AWS Management Tools Blog

Tag: AWS Systems Manager

Managing AWS resources across multiple accounts and Regions using AWS Systems Manager Automation

AWS Systems Manager Automation simplifies common administrative and maintenance tasks of AWS resources. Using Systems Manager Automation, you can execute predefined tasks/workflows in the form of AWS Systems Manager documents (SSM documents) that you can write yourself or use community published documents. A SSM document defines the actions that Systems Manager performs on your AWS […]

Read More

How to patch Windows EC2 instances in private subnets Using AWS Systems Manager

Patching Windows instances in private subnets could be challenging since those Amazon EC2 instances have no internet connectivity. In this blog post we explain how to use AWS Systems Manager and Windows Server Update Services (WSUS) to keep those instances updated. We’ll create a new VPC with the proper endpoints, security groups, and network access […]

Read More

Reporting and remediating EC2 instances that AWS Systems Manager doesn’t list as managed instances

One of the primary features of AWS Systems Manager is Run Command. Run Command lets you remotely and securely manage the configuration of your managed instances. A managed instance is any Amazon EC2 instance that has been configured for Systems Manager. Now that the service has released the ec2-instance-managed-by-ssm, this is a good time to […]

Read More
AWS-ApplyDSCMofs Document Diagram

Run compliance enforcement and view compliant and non-compliant instances using AWS Systems Manager and PowerShell DSC

Point-and-click management randomizes servers with every single change made. It’s great to configure your servers with code. In addition, having automation to manage server configuration and compliance helps companies save time, improve availability, and lower the risks associated with up-time and security. However, the learning experience and administrative effort required to maintain such an environment […]

Read More

Centralized multi-account and multi-Region patching with AWS Systems Manager Automation

AWS Systems Manager Automation now supports multi-account and multi-Region actions enabling you to centrally manage your AWS resources. This feature reduces the time and overhead needed for enterprise-wide configuration, operational actions, and compliance remediation. In this blog post, I show you how to use AWS Systems Manager Automation to patch your managed instances across multiple […]

Read More

Applying customizations automatically in AWS OpsWorks for Chef Automate

During mandatory maintenance, AWS OpsWorks for Chef Automate performs Chef Server and Chef Automate version, security, and operating system patching. Version updates for Chef go through extensive testing to verify they are production ready and don’t disrupt existing environments. When an instance is replaced, customers often ask how they can restore their custom settings in […]

Read More

How to setup and use AWS OpsWorks for Chef Automate or Puppet Enterprise in an isolated subnet

Introduction For enhanced security, it’s often preferable to place resources in AWS within a subnet with no internet access. Recently, AWS expanded the number of services supported by interface VPC endpoints within the AWS ecosystem, so it’s now easier than ever to run AWS OpsWorks for Chef Automate or AWS OpsWorks for Puppet Enterprise within […]

Read More

Using AWS Systems Manager Parameter Store Secure String parameters in AWS CloudFormation templates

When using AWS CloudFormation templates to code your infrastructure, you should consider applying best practices to improve the maintainability of your code. Further, these best practices should be augmented by guidelines like those outlined for twelve-factor apps, which are targeted at optimizing applications for continuous deployment. Of these factors, you should note that you should […]

Read More

Use new resource types in AWS Resource Groups to support day-to-day operations

AWS Resource Groups recently announced its support for additional resource types, including Amazon DynamoDB tables, AWS CloudTrail trails, Amazon SageMaker models, and many more. This blog post will walk you through some examples of how you could use AWS Resource Groups, and its new resource type support to drive some of your day-to-day operations. AWS […]

Read More

Smart RDP and SSH remediation with AWS Systems Manager Automation API actions

Here in AWS Support, I often help customers regain RDP or SSH access to their instances. It’s a common problem, but the identification of a correct solution could take some time, even hours or days if the right information isn’t available. Even with the most up-to-date playbook, it is easy to miss simple checks that […]

Read More