SlideShare a Scribd company logo

AWS Systems manager 2019

J
John Varghese

This is the deck that was presented at the Bay Area AWS Meetup in October 2019. http://www.meetup.com/awsgurus/

1 of 29
Downloaded 113 times
© 2019, Amazon Web Services, Inc. or its Affiliates.© 2019, Amazon Web Services, Inc. or its Affiliates. Rodney Bozo – Sr. Solutions Architect AWS Systems Manager Gain operational insights and take action 10/15/19
© 2019, Amazon Web Services, Inc. or its Affiliates. Agenda • Quick introduction • Overview of AWS Systems Manager • Demo of the most popular features • Run Command • State Manager • Automation • Patch Manager • Session Manager
© 2019, Amazon Web Services, Inc. or its Affiliates. Rodney Bozo’s background • I have been with AWS for over 3 years. Management Tools SA, focusing on AWS Systems Manager. • Prior to AWS, I was working at a large Washington D.C. based private university, where I was charged with managing the infrastructure supporting 135K users. • Before that, I worked at Microsoft Partner ISVs for almost 10 years. Also, engineering and architecture firms, Managed Service Providers, etc., supporting mostly Microsoft workloads for about 20 years.
© 2019, Amazon Web Services, Inc. or its Affiliates. Management & Governance Optimize Analyze and reduce cost, improve efficiency and security posture Act Take operational action on resources Audit Audit resource configurations, user access, and policy enforcement Monitor Monitor resources and applications
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Management & Governance Monitor resources and applications Optimize to reduce cost and improve security posture Manage resources and take operational action Audit user activity and resource configurations Amazon CloudWatch AWS Trusted Advisor AWS Cost and Usage Report AWS Cost Explorer AWS Systems Manager AWS CloudTrail AWS Config
© 2019, Amazon Web Services, Inc. or its Affiliates. Cloud Management Challenges Managing cloud and hybrid environments using a traditional toolset is complex and costly Traditional IT toolset not built for cloud scale infrastructure Deploying multiple products is a significant overhead Licensing costs and complexity Maintaining enterprise-wide visibility is challenging
© 2019, Amazon Web Services, Inc. or its Affiliates. Customer Challenges Operate safely and securely at scale Map resources to applications and environments Diverse set of tools for managing hybrid cloud Complex licensing and hard to manage the management infrastructure Ability to build custom solutions to meet specific business needs
© 2019, Amazon Web Services, Inc. or its Affiliates. Operate Safely and At Scale The operations cockpit for any cloud at any scale Support AWS, On-Premises, and Other Clouds Use cross-platform capabilities manage both Windows and Linux Group The building blocks of your applications Visualize Operational insights for applications Brings other AWS services in a single console Act Using AWS best practices with built-in safeties
© 2019, Amazon Web Services, Inc. or its Affiliates. Extensible Hybrid Compliance Open Source Cross-platform Extensible Works in hybrid and multi-cloud environments Use existing tools like Ansible, PowerShell DSC, and InSpec for configuration and Compliance SSM Agent is open- sourced on GitHub Windows and Linux support Extensible capabilities to collect custom inventory from instances
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Systems Manager Customers & Partners
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Systems Manager Capabilities Resource Groups Run Command Inventory Patch Manager Automation Parameter Store Maintenance Window State Manager Session Manager Distributor OpsCenter
© 2019, Amazon Web Services, Inc. or its Affiliates. Manage Resources at Scale Resource groups Define the building blocks of your application Give a meaning to a collection of AWS resources (as an app, env, or business unit) Group AWS resources based on tags using a simple query Save a search as a heterogeneous group of (dynamic) resources Interact with a group directly rather than individual resources
© 2019, Amazon Web Services, Inc. or its Affiliates. Improved Visibility and Control Setup operational dashboards Build and customize your own ops-dashboards Leverage your existing Amazon CloudWatch dashboards Leverage your existing CloudWatch metrics Monitor Compliance Visualize your application’s metrics
© 2019, Amazon Web Services, Inc. or its Affiliates. Compliance with Patch Manager Corp Data Center Individual instances not grouped Patch Group=WebServers Patch Group=WebServers Default Patch Baseline for the OS Web Server Patch Baseline Patch Manager Maintenance Window Compliance Notifications!
© 2019, Amazon Web Services, Inc. or its Affiliates. Compliance as Code Author Compliance checks in InSpec (human readable, open-source DSL) on GitHub Run Compliance scans Using Run Command or periodic scans using State Manager View Compliance On Compliance UI or APIs
© 2019, Amazon Web Services, Inc. or its Affiliates. Safe and Secure Operations corp data center VPC1 Tags VPC2 Tags IAM Run Command Amazon CloudWatch Events CloudTrail Auditing
© 2019, Amazon Web Services, Inc. or its Affiliates. Gain Insights FROM Instances corp data center Account 1 Account 2 Inventory Amazon S3 Data Lake Amazon QuickSight AWS Config Any BI Tool!
© 2019, Amazon Web Services, Inc. or its Affiliates. Easy to Use Automation Run the automationRole and permissionInputAutomation document
© 2019, Amazon Web Services, Inc. or its Affiliates. Wait, what’s a Document? • Documents are used to express sequence of actions • Identified using Amazon Resource Names (ARNs) • Create/Edit Documents, versions, view history, and share • Parameter validation reduces human error • Authored in JSON/YAML • Amazon published AWS-named Documents
© 2019, Amazon Web Services, Inc. or its Affiliates. 3 types of Documents used by State Manager • Command Documents – State Manager uses command documents to apply a configuration. These actions can be run on one or more targets at any point during the lifecycle of an instance. Can target instances based upon tags. • Policy Documents - Policy documents enforce a policy on your targets. If the policy document is removed, the policy action (for example, collecting inventory) no longer happens. • Automation Documents - State Manager uses automation documents to apply a configuration. These actions can be run on one or more targets at any point during the lifecycle of an instance. Need to Specify Instance Ids, but can grab Instance IDs based upon Tags with native AWS API Calls.
© 2019, Amazon Web Services, Inc. or its Affiliates. Secrets and Config Data Management Rotate password /app/test/db_password /app/prod/db_password Dev Test Prod App Change notifications (event-based) Email notification
© 2019, Amazon Web Services, Inc. or its Affiliates. Manage Configuration Drift Instances State manager
© 2019, Amazon Web Services, Inc. or its Affiliates. Interactive Access to Instances with Session Manager • Interactive browser-based shell and CLI for EC2 instances • No need to open inbound ports, manage SSH keys or certs • Grant/Revoke access from IAM • Session auditing and logging • Support for AWS PrivateLink CloudTrailIAM Shell or CLI VPC1 EC2 instances Auditing and LoggingAccess Control
© 2019, Amazon Web Services, Inc. or its Affiliates. Distribute Software Packages Supports Installing with safety Windows network drivers CloudWatch metrics & logs A single base agent to install and manage custom software packages Upload, share, and manage package updates and upgrades Install custom packages or AWS agents
© 2019, Amazon Web Services, Inc. or its Affiliates. Other Features Integrated with AWS services such as IAM: granular RBAC CloudTrail: audited actions CloudWatch Events: notification and remediation Config: configuration history Available in all AWS regions including GovCloud Accessible through AWS PrivateLink SSM Agent is installed on AWS Windows Server, Amazon Linux and Ubuntu AMIs Systems Manager is SOC, ISO and PCI compliant, HIPAA enabled
© 2019, Amazon Web Services, Inc. or its Affiliates. Future Direction Operate any environment Continuous Compliance and remediation Intelligent Automation and Insights Open and Extensible Unified Experiences Supports hybrid, other clouds and disconnected environments Open Source management artifacts with Community contributions and Partner Solutions Enterprise grade Solutions. Integrations across AWS Services CloudTrail smart events and Operational Insights ML recommendations One-Click policy via Config Rules with Systems Manager remediation
© 2019, Amazon Web Services, Inc. or its Affiliates. Useful Links AWS Management Tools Blog https://aws.amazon.com/blogs/mt/category/management-tools/amazon-ec2-systems-manager/ AWS Blog https://aws.amazon.com/blogs/aws/category/amazon-ec2-systems-manager/ Product Page https://aws.amazon.com/systems-manager/ Feedback ec2-ssm-feedback@amazon.com Hands-on Labs https://workshop.aws-management.tools/ssm/ 1 2 3 4 5
© 2019, Amazon Web Services, Inc. or its Affiliates. Shameless Plug • Management & Governance Track with 71 sessions • Breakout Sessions (recorded for YouTube), Workshops, Chalk Talks, and Builder Sessions • Customer Meetings (formerly Executive Briefing Center)
© 2019, Amazon Web Services, Inc. or its Affiliates. Thank you!
Ad

Recommended

AWS Systems Manager
AWS Systems ManagerAWS Systems Manager
AWS Systems Manager
Crishantha Nanayakkara
 
Metabase
MetabaseMetabase
Metabase
Wagner Alves
 
AWS SQS SNS
AWS SQS SNSAWS SQS SNS
AWS SQS SNS
Durgesh Vaishnav
 
Aws IAM
Aws IAMAws IAM
Aws IAM
Chamali Liyanage
 
CD using ArgoCD(KnolX).pdf
CD using ArgoCD(KnolX).pdfCD using ArgoCD(KnolX).pdf
CD using ArgoCD(KnolX).pdf
Knoldus Inc.
 
Introduction to python for Beginners
Introduction to python for Beginners Introduction to python for Beginners
Introduction to python for Beginners
Sujith Kumar
 
AWS Lambda
AWS LambdaAWS Lambda
AWS Lambda
Muhammed YALÇIN
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - Introduction
Pranav Ainavolu
 
Cloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and AlarmsCloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and Alarms
Felipe
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security Hub
Crishantha Nanayakkara
 
AWS Lambda
AWS LambdaAWS Lambda
AWS Lambda
Scott Leberknight
 
Microservices Docker Kubernetes Istio Kanban DevOps SRE
Microservices Docker Kubernetes Istio Kanban DevOps SREMicroservices Docker Kubernetes Istio Kanban DevOps SRE
Microservices Docker Kubernetes Istio Kanban DevOps SRE
Araf Karsh Hamid
 
Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...
Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...
Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...
Edureka!
 
AWS AutoScaling
AWS AutoScalingAWS AutoScaling
AWS AutoScaling
Mahesh Raj
 
AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...
AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...
AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...
Simplilearn
 
AWS CloudWatch
AWS CloudWatchAWS CloudWatch
AWS CloudWatch
Kasia Przybylska
 
AWS Cloud Watch
AWS Cloud WatchAWS Cloud Watch
AWS Cloud Watch
zekeLabs Technologies
 
AWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptxAWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptx
Raneesh Ramesan
 
Services comparison among Microsoft Azure AWS and Google Cloud Platform
Services comparison among Microsoft Azure AWS and Google Cloud PlatformServices comparison among Microsoft Azure AWS and Google Cloud Platform
Services comparison among Microsoft Azure AWS and Google Cloud Platform
indu Yadav
 
Amazon SQS overview
Amazon SQS overviewAmazon SQS overview
Amazon SQS overview
محمد نجم.الدين
 
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
Edureka!
 
Amazon EventBridge
Amazon EventBridgeAmazon EventBridge
Amazon EventBridge
Dhaval Nagar
 
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
Amazon Web Services Korea
 
AWS Monitoring & Logging
AWS Monitoring & LoggingAWS Monitoring & Logging
AWS Monitoring & Logging
Jason Poley
 
AWS Storage Gateway
AWS Storage GatewayAWS Storage Gateway
AWS Storage Gateway
zekeLabs Technologies
 
AWS Basics .pdf
AWS Basics .pdfAWS Basics .pdf
AWS Basics .pdf
peramdevi06
 
Elastic Compute Cloud (EC2) on AWS Presentation
Elastic Compute Cloud (EC2) on AWS PresentationElastic Compute Cloud (EC2) on AWS Presentation
Elastic Compute Cloud (EC2) on AWS Presentation
Knoldus Inc.
 
Aws interview questions
Aws interview questionsAws interview questions
Aws interview questions
Puneet Kumar Bhatia (MBA, ITIL V3 Certified)
 
Windows workloads webinar
Windows workloads webinarWindows workloads webinar
Windows workloads webinar
Amazon Web Services LATAM
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB
 
Ad

More Related Content

What's hot (20)

Cloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and AlarmsCloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and Alarms
Felipe
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security Hub
Crishantha Nanayakkara
 
AWS Lambda
AWS LambdaAWS Lambda
AWS Lambda
Scott Leberknight
 
Microservices Docker Kubernetes Istio Kanban DevOps SRE
Microservices Docker Kubernetes Istio Kanban DevOps SREMicroservices Docker Kubernetes Istio Kanban DevOps SRE
Microservices Docker Kubernetes Istio Kanban DevOps SRE
Araf Karsh Hamid
 
Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...
Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...
Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...
Edureka!
 
AWS AutoScaling
AWS AutoScalingAWS AutoScaling
AWS AutoScaling
Mahesh Raj
 
AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...
AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...
AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...
Simplilearn
 
AWS CloudWatch
AWS CloudWatchAWS CloudWatch
AWS CloudWatch
Kasia Przybylska
 
AWS Cloud Watch
AWS Cloud WatchAWS Cloud Watch
AWS Cloud Watch
zekeLabs Technologies
 
AWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptxAWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptx
Raneesh Ramesan
 
Services comparison among Microsoft Azure AWS and Google Cloud Platform
Services comparison among Microsoft Azure AWS and Google Cloud PlatformServices comparison among Microsoft Azure AWS and Google Cloud Platform
Services comparison among Microsoft Azure AWS and Google Cloud Platform
indu Yadav
 
Amazon SQS overview
Amazon SQS overviewAmazon SQS overview
Amazon SQS overview
محمد نجم.الدين
 
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
Edureka!
 
Amazon EventBridge
Amazon EventBridgeAmazon EventBridge
Amazon EventBridge
Dhaval Nagar
 
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
Amazon Web Services Korea
 
AWS Monitoring & Logging
AWS Monitoring & LoggingAWS Monitoring & Logging
AWS Monitoring & Logging
Jason Poley
 
AWS Storage Gateway
AWS Storage GatewayAWS Storage Gateway
AWS Storage Gateway
zekeLabs Technologies
 
AWS Basics .pdf
AWS Basics .pdfAWS Basics .pdf
AWS Basics .pdf
peramdevi06
 
Elastic Compute Cloud (EC2) on AWS Presentation
Elastic Compute Cloud (EC2) on AWS PresentationElastic Compute Cloud (EC2) on AWS Presentation
Elastic Compute Cloud (EC2) on AWS Presentation
Knoldus Inc.
 
Aws interview questions
Aws interview questionsAws interview questions
Aws interview questions
Puneet Kumar Bhatia (MBA, ITIL V3 Certified)
 
Cloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and AlarmsCloudwatch: Monitoring your Services with Metrics and Alarms
Cloudwatch: Monitoring your Services with Metrics and Alarms
Felipe
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security Hub
Crishantha Nanayakkara
 
AWS Lambda
AWS LambdaAWS Lambda
AWS Lambda
Scott Leberknight
 
Microservices Docker Kubernetes Istio Kanban DevOps SRE
Microservices Docker Kubernetes Istio Kanban DevOps SREMicroservices Docker Kubernetes Istio Kanban DevOps SRE
Microservices Docker Kubernetes Istio Kanban DevOps SRE
Araf Karsh Hamid
 
Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...
Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...
Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...
Edureka!
 
AWS AutoScaling
AWS AutoScalingAWS AutoScaling
AWS AutoScaling
Mahesh Raj
 
AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...
AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...
AWS S3 | Tutorial For Beginners | AWS S3 Bucket Tutorial | AWS Tutorial For B...
Simplilearn
 
AWS CloudWatch
AWS CloudWatchAWS CloudWatch
AWS CloudWatch
Kasia Przybylska
 
AWS Cloud Watch
AWS Cloud WatchAWS Cloud Watch
AWS Cloud Watch
zekeLabs Technologies
 
AWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptxAWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptx
Raneesh Ramesan
 
Services comparison among Microsoft Azure AWS and Google Cloud Platform
Services comparison among Microsoft Azure AWS and Google Cloud PlatformServices comparison among Microsoft Azure AWS and Google Cloud Platform
Services comparison among Microsoft Azure AWS and Google Cloud Platform
indu Yadav
 
Amazon SQS overview
Amazon SQS overviewAmazon SQS overview
Amazon SQS overview
محمد نجم.الدين
 
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
Edureka!
 
Amazon EventBridge
Amazon EventBridgeAmazon EventBridge
Amazon EventBridge
Dhaval Nagar
 
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
Amazon Web Services Korea
 
AWS Monitoring & Logging
AWS Monitoring & LoggingAWS Monitoring & Logging
AWS Monitoring & Logging
Jason Poley
 
AWS Storage Gateway
AWS Storage GatewayAWS Storage Gateway
AWS Storage Gateway
zekeLabs Technologies
 
AWS Basics .pdf
AWS Basics .pdfAWS Basics .pdf
AWS Basics .pdf
peramdevi06
 
Elastic Compute Cloud (EC2) on AWS Presentation
Elastic Compute Cloud (EC2) on AWS PresentationElastic Compute Cloud (EC2) on AWS Presentation
Elastic Compute Cloud (EC2) on AWS Presentation
Knoldus Inc.
 
Aws interview questions
Aws interview questionsAws interview questions
Aws interview questions
Puneet Kumar Bhatia (MBA, ITIL V3 Certified)
 

Similar to AWS Systems manager 2019 (8)

Windows workloads webinar
Windows workloads webinarWindows workloads webinar
Windows workloads webinar
Amazon Web Services LATAM
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB
 
Webinar Windows workloads America Latina
Webinar Windows workloads America LatinaWebinar Windows workloads America Latina
Webinar Windows workloads America Latina
Amazon Web Services LATAM
 
Modern Applications Development on AWS
Modern Applications Development on AWSModern Applications Development on AWS
Modern Applications Development on AWS
Boaz Ziniman
 
AWS Meetup Brussels 3rd Sep 2019 Simplify Frontend Apps with Serverless Backends
AWS Meetup Brussels 3rd Sep 2019 Simplify Frontend Apps with Serverless BackendsAWS Meetup Brussels 3rd Sep 2019 Simplify Frontend Apps with Serverless Backends
AWS Meetup Brussels 3rd Sep 2019 Simplify Frontend Apps with Serverless Backends
Patrick Sard
 
Pitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overviewPitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overview
EagleDream Technologies
 
AWS Outposts Update
AWS Outposts UpdateAWS Outposts Update
AWS Outposts Update
AWS Daily News
 
Private Equity Value Creation Carve Outs, Divestitures and mergers
Private Equity Value Creation Carve Outs, Divestitures and mergersPrivate Equity Value Creation Carve Outs, Divestitures and mergers
Private Equity Value Creation Carve Outs, Divestitures and mergers
Tom Laszewski
 
Windows workloads webinar
Windows workloads webinarWindows workloads webinar
Windows workloads webinar
Amazon Web Services LATAM
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB
 
Webinar Windows workloads America Latina
Webinar Windows workloads America LatinaWebinar Windows workloads America Latina
Webinar Windows workloads America Latina
Amazon Web Services LATAM
 
Modern Applications Development on AWS
Modern Applications Development on AWSModern Applications Development on AWS
Modern Applications Development on AWS
Boaz Ziniman
 
AWS Meetup Brussels 3rd Sep 2019 Simplify Frontend Apps with Serverless Backends
AWS Meetup Brussels 3rd Sep 2019 Simplify Frontend Apps with Serverless BackendsAWS Meetup Brussels 3rd Sep 2019 Simplify Frontend Apps with Serverless Backends
AWS Meetup Brussels 3rd Sep 2019 Simplify Frontend Apps with Serverless Backends
Patrick Sard
 
Pitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overviewPitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overview
EagleDream Technologies
 
AWS Outposts Update
AWS Outposts UpdateAWS Outposts Update
AWS Outposts Update
AWS Daily News
 
Private Equity Value Creation Carve Outs, Divestitures and mergers
Private Equity Value Creation Carve Outs, Divestitures and mergersPrivate Equity Value Creation Carve Outs, Divestitures and mergers
Private Equity Value Creation Carve Outs, Divestitures and mergers
Tom Laszewski
 
Ad

More from John Varghese (20)

Lessons Learned From Cloud Migrations: Planning is Everything
Lessons Learned From Cloud Migrations: Planning is EverythingLessons Learned From Cloud Migrations: Planning is Everything
Lessons Learned From Cloud Migrations: Planning is Everything
John Varghese
 
Leveraging AWS Cloudfront & S3 Services to Deliver Static Assets of a SPA
Leveraging AWS Cloudfront & S3 Services to Deliver Static Assets of a SPALeveraging AWS Cloudfront & S3 Services to Deliver Static Assets of a SPA
Leveraging AWS Cloudfront & S3 Services to Deliver Static Assets of a SPA
John Varghese
 
AWS Transit Gateway-Benefits and Best Practices
AWS Transit Gateway-Benefits and Best PracticesAWS Transit Gateway-Benefits and Best Practices
AWS Transit Gateway-Benefits and Best Practices
John Varghese
 
Bridging Operations and Development With Observabilty
Bridging Operations and Development With ObservabiltyBridging Operations and Development With Observabilty
Bridging Operations and Development With Observabilty
John Varghese
 
Security Observability for Cloud Based Applications
Security Observability for Cloud Based ApplicationsSecurity Observability for Cloud Based Applications
Security Observability for Cloud Based Applications
John Varghese
 
Who Broke My Crypto
Who Broke My CryptoWho Broke My Crypto
Who Broke My Crypto
John Varghese
 
Building an IoT System to Protect My Lunch
Building an IoT System to Protect My LunchBuilding an IoT System to Protect My Lunch
Building an IoT System to Protect My Lunch
John Varghese
 
Building a Highly Secure S3 Bucket
Building a Highly Secure S3 BucketBuilding a Highly Secure S3 Bucket
Building a Highly Secure S3 Bucket
John Varghese
 
Reduce Amazon RDS Costs up to 50% with Proxies
Reduce Amazon RDS Costs up to 50% with ProxiesReduce Amazon RDS Costs up to 50% with Proxies
Reduce Amazon RDS Costs up to 50% with Proxies
John Varghese
 
Keynote - Lead the change around you
Keynote - Lead the change around youKeynote - Lead the change around you
Keynote - Lead the change around you
John Varghese
 
Acd19 kubertes cluster at scale on aws at intuit
Acd19 kubertes cluster at scale on aws at intuitAcd19 kubertes cluster at scale on aws at intuit
Acd19 kubertes cluster at scale on aws at intuit
John Varghese
 
Emerging job trends and best practices in the aws community
Emerging job trends and best practices in the aws communityEmerging job trends and best practices in the aws community
Emerging job trends and best practices in the aws community
John Varghese
 
Automating security in aws with divvy cloud
Automating security in aws with divvy cloudAutomating security in aws with divvy cloud
Automating security in aws with divvy cloud
John Varghese
 
AWS temporary credentials challenges in prevention detection mitigation
AWS temporary credentials challenges in prevention detection mitigationAWS temporary credentials challenges in prevention detection mitigation
AWS temporary credentials challenges in prevention detection mitigation
John Varghese
 
Securing aws workloads with embedded application security
Securing aws workloads with embedded application securitySecuring aws workloads with embedded application security
Securing aws workloads with embedded application security
John Varghese
 
Of CORS thats a thing how CORS in the cloud still kills security
Of CORS thats a thing how CORS in the cloud still kills securityOf CORS thats a thing how CORS in the cloud still kills security
Of CORS thats a thing how CORS in the cloud still kills security
John Varghese
 
Native cloud security monitoring
Native cloud security monitoringNative cloud security monitoring
Native cloud security monitoring
John Varghese
 
Last year in AWS - 2019
Last year in AWS - 2019Last year in AWS - 2019
Last year in AWS - 2019
John Varghese
 
Gpu accelerated BERT deployment on aws
Gpu accelerated BERT deployment on awsGpu accelerated BERT deployment on aws
Gpu accelerated BERT deployment on aws
John Varghese
 
EKS security best practices
EKS security best practicesEKS security best practices
EKS security best practices
John Varghese
 
Lessons Learned From Cloud Migrations: Planning is Everything
Lessons Learned From Cloud Migrations: Planning is EverythingLessons Learned From Cloud Migrations: Planning is Everything
Lessons Learned From Cloud Migrations: Planning is Everything
John Varghese
 
Leveraging AWS Cloudfront & S3 Services to Deliver Static Assets of a SPA
Leveraging AWS Cloudfront & S3 Services to Deliver Static Assets of a SPALeveraging AWS Cloudfront & S3 Services to Deliver Static Assets of a SPA
Leveraging AWS Cloudfront & S3 Services to Deliver Static Assets of a SPA
John Varghese
 
AWS Transit Gateway-Benefits and Best Practices
AWS Transit Gateway-Benefits and Best PracticesAWS Transit Gateway-Benefits and Best Practices
AWS Transit Gateway-Benefits and Best Practices
John Varghese
 
Bridging Operations and Development With Observabilty
Bridging Operations and Development With ObservabiltyBridging Operations and Development With Observabilty
Bridging Operations and Development With Observabilty
John Varghese
 
Security Observability for Cloud Based Applications
Security Observability for Cloud Based ApplicationsSecurity Observability for Cloud Based Applications
Security Observability for Cloud Based Applications
John Varghese
 
Who Broke My Crypto
Who Broke My CryptoWho Broke My Crypto
Who Broke My Crypto
John Varghese
 
Building an IoT System to Protect My Lunch
Building an IoT System to Protect My LunchBuilding an IoT System to Protect My Lunch
Building an IoT System to Protect My Lunch
John Varghese
 
Building a Highly Secure S3 Bucket
Building a Highly Secure S3 BucketBuilding a Highly Secure S3 Bucket
Building a Highly Secure S3 Bucket
John Varghese
 
Reduce Amazon RDS Costs up to 50% with Proxies
Reduce Amazon RDS Costs up to 50% with ProxiesReduce Amazon RDS Costs up to 50% with Proxies
Reduce Amazon RDS Costs up to 50% with Proxies
John Varghese
 
Keynote - Lead the change around you
Keynote - Lead the change around youKeynote - Lead the change around you
Keynote - Lead the change around you
John Varghese
 
Acd19 kubertes cluster at scale on aws at intuit
Acd19 kubertes cluster at scale on aws at intuitAcd19 kubertes cluster at scale on aws at intuit
Acd19 kubertes cluster at scale on aws at intuit
John Varghese
 
Emerging job trends and best practices in the aws community
Emerging job trends and best practices in the aws communityEmerging job trends and best practices in the aws community
Emerging job trends and best practices in the aws community
John Varghese
 
Automating security in aws with divvy cloud
Automating security in aws with divvy cloudAutomating security in aws with divvy cloud
Automating security in aws with divvy cloud
John Varghese
 
AWS temporary credentials challenges in prevention detection mitigation
AWS temporary credentials challenges in prevention detection mitigationAWS temporary credentials challenges in prevention detection mitigation
AWS temporary credentials challenges in prevention detection mitigation
John Varghese
 
Securing aws workloads with embedded application security
Securing aws workloads with embedded application securitySecuring aws workloads with embedded application security
Securing aws workloads with embedded application security
John Varghese
 
Of CORS thats a thing how CORS in the cloud still kills security
Of CORS thats a thing how CORS in the cloud still kills securityOf CORS thats a thing how CORS in the cloud still kills security
Of CORS thats a thing how CORS in the cloud still kills security
John Varghese
 
Native cloud security monitoring
Native cloud security monitoringNative cloud security monitoring
Native cloud security monitoring
John Varghese
 
Last year in AWS - 2019
Last year in AWS - 2019Last year in AWS - 2019
Last year in AWS - 2019
John Varghese
 
Gpu accelerated BERT deployment on aws
Gpu accelerated BERT deployment on awsGpu accelerated BERT deployment on aws
Gpu accelerated BERT deployment on aws
John Varghese
 
EKS security best practices
EKS security best practicesEKS security best practices
EKS security best practices
John Varghese
 
Ad

Recently uploaded (20)

TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc
 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Technology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data AnalyticsTechnology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data Analytics
InData Labs
 
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdfSAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
Precisely
 
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven InsightsAndrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell
 
TrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business ConsultingTrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business Consulting
Trs Labs
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
Linux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdfLinux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdf
RHCSA Guru
 
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager APIUiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPathCommunity
 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 
Procurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptxProcurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptx
Jon Hansen
 
Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025
Splunk
 
Cybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure ADCybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure AD
VICTOR MAESTRE RAMIREZ
 
Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)
Ortus Solutions, Corp
 
Drupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy ConsumptionDrupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy Consumption
Exove
 
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptxDevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
Justin Reock
 
Mobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi ArabiaMobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi Arabia
Steve Jonas
 
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc
 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Technology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data AnalyticsTechnology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data Analytics
InData Labs
 
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdfSAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
Precisely
 
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven InsightsAndrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell
 
TrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business ConsultingTrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business Consulting
Trs Labs
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
Linux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdfLinux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdf
RHCSA Guru
 
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager APIUiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPathCommunity
 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 
Procurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptxProcurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptx
Jon Hansen
 
Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025
Splunk
 
Cybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure ADCybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure AD
VICTOR MAESTRE RAMIREZ
 
Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)
Ortus Solutions, Corp
 
Drupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy ConsumptionDrupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy Consumption
Exove
 
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptxDevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
Justin Reock
 
Mobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi ArabiaMobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi Arabia
Steve Jonas
 

AWS Systems manager 2019

  • 1. © 2019, Amazon Web Services, Inc. or its Affiliates.© 2019, Amazon Web Services, Inc. or its Affiliates. Rodney Bozo – Sr. Solutions Architect AWS Systems Manager Gain operational insights and take action 10/15/19
  • 2. © 2019, Amazon Web Services, Inc. or its Affiliates. Agenda • Quick introduction • Overview of AWS Systems Manager • Demo of the most popular features • Run Command • State Manager • Automation • Patch Manager • Session Manager
  • 3. © 2019, Amazon Web Services, Inc. or its Affiliates. Rodney Bozo’s background • I have been with AWS for over 3 years. Management Tools SA, focusing on AWS Systems Manager. • Prior to AWS, I was working at a large Washington D.C. based private university, where I was charged with managing the infrastructure supporting 135K users. • Before that, I worked at Microsoft Partner ISVs for almost 10 years. Also, engineering and architecture firms, Managed Service Providers, etc., supporting mostly Microsoft workloads for about 20 years.
  • 4. © 2019, Amazon Web Services, Inc. or its Affiliates. Management & Governance Optimize Analyze and reduce cost, improve efficiency and security posture Act Take operational action on resources Audit Audit resource configurations, user access, and policy enforcement Monitor Monitor resources and applications
  • 5. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Management & Governance Monitor resources and applications Optimize to reduce cost and improve security posture Manage resources and take operational action Audit user activity and resource configurations Amazon CloudWatch AWS Trusted Advisor AWS Cost and Usage Report AWS Cost Explorer AWS Systems Manager AWS CloudTrail AWS Config
  • 6. © 2019, Amazon Web Services, Inc. or its Affiliates. Cloud Management Challenges Managing cloud and hybrid environments using a traditional toolset is complex and costly Traditional IT toolset not built for cloud scale infrastructure Deploying multiple products is a significant overhead Licensing costs and complexity Maintaining enterprise-wide visibility is challenging
  • 7. © 2019, Amazon Web Services, Inc. or its Affiliates. Customer Challenges Operate safely and securely at scale Map resources to applications and environments Diverse set of tools for managing hybrid cloud Complex licensing and hard to manage the management infrastructure Ability to build custom solutions to meet specific business needs
  • 8. © 2019, Amazon Web Services, Inc. or its Affiliates. Operate Safely and At Scale The operations cockpit for any cloud at any scale Support AWS, On-Premises, and Other Clouds Use cross-platform capabilities manage both Windows and Linux Group The building blocks of your applications Visualize Operational insights for applications Brings other AWS services in a single console Act Using AWS best practices with built-in safeties
  • 9. © 2019, Amazon Web Services, Inc. or its Affiliates. Extensible Hybrid Compliance Open Source Cross-platform Extensible Works in hybrid and multi-cloud environments Use existing tools like Ansible, PowerShell DSC, and InSpec for configuration and Compliance SSM Agent is open- sourced on GitHub Windows and Linux support Extensible capabilities to collect custom inventory from instances
  • 10. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Systems Manager Customers & Partners
  • 11. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Systems Manager Capabilities Resource Groups Run Command Inventory Patch Manager Automation Parameter Store Maintenance Window State Manager Session Manager Distributor OpsCenter
  • 12. © 2019, Amazon Web Services, Inc. or its Affiliates. Manage Resources at Scale Resource groups Define the building blocks of your application Give a meaning to a collection of AWS resources (as an app, env, or business unit) Group AWS resources based on tags using a simple query Save a search as a heterogeneous group of (dynamic) resources Interact with a group directly rather than individual resources
  • 13. © 2019, Amazon Web Services, Inc. or its Affiliates. Improved Visibility and Control Setup operational dashboards Build and customize your own ops-dashboards Leverage your existing Amazon CloudWatch dashboards Leverage your existing CloudWatch metrics Monitor Compliance Visualize your application’s metrics
  • 14. © 2019, Amazon Web Services, Inc. or its Affiliates. Compliance with Patch Manager Corp Data Center Individual instances not grouped Patch Group=WebServers Patch Group=WebServers Default Patch Baseline for the OS Web Server Patch Baseline Patch Manager Maintenance Window Compliance Notifications!
  • 15. © 2019, Amazon Web Services, Inc. or its Affiliates. Compliance as Code Author Compliance checks in InSpec (human readable, open-source DSL) on GitHub Run Compliance scans Using Run Command or periodic scans using State Manager View Compliance On Compliance UI or APIs
  • 16. © 2019, Amazon Web Services, Inc. or its Affiliates. Safe and Secure Operations corp data center VPC1 Tags VPC2 Tags IAM Run Command Amazon CloudWatch Events CloudTrail Auditing
  • 17. © 2019, Amazon Web Services, Inc. or its Affiliates. Gain Insights FROM Instances corp data center Account 1 Account 2 Inventory Amazon S3 Data Lake Amazon QuickSight AWS Config Any BI Tool!
  • 18. © 2019, Amazon Web Services, Inc. or its Affiliates. Easy to Use Automation Run the automationRole and permissionInputAutomation document
  • 19. © 2019, Amazon Web Services, Inc. or its Affiliates. Wait, what’s a Document? • Documents are used to express sequence of actions • Identified using Amazon Resource Names (ARNs) • Create/Edit Documents, versions, view history, and share • Parameter validation reduces human error • Authored in JSON/YAML • Amazon published AWS-named Documents
  • 20. © 2019, Amazon Web Services, Inc. or its Affiliates. 3 types of Documents used by State Manager • Command Documents – State Manager uses command documents to apply a configuration. These actions can be run on one or more targets at any point during the lifecycle of an instance. Can target instances based upon tags. • Policy Documents - Policy documents enforce a policy on your targets. If the policy document is removed, the policy action (for example, collecting inventory) no longer happens. • Automation Documents - State Manager uses automation documents to apply a configuration. These actions can be run on one or more targets at any point during the lifecycle of an instance. Need to Specify Instance Ids, but can grab Instance IDs based upon Tags with native AWS API Calls.
  • 21. © 2019, Amazon Web Services, Inc. or its Affiliates. Secrets and Config Data Management Rotate password /app/test/db_password /app/prod/db_password Dev Test Prod App Change notifications (event-based) Email notification
  • 22. © 2019, Amazon Web Services, Inc. or its Affiliates. Manage Configuration Drift Instances State manager
  • 23. © 2019, Amazon Web Services, Inc. or its Affiliates. Interactive Access to Instances with Session Manager • Interactive browser-based shell and CLI for EC2 instances • No need to open inbound ports, manage SSH keys or certs • Grant/Revoke access from IAM • Session auditing and logging • Support for AWS PrivateLink CloudTrailIAM Shell or CLI VPC1 EC2 instances Auditing and LoggingAccess Control
  • 24. © 2019, Amazon Web Services, Inc. or its Affiliates. Distribute Software Packages Supports Installing with safety Windows network drivers CloudWatch metrics & logs A single base agent to install and manage custom software packages Upload, share, and manage package updates and upgrades Install custom packages or AWS agents
  • 25. © 2019, Amazon Web Services, Inc. or its Affiliates. Other Features Integrated with AWS services such as IAM: granular RBAC CloudTrail: audited actions CloudWatch Events: notification and remediation Config: configuration history Available in all AWS regions including GovCloud Accessible through AWS PrivateLink SSM Agent is installed on AWS Windows Server, Amazon Linux and Ubuntu AMIs Systems Manager is SOC, ISO and PCI compliant, HIPAA enabled
  • 26. © 2019, Amazon Web Services, Inc. or its Affiliates. Future Direction Operate any environment Continuous Compliance and remediation Intelligent Automation and Insights Open and Extensible Unified Experiences Supports hybrid, other clouds and disconnected environments Open Source management artifacts with Community contributions and Partner Solutions Enterprise grade Solutions. Integrations across AWS Services CloudTrail smart events and Operational Insights ML recommendations One-Click policy via Config Rules with Systems Manager remediation
  • 27. © 2019, Amazon Web Services, Inc. or its Affiliates. Useful Links AWS Management Tools Blog https://aws.amazon.com/blogs/mt/category/management-tools/amazon-ec2-systems-manager/ AWS Blog https://aws.amazon.com/blogs/aws/category/amazon-ec2-systems-manager/ Product Page https://aws.amazon.com/systems-manager/ Feedback [email protected] Hands-on Labs https://workshop.aws-management.tools/ssm/ 1 2 3 4 5
  • 28. © 2019, Amazon Web Services, Inc. or its Affiliates. Shameless Plug • Management & Governance Track with 71 sessions • Breakout Sessions (recorded for YouTube), Workshops, Chalk Talks, and Builder Sessions • Customer Meetings (formerly Executive Briefing Center)
  • 29. © 2019, Amazon Web Services, Inc. or its Affiliates. Thank you!