*

Preventing blacklisted applications with AWS Systems Manager and AWS Config

AWS Systems Manager Inventory collects metadata from Amazon EC2 instances and on-premises instances. AWS Systems Manager Inventory integrates with AWS Config to record inventory data for historical views, change tracking, or auditing. When you use AWS Config recording for systems inventory data you can enable scenarios such as tracking newly installed or removed software applications, […]

Read More

Recommended practices for deleting custom inventory types and data using AWS Systems Manager

AWS Systems Manager Inventory provides an easy and secure way to collect metadata and insights from your managed instances. The service provides ready-to-use inventory gatherers for insights on installed applications, network configurations, file metadata, Windows updates, Windows services, Windows server roles/features, and Windows registry. In addition, you can use AWS Systems Manager Inventory to collect […]

Read More

Scalable cross-platform patching with AWS Systems Manager

Guest Post by Jakub Marciniak, Joseph Bulluss, Mariusz Borys, Thushyanth Sivananthan (DevOps Engineers @Infor), David Benjamin(Lead @Infor) and Martin Jarosinski(Manager @ Infor). ———————————————————————————————————————————————————————————— At Infor, in our effort for continual improvement, we were researching tools that would allow for more efficiency in our patching and overall system management. When the Meltdown and Spectre vulnerabilities were […]

Read More

Using AWS Systems Manager to run compliance scans using InSpec by Chef

As described in the Security Pillar of the AWS Well-Architected Framework, the careful management of the security configurations of the running systems within your environment forms the foundation of how you will maintain robust, secure, scalable systems. InSpec by Chef, an open-source testing framework, provides teams the ability to define and assess system state and […]

Read More

Centralized Management of Multiple Accounts and Cross-Platform EC2 Instances Using AWS Systems Manager

Introduction Many AWS customers, particularly in the public sector, are implementing a central IT agency model. These organizations have an AWS account for central IT that is designated for the management of security and compliance activities such as patch management, use of golden Amazon Machine Images (AMIs), and federates user access for other agencies’ AWS […]

Read More

How to secure infrequently used EC2 instances with AWS Systems Manager

Many organizations have predictable spikes in the usage of their applications and services. For example, retailers see large spikes in usage during Black Friday or Cyber Monday. The beauty of Amazon Elastic Compute Cloud (Amazon EC2) is that it allows customers to quickly scale up their compute power to meet these demands. However, some customers […]

Read More

Password Rotation for Windows on Amazon EC2 Made Easy with EC2Rescue

EC2Rescue for Windows is an easy-to-use tool that you run on an Amazon EC2 Windows Server instance to diagnose and troubleshoot possible problems. A common use of the tool is to reset the local administrator password. Password rotation is an important security task in any organization. In addition, setting strong passwords is necessary to ensure […]

Read More

Enable Modular and Reusable Configuration Using Composite AWS Systems Manager Documents

By Melonia Mendonca, Software Development Engineer at Amazon Web Services AWS Systems Manager (SSM) documents enable infrastructure as code that allows you to configure, manage, and automate your AWS and on-premises resources using AWS Systems Manager services. These SSM Documents define the actions that you want to perform on managed instances. Systems Manager offers a […]

Read More

Integrating AWS CloudFormation with AWS Systems Manager Parameter Store

AWS CloudFormation has always allowed you to customize your templates by using parameters for runtime input values. Parameters make your template code dynamically configurable, improving the reusability of your code. Previously, the only ways you could specify values for these parameters were to pass the plaintext values as arguments to the CloudFormation API, or hard […]

Read More

Automate IIS and HttpErr Logs to Amazon CloudWatch Using EC2 Systems Manager

When you have workloads or applications hosted on IIS Web Server, it’s important to monitor and analyze both IIS and HttpErr logs for abnormalities. IIS logs contain an entry for every request to the site. However, at times, you might not find the requests in IIS logs, even though IIS logging is enabled. There is […]

Read More