ENT401 Deep Dive with Amazon EC2 Systems Manager
•
3 likes•1,913 views
Whether you are a traditional enterprise exploring migrating workloads to the cloud or are already “all-in” on AWS, performing common tasks of inventory collection, OS patch management, and image creation at scale is increasingly complicated in hybrid infrastructure environments. Amazon EC2 Systems Manager allows you to perform automated configuration and ongoing management of your hybrid environment systems at scale. This session provides an overview of key EC2 Systems Manager capabilities that help you define and track system configurations, prevent drift, and maintain software compliance of your EC2 and on-premises configurations. We will also discuss common use cases for EC2 Systems Manager and give you a demonstration of a hybrid-cloud management scenario.
Report
Share
More Related Content
What's hot
What's hot (20)
Similar to ENT401 Deep Dive with Amazon EC2 Systems Manager
Similar to ENT401 Deep Dive with Amazon EC2 Systems Manager (20)
More from Amazon Web Services
More from Amazon Web Services (20)
Recently uploaded
Recently uploaded (20)
ENT401 Deep Dive with Amazon EC2 Systems Manager
- 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Taylor Anderson, Sr. Product Manager April 19, 2017 Amazon EC2 Systems Manager Hybrid-Cloud Management at Scale
- 2. What to expect from the session • Overview of Amazon EC2 Systems Manager capabilities • Learn how to configure and manage your hybrid-cloud at scale • Demo
- 3. Cloud is the new normal – enterprises of all sizes are moving to the cloud to take advantage of increased agility, lower costs, and a global reach
- 4. Many enterprises often bring their traditional on-premises toolset to manage their cloud and hybrid environments
- 5. Customer challenges Traditional IT toolset not built for cloud scale infrastructure Maintaining enterprise-wide visibility is challenging Deploying multiple products is a significant overhead Licensing costs & complexity Managing cloud and hybrid environments using a traditional toolset is complex and costly
- 6. Introducing Amazon EC2 Systems Manager A set of capabilities that: • enable automated configuration • support ongoing management of systems at scale • work across all of your Windows and Linux workloads • run in Amazon EC2 or on-premises • carry no additional charge to use
- 7. AWS Management Tools ― AWS CloudFormation ― AWS Service Catalog ― AWS OpsWorks EC2 Systems Manager ― Amazon CloudWatch AWS CloudTrail ― AWS Config ― AWS Trusted Advisor ―
- 8. Amazon EC2 Systems Manager capabilities Run Command State Manager Inventory Maintenance Window Patch Manager Automation Parameter Store
- 9. Run Command • Remotely execute shell scripts, PowerShell scripts • Bootstrap an instance, configure the OS, install software • Execute commands ad-hoc, or trigger using CloudWatch Events Remotely perform common administrative tasks at scale
- 10. Run Command Demo • Remotely execute shell and PowerShell scripts • Bootstrap an instance, configure the OS, install software • Execute commands ad-hoc, or trigger using CloudWatch Events Remotely perform common administrative tasks at scale
- 11. Parameter Store • Encrypt sensitive information using your own KMS keys • Reference your parameters in Run Command, State Manager, or Automation service • Use with IAM to manage access in a granular fashion • Eliminate ongoing maintenance challenge of critical enterprise assets Centralized management of IT assets such as passwords and connection strings
- 12. State Manager • Define configuration policy using simple JSON-based Documents • Example: Configure firewall and update anti-malware definitions • Control how configuration policy is applied (schedule, target instances) • Monitor instance compliance Periodically re-apply configuration policies to manage drift
- 13. State Manger & Parameter Store Demo
- 14. Automation Service • Simplify Amazon Machine Images (AMI) maintenance • Source AMI launch instance-> configure instance new AMI • Use to create your “gold” image from an EC2 AMI • Integrate into CI/CD pipeline • Orchestrate instance launches, Run Command execution, Lambda functions, image creation, and instance terminations Automate common tasks using simplified workflows
- 15. Automation Demo
- 16. Inventory • Collect instance and OS details, network configurations, installed software and patches • Use Custom Inventory and extend the inventory schema • Track licensing usage and identify zero-day vulnerabilities • Track inventory state changes over time and generate non- compliance notifications via AWS Config integration Collect, query, and audit instance software inventory
- 17. Inventory Demo
- 18. Maintenance Window • Define one or more recurring windows of time during which it is acceptable for disruptive actions to occur • Periodically invoke Patch Manager or Run Command • Improve availability and reliability of your workloads by automatically performing tasks in a well-defined window of time Schedule disruptive tasks in well-defined window to minimize downtime
- 19. Patch Manager • Express custom patch policies as patch baselines • Example: apply critical patches on day 1 but wait 7 days for non-critical patches • Perform patching during scheduled maintenance windows • Generate patch compliance reports • Eliminate manual intervention and reduce time-to-deploy for critical updates and zero-day vulnerabilities Roll OS patches using custom-defined rules
- 20. Maintenance Window + Patch Manager Demo
- 21. In summary... Hybrid Cross-platform Scalable Secure Easy-to-write automation Expected reduction in total cost of wwnership (TCO)
- 22. Thank you!