AWS Management & Governance Blog
Category: AWS Systems Manager
Orchestrating multi-step, custom patch processes using AWS Systems Manager Patch Manager
The ongoing management of operating system and application-level patching is critical for ensuring that your organization’s software is up to date and meets compliance policies. Patching is not always a straightforward process. You often need to orchestrate custom procedures, workflows, and scripts to ensure that applications can be safely stopped, started, and verified during the […]
Read MoreContinuous permissions rightsizing to ensure least privileges in AWS using CloudKnox and AWS Config
This blog post was contributed by Kanishk Mahajan, AWS and Maya Neelakandhan, CloudKnox As you migrate your workloads to the cloud or operate your existing workloads in the cloud it would be ideal if every application was deployed with the exact permissions that it required. In practice, however, the effort required to determine the precise […]
Read MoreStreamline server fleet management with AWS Systems Manager Fleet Manager
Organizations manage an increasingly diverse IT infrastructure, one that spans cloud and on-premises environments and uses different tools and services. Managing these diverse hybrid environments can be complicated and resource-intensive. Fleet Manager, a new feature in AWS Systems Manager, makes it easy and cost-effective to remotely manage Windows and Linux servers running across AWS, on-premises, […]
Read MoreView AWS Config rules across multiple accounts and Regions using AWS Systems Manager Explorer
AWS Systems Manager Explorer is a customizable operations dashboard that displays an aggregated view of operations data from across your AWS accounts and AWS Regions. Explorer provides context into how operational issues are distributed, trend over time, and vary by category. In this blog post, I explain how Explorer gathers the compliance status of AWS […]
Read MoreConfiguring AWS Systems Manager Session Manager run as support for federated users using session tags
In this blog post, we share a procedure for configuring AWS Systems Manager Session Manager run as support for Active Directory (AD) federated users using AWS Security Token Service (AWS STS) session tags. We show you how to start a Session Manager session using the AD user name of the federated user on an AD-joined […]
Read MoreLimit interactive session commands by groups of users using AWS Systems Manager
Customers are looking for a way to limit the types of commands that can be run on their Amazon Elastic Compute Cloud (Amazon EC2) instances when using AWS Systems Manager Session Manager interactive sessions. Allowed commands vary by group, meaning you need to allow different sets of commands based on the group of users. For […]
Read MoreDevSecOps for auto healing PCI DSS 3.2.1 violations in AWS using custom AWS Config conformance packs, AWS Systems Manager and AWS CodePipeline
If you migrate your workloads to the cloud to modernize your applications or secure infrastructure and operations, you’ll find these migrations are increasingly performed with a DevOps methodology that incorporates continuous development, integration, and testing. It is always a best practice to incorporate security as code in your DevOps workflows to uncover security issues when […]
Read MoreOpen sesame: Granting privileged access to EC2 instances with Session Manager
In this guest blog post, Herman Lee (Cloud Solution Architect, VP) and Nauman Noor (Managing Director) from the public cloud engineering team at State Street discuss their use of AWS Systems Manager Session Manager for privileged access management of Amazon EC2 instances. State Street Corporation is a financial services company responsible for the management, custody, […]
Read MoreManage AWS Managed Microsoft AD resources with Session Manager port forwarding
Active Directory administrators are accustomed to managing domain resources using Remote Server Administrators Tools (RSAT) installed on either their workstations or a member server in the domain. When it comes to managing resources on a managed Active Directory service, such as the case with AWS Managed Microsoft AD, these tools must be available for administrators […]
Read MoreManage your Amazon EC2 macOS instances with AWS Systems Manager
Are you using macOS for developing, building, testing, and signing applications for Apple devices? To all the thriving community of millions of developers worldwide building applications on Apple platforms, we at AWS bring you the first ever macOS based compute environments in the public cloud. Yes, you read that right! You can now run macOS […]
Read More