DEV Community

MakendranG
MakendranG

Posted on

Centralized Operations on AWS by using AWS System Manager - Part 2

In this article, you'll get started with Centralized Operations Management by using the capabilities of the system manager, such as

  • Fleet Manager
  • Patch Manager
  • State Manager
  • Automation runbooks.

The article focuses on managing EC2 instances at scale, patching operations on the managed fleet, and using Automation runbooks to simplify maintenance tasks.

Set up AWS Systems Manager using Quick Setup

Quick Setup

Quick setup is a feature of the Systems Manager that can be used to quickly set up security roles on your Amazon EC2 instances. Quick setup can be used in an individual account or across multiple accounts. The minimum required permission to get started is provided by these capabilities, which help you manage and monitor the health of your instances.

To get started with Quick Setup, you need to choose a home region and onboard with it. Quick Setup creates the resources that are used to deploy your configurations in the home region.

IAM roles and permissions

Permissions and roles are part of the IAM. Quick setup creates the following IAM roles on your behalf.

  • AWS-QuickSetup-StackSet-Local-ExecutionRole
  • AWS-QuickSetup-StackSet-Local-AdministrationRole

If you're setting up a management account, Quick Setup creates the following roles on your behalf.

  • AWS-QuickSetup-SSM-RoleForEnablingExplorer
  • AWSServiceRoleForAmazonSSM
  • AWSServiceRoleForAmazonSSM_AccountDiscoverey
  • Launch Amazon EC2 Instances to manage with AWS Systems Manager

Kindly watch the below video to launch Amazon EC2 Instances to manage with AWS Systems Manager.

We used the Quick Setup feature of the Systems Manager to get started. We now have the necessary roles and permissions set up so that we can leverage the power of the Systems Manager.

Patch Nodes Managed By AWS Systems Manager

The process of patching managed nodes with both security-related and other types of updates can be done with the help of Patch Manager.

Patch Manager

  • Patch Manager can be used to apply patches.
  • Patch Manager uses patch baselines, which include rules for auto-approving patches within days of their release, as well as a list of approved and rejected patches.
  • Scheduling patching to run as a Systems Manager State Manager association will allow you to install patches on a regular basis.

We will use a patch baseline to quickly learn how to use Patch Manager.

Kindly watch the below video to Patch your managed nodes using Patch Manager.

We ran a simple patching operation on our managed instances after establishing a default patch baseline. We can schedule patching operations by creating a patching configuration that will allow us to perform patching during a defined window.

Resize an EC2 instance using Systems Manager Automation

Common maintenance, deployment, and remediation tasks can be simplified with the help of automation.

Kindly watch the below video on how to use an automation runbook to resize EC2 instances.

We explored the power of Systems Manager Automation runbooks by resizing our instances to the desired instance type. The Systems Manager Automation runbook reference can be used to get started working with runbooks.

We explored the power of Systems Manager Automation runbooks by resizing our instances to the desired instance type. The Systems Manager Automation runbook reference can be used to get started working with runbooks.

Gratitude for perusing my article till the end. I hope you realized something unique today. If you enjoyed this article then please share it with your buddies and if you have suggestions or thoughts to share with me then please write in the comment box.

Follow me and share your thoughts,
GitHub
LinkedIn
Twitter

The above blog is submitted under 'Devtron Hacktoberfest 2022' conducted by Devtron. Check out their Github repo and give it a star ⭐️ if you like it. Follow Devtron on LinkedIn, Twitter

Top comments (0)