100 Days of AWS — Day 20- AWS System Manager — Part 1
To view the complete course, please enroll it using the below link(it’s free)
https://www.101daysofdevops.com/courses/100-days-of-aws/
Welcome to Day 20 of 100 Days of AWS. The topic for today is AWS System Manager — Part 1.
What Is AWS Systems Manager?
AWS Systems Manager is a collection of capabilities for configuring and managing your Amazon EC2 instances, on-premises servers and virtual machines, and other AWS resources at scale.
In order to setup AWS System Manager these are the steps you need to follow
- Setting up IAM Role for System Manager
https://us-east-1.console.aws.amazon.com/iamv2 → Roles → Create role
Select an AWS service and under Common use cases select EC2. Click on Next
- Under Permissions policies search for AmazonEC2RoleforSSM and AmazonSSMFullAccess click on Next
- Give your role some meaningful name and click on Create role
2. Go to EC2 console https://us-west-2.console.aws.amazon.com/ec2 , under Actions, select Security and Modify IAM role
- Choose the IAM Role, you have create in previous step and click on Save.
3. For this purpose of this demo, I am using Amazon Linux 2, which has amazon-ssm rpm already installed.
$ cat /etc/os-releaseNAME="Amazon Linux"VERSION="2"
- To verify it
$ rpm -qa|grep -i ssmamazon-ssm-agent-3.1.1188.0-1.amzn2.x86_64
- In order to install the agent on Centos/RedHat run the below command
sudo yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm- Once System Manager is installed https://us-west-2.console.aws.amazon.com/systems-manager/ → Node Management → Fleet Manager, you will see the managed instance
- Under Node Management → Run Command → Run a Command
- Under Run a command, select AWS-RunShellScript, under Commands (ls -l ) and under Choose Instances Manually. Click on Run
- If the command is executed successfully, you will see the Overall status as Success.
- Click on the instance and check the output
- You can execute the same command via AWS cli
$ aws ssm send-command --document-name "AWS-RunShellScript" --parameters commands=["ls -l"] --targets "Key=instanceids,Values=<instance id"AWS Systems Manager Inventory
AWS Systems Manager Inventory provides visibility into your Amazon EC2 and on-premises computing environment. You can use Inventory to collect metadata from your managed instances. You can store this metadata in a central Amazon Simple Storage Service (Amazon S3) bucket, and then use built-in tools to query the data and quickly determine which instances are running the software and configurations required by your software policy, and which instances need to be updated.
- In the next tab
- Give you inventory some name
* Targets: Either Manually select the instance or better to use Tag so that all the future installed instance will be tracked automatically
* Schedule: How frequently you want to collect Inventory
* Parameter: Different Parameter you want to collect
Click on Setup Inventory at the bottom of the page.
- After waiting for few min, you will see something like this
In this blog we have explored two features of System Manager. It provides lots of other features which we explore in the next part of this blog.
