SlideShare ist ein Scribd-Unternehmen logo

Simplify Operations, Compliance and Governance using AWS Systems Manager

Amazon Web Services
Amazon Web Services

This session will discuss how government organizations can employ AWS Systems Manager to gain insights into their environments and simplify operational tasks such as patching the OS or loading applications, for both on-premises instances as well as those within AWS. We will also look into how SSM can simplify governance and compliance from Central IT perspective by demonstrating how Systems Manager can automate credential rotation on servers in order to maintain compliance for various regulatory or compliance workloads.

1 von 35
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Sohaib Tahir Solutions Architect Brian Tracy Sr. Solutions Architect Simplify Operations, Compliance and Governance using AWS Systems Manager
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. What is AWS Systems Manager? • Formerly known as "Amazon EC2 Systems Manager" and "Amazon Simple Systems Manager” (SSM). • Collection of capabilities for configuring and managing your Amazon EC2 instances, on-premises servers and virtual machines, and other AWS resources at scale.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Systems Manager helps you shorten the mean time to detect problems, maintain security and compliance.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Systems Manager – Components State Manager Inventory Maintenance Window Patch Manager Automation Parameter Store Documents Run Command
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Systems Manager Features Service Description Run Command Safely automate common administrative tasks on your instances at scale without SSH or RDP access Inventory Collect and query software inventory Patch Manager Select and deploy OS patches automatically State Manager Define and maintain consistent OS configurations such as firewall settings and anti- malware definitions to comply with policies Maintenance Windows Create recurring time windows to run administrative or any disruptive tasks Automation Create streamlined workflows to update Amazon Machine Images (AMI) for example Parameter Store Centralized location to store, control access, and easily reference configuration data and secrets Insights Dashboard Automatically aggregates and displays operational data for each resource group through a dashboard Resource Groups Resource groups are a way to create a logical group of resources e.g. prod environment
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s dive deep into some of these features
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Resource Groups – Group Resources Define the building blocks of your application • AWS Resource Groups v2 launched last year • Search AWS resources based on tags using a simple query • Save a search as a heterogeneous group of (dynamic) resources
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Built-In (Cross-Service) Insights Gain operational insights • View recent API calls through AWS CloudTrail • View recent configuration changes through AWS Config • View recent events through AWS Personal Health Dashboard • View recommendations through AWS Trusted Advisor
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Build your own operational dashboards Set up CloudWatch dashboards • Build your and customize your own ops- dashboards • Leverage your existing CloudWatch dashboards • Leverage your existing CloudWatch metrics • Visualize your application’s metrics
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Track Software Inventory and Compliance
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Resource Data Sync
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Reactive Action – Mitigate Ongoing Issues • Reduce the mean time to resolution of operational issues • React from within the same console experience • Interact with resource groups directly
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Automation Use AWS vetted documents or create your own  Use community-generated documents  Automate repeatable manual tasks  Open Source Github document repo Trigger documents based on changes to resources  CloudWatch Events or Maintenance Windows as a trigger  Execute on step at a time  Delegated execution to authorized users only Perform bulk operations with built-in safeties  Velocity controls and error thresholds  Run documents on resource groups, tags, or Instance IDs
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Proactive Action – Day-to-Day Operations • Execute commands on any instance or on-premises host • Manage your configuration to mitigate drifts • Set up maintenance windows for common operations • Manage software patches across your fleets • Store your secrets and configuration data
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Patch Manager • Select and deploy OS and software patches. • Patch Baselines include rules for auto- approval of selected patches • List of approved or rejected patches
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. How it works?
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. State Manager • Define and maintain consistent OS configurations. • Specify a configuration policy for your servers. • Automatically applies your configurations • Monitor configuration status of a large set of servers.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Here are few use-cases
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Running Ansible Playbooks through Run Command and State Manager
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Overview • Config Management using Ansible on your EC2 and Hybrid environments • Execute AWS-RunAnsiblePlaybook Document across various Linux distributions running SSM Agent to install an Apache server. • Configure State Manager to enforce configuration and remediate drifts.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s see how it works through a demo
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo Video
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Summary • Native integration with tools like Ansible. • Easy to setup and scale. • Velocity and error control. • Multiple accounts and Hybrid architecture • There is no additional charge for using Systems Manager
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Central IT Governance Model
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Overview • Central IT agency account • Agency accounts or on-premises resources • Automatically apply patches or maintain consistent configurations based on tags and custom schedules across all environments • Execute remote commands.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Password Rotation forWindows on Amazon EC2 Made Easy with EC2Rescue
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Overview • EC2Rescue is Run Command document called AWSSupport- RunEC2RescueForWindowsTool • Option to reset the local administrator password allows to specify which KMS key to use to encrypt the randomly generated password • No downtime EC2 Windows instances already enabled with Systems Manager for password resets • Configure a Systems Manager Maintenance Window to run AWSSupport-RunEC2RescueForWindowsTool on a schedule
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s see it in action through a demo
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo Video
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Wrapping Automated Password Rotation up • Total time to setup this automation? ~ 1 hour • Estimated costs for solution? - $0 There is no additional charge for Systems Manager - (2) KMS keys $1ea/mo - KMS API requests $0.03 per 10,000 (after 20,000 API requests as part of Free Tier)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. What we covered today • Overview of Systems Manager service • How Systems Manager can simplify operations, compliance and governance • Efficiencies and ease-of-use through automation • Fleetwide visibility and management
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Additional Info • Many other potential use cases not mentioned today • System inventory • Patch management • Management of hybrid environments • Install/remove software • Systems Manager is OpenSource and available on GitHub • https://github.com/awslabs/aws-systems-manager
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Questions?
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Solutions Architect, AWS sohaibt@amazon.com Sohaib Tahir Solutions Architect Manager, AWS trabrian@amazon.com Brian Tracy
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank You and Build On!! Please don’t forget to complete your surveys.

Empfohlen

AWS Systems Manager: Bridging Operational Models - SRV212 - Chicago AWS Summit
AWS Systems Manager: Bridging Operational Models - SRV212 - Chicago AWS SummitAWS Systems Manager: Bridging Operational Models - SRV212 - Chicago AWS Summit
AWS Systems Manager: Bridging Operational Models - SRV212 - Chicago AWS SummitAmazon Web Services
 
Too Many Tools - How AWS Systems Manager Bridges Operational Models
Too Many Tools - How AWS Systems Manager Bridges Operational ModelsToo Many Tools - How AWS Systems Manager Bridges Operational Models
Too Many Tools - How AWS Systems Manager Bridges Operational ModelsAmazon Web Services
 
Secure Management of Fleet at Scale
Secure Management of Fleet at ScaleSecure Management of Fleet at Scale
Secure Management of Fleet at ScaleAmazon Web Services
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineAmazon Web Services
 
Lock It Down: How to Secure Your Organization's AWS Account
Lock It Down: How to Secure Your Organization's AWS AccountLock It Down: How to Secure Your Organization's AWS Account
Lock It Down: How to Secure Your Organization's AWS AccountAmazon Web Services
 
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon Web Services
 
Aws organizations
Aws organizationsAws organizations
Aws organizationsOlaf Conijn
 
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...Amazon Web Services
 

Empfohlen

AWS Systems Manager: Bridging Operational Models - SRV212 - Chicago AWS Summit
AWS Systems Manager: Bridging Operational Models - SRV212 - Chicago AWS SummitAWS Systems Manager: Bridging Operational Models - SRV212 - Chicago AWS Summit
AWS Systems Manager: Bridging Operational Models - SRV212 - Chicago AWS SummitAmazon Web Services
 
Too Many Tools - How AWS Systems Manager Bridges Operational Models
Too Many Tools - How AWS Systems Manager Bridges Operational ModelsToo Many Tools - How AWS Systems Manager Bridges Operational Models
Too Many Tools - How AWS Systems Manager Bridges Operational ModelsAmazon Web Services
 
Secure Management of Fleet at Scale
Secure Management of Fleet at ScaleSecure Management of Fleet at Scale
Secure Management of Fleet at ScaleAmazon Web Services
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineAmazon Web Services
 
Lock It Down: How to Secure Your Organization's AWS Account
Lock It Down: How to Secure Your Organization's AWS AccountLock It Down: How to Secure Your Organization's AWS Account
Lock It Down: How to Secure Your Organization's AWS AccountAmazon Web Services
 
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon Web Services
 
Aws organizations
Aws organizationsAws organizations
Aws organizationsOlaf Conijn
 
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...Amazon Web Services
 
Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS OrganizationsAmazon Web Services
 
Achieving Compliance and Selling to Regulated Markets
Achieving Compliance and Selling to Regulated MarketsAchieving Compliance and Selling to Regulated Markets
Achieving Compliance and Selling to Regulated MarketsAmazon Web Services
 
Rodney Lester: Well-Architected - Reliability Instructor Led Lab.pdf
Rodney Lester: Well-Architected - Reliability Instructor Led Lab.pdfRodney Lester: Well-Architected - Reliability Instructor Led Lab.pdf
Rodney Lester: Well-Architected - Reliability Instructor Led Lab.pdfAmazon Web Services
 
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...Amazon Web Services
 
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Amazon Web Services
 
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
 
WKS402A Well-Architected Workshop
WKS402A Well-Architected WorkshopWKS402A Well-Architected Workshop
WKS402A Well-Architected WorkshopAmazon Web Services
 
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018Amazon Web Services
 
Detective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record ChangeDetective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record ChangeAmazon Web Services
 
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...Amazon Web Services
 
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018Amazon Web Services
 
Deep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksDeep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksAmazon Web Services
 
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdfNirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdfAmazon Web Services
 
Announcing Amazon EC2 Systems Manager - Hybrid Cloud Management at Scale
Announcing Amazon EC2 Systems Manager - Hybrid Cloud Management at ScaleAnnouncing Amazon EC2 Systems Manager - Hybrid Cloud Management at Scale
Announcing Amazon EC2 Systems Manager - Hybrid Cloud Management at ScaleAmazon Web Services
 
Automated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrailAutomated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrailAmazon Web Services
 
AWS Well Architected Framework
AWS Well Architected FrameworkAWS Well Architected Framework
AWS Well Architected FrameworkzekeLabs Technologies
 
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Amazon Web Services
 
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Amazon Web Services
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
 
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...Amazon Web Services
 
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Amazon Web Services
 
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...Amazon Web Services
 

Weitere ähnliche Inhalte

Was ist angesagt?

Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS OrganizationsAmazon Web Services
 
Achieving Compliance and Selling to Regulated Markets
Achieving Compliance and Selling to Regulated MarketsAchieving Compliance and Selling to Regulated Markets
Achieving Compliance and Selling to Regulated MarketsAmazon Web Services
 
Rodney Lester: Well-Architected - Reliability Instructor Led Lab.pdf
Rodney Lester: Well-Architected - Reliability Instructor Led Lab.pdfRodney Lester: Well-Architected - Reliability Instructor Led Lab.pdf
Rodney Lester: Well-Architected - Reliability Instructor Led Lab.pdfAmazon Web Services
 
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...Amazon Web Services
 
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Amazon Web Services
 
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
 
WKS402A Well-Architected Workshop
WKS402A Well-Architected WorkshopWKS402A Well-Architected Workshop
WKS402A Well-Architected WorkshopAmazon Web Services
 
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018Amazon Web Services
 
Detective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record ChangeDetective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record ChangeAmazon Web Services
 
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...Amazon Web Services
 
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018Amazon Web Services
 
Deep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksDeep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksAmazon Web Services
 
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdfNirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdfAmazon Web Services
 
Announcing Amazon EC2 Systems Manager - Hybrid Cloud Management at Scale
Announcing Amazon EC2 Systems Manager - Hybrid Cloud Management at ScaleAnnouncing Amazon EC2 Systems Manager - Hybrid Cloud Management at Scale
Announcing Amazon EC2 Systems Manager - Hybrid Cloud Management at ScaleAmazon Web Services
 
Automated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrailAutomated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrailAmazon Web Services
 
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Amazon Web Services
 
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Amazon Web Services
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
 
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...Amazon Web Services
 

Was ist angesagt? (20)

Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS Organizations
 
Achieving Compliance and Selling to Regulated Markets
Achieving Compliance and Selling to Regulated MarketsAchieving Compliance and Selling to Regulated Markets
Achieving Compliance and Selling to Regulated Markets
 
Rodney Lester: Well-Architected - Reliability Instructor Led Lab.pdf
Rodney Lester: Well-Architected - Reliability Instructor Led Lab.pdfRodney Lester: Well-Architected - Reliability Instructor Led Lab.pdf
Rodney Lester: Well-Architected - Reliability Instructor Led Lab.pdf
 
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
 
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
 
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat Response
 
WKS402A Well-Architected Workshop
WKS402A Well-Architected WorkshopWKS402A Well-Architected Workshop
WKS402A Well-Architected Workshop
 
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018
 
Detective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record ChangeDetective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record Change
 
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
 
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
 
Deep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksDeep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech Talks
 
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdfNirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
 
Announcing Amazon EC2 Systems Manager - Hybrid Cloud Management at Scale
Announcing Amazon EC2 Systems Manager - Hybrid Cloud Management at ScaleAnnouncing Amazon EC2 Systems Manager - Hybrid Cloud Management at Scale
Announcing Amazon EC2 Systems Manager - Hybrid Cloud Management at Scale
 
Automated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrailAutomated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrail
 
AWS Well Architected Framework
AWS Well Architected FrameworkAWS Well Architected Framework
AWS Well Architected Framework
 
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
 
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security Scaling
 
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...
 

Ähnlich wie Simplify Operations, Compliance and Governance using AWS Systems Manager

Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Amazon Web Services
 
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...Amazon Web Services
 
Managing Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdfManaging Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdfAmazon Web Services
 
Estate and Patch Management Infrastructure and Operations as Code
Estate and Patch Management Infrastructure and Operations as CodeEstate and Patch Management Infrastructure and Operations as Code
Estate and Patch Management Infrastructure and Operations as CodeAmazon Web Services
 
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...Amazon Web Services
 
Best Practices for Centrally Monitoring Resource Configuration & Compliance (...
Best Practices for Centrally Monitoring Resource Configuration & Compliance (...Best Practices for Centrally Monitoring Resource Configuration & Compliance (...
Best Practices for Centrally Monitoring Resource Configuration & Compliance (...Amazon Web Services
 
AWS Security Week: Infrastructure Security- Your Minimum Security Baseline
AWS Security Week: Infrastructure Security- Your Minimum Security BaselineAWS Security Week: Infrastructure Security- Your Minimum Security Baseline
AWS Security Week: Infrastructure Security- Your Minimum Security BaselineAmazon Web Services
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineAmazon Web Services
 
Enabling Governance, Compliance, and Operational and Risk Auditing with AWS M...
Enabling Governance, Compliance, and Operational and Risk Auditing with AWS M...Enabling Governance, Compliance, and Operational and Risk Auditing with AWS M...
Enabling Governance, Compliance, and Operational and Risk Auditing with AWS M...Amazon Web Services
 
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...Amazon Web Services
 
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...Amazon Web Services
 
Building Manageable Windows Workloads - ARC324 - re:Invent 2017
Building Manageable Windows Workloads - ARC324 - re:Invent 2017Building Manageable Windows Workloads - ARC324 - re:Invent 2017
Building Manageable Windows Workloads - ARC324 - re:Invent 2017Amazon Web Services
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB
 
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...Amazon Web Services
 
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS ConfigSRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS ConfigAmazon Web Services
 
Security Automation using AWS Management Tools
Security Automation using AWS Management ToolsSecurity Automation using AWS Management Tools
Security Automation using AWS Management ToolsAmazon Web Services
 

Ähnlich wie Simplify Operations, Compliance and Governance using AWS Systems Manager (20)

Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
 
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
 
Managing Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdfManaging Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdf
 
Estate and Patch Management Infrastructure and Operations as Code
Estate and Patch Management Infrastructure and Operations as CodeEstate and Patch Management Infrastructure and Operations as Code
Estate and Patch Management Infrastructure and Operations as Code
 
Management@Scale
Management@ScaleManagement@Scale
Management@Scale
 
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
 
Best Practices for Centrally Monitoring Resource Configuration & Compliance (...
Best Practices for Centrally Monitoring Resource Configuration & Compliance (...Best Practices for Centrally Monitoring Resource Configuration & Compliance (...
Best Practices for Centrally Monitoring Resource Configuration & Compliance (...
 
AWS Security Week: Infrastructure Security- Your Minimum Security Baseline
AWS Security Week: Infrastructure Security- Your Minimum Security BaselineAWS Security Week: Infrastructure Security- Your Minimum Security Baseline
AWS Security Week: Infrastructure Security- Your Minimum Security Baseline
 
Enterprise Security
Enterprise SecurityEnterprise Security
Enterprise Security
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security Baseline
 
Enabling Governance, Compliance, and Operational and Risk Auditing with AWS M...
Enabling Governance, Compliance, and Operational and Risk Auditing with AWS M...Enabling Governance, Compliance, and Operational and Risk Auditing with AWS M...
Enabling Governance, Compliance, and Operational and Risk Auditing with AWS M...
 
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
 
Design with Ops in Mind.pdf
Design with Ops in Mind.pdfDesign with Ops in Mind.pdf
Design with Ops in Mind.pdf
 
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
 
Building Manageable Windows Workloads - ARC324 - re:Invent 2017
Building Manageable Windows Workloads - ARC324 - re:Invent 2017Building Manageable Windows Workloads - ARC324 - re:Invent 2017
Building Manageable Windows Workloads - ARC324 - re:Invent 2017
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
 
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...
 
GPSTEC307_Too Many Tools
GPSTEC307_Too Many ToolsGPSTEC307_Too Many Tools
GPSTEC307_Too Many Tools
 
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS ConfigSRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
 
Security Automation using AWS Management Tools
Security Automation using AWS Management ToolsSecurity Automation using AWS Management Tools
Security Automation using AWS Management Tools
 

Mehr von Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Mehr von Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Simplify Operations, Compliance and Governance using AWS Systems Manager

  • 1. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Sohaib Tahir Solutions Architect Brian Tracy Sr. Solutions Architect Simplify Operations, Compliance and Governance using AWS Systems Manager
  • 2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. What is AWS Systems Manager? • Formerly known as "Amazon EC2 Systems Manager" and "Amazon Simple Systems Manager” (SSM). • Collection of capabilities for configuring and managing your Amazon EC2 instances, on-premises servers and virtual machines, and other AWS resources at scale.
  • 3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Systems Manager helps you shorten the mean time to detect problems, maintain security and compliance.
  • 4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Systems Manager – Components State Manager Inventory Maintenance Window Patch Manager Automation Parameter Store Documents Run Command
  • 5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Systems Manager Features Service Description Run Command Safely automate common administrative tasks on your instances at scale without SSH or RDP access Inventory Collect and query software inventory Patch Manager Select and deploy OS patches automatically State Manager Define and maintain consistent OS configurations such as firewall settings and anti- malware definitions to comply with policies Maintenance Windows Create recurring time windows to run administrative or any disruptive tasks Automation Create streamlined workflows to update Amazon Machine Images (AMI) for example Parameter Store Centralized location to store, control access, and easily reference configuration data and secrets Insights Dashboard Automatically aggregates and displays operational data for each resource group through a dashboard Resource Groups Resource groups are a way to create a logical group of resources e.g. prod environment
  • 6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s dive deep into some of these features
  • 7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Resource Groups – Group Resources Define the building blocks of your application • AWS Resource Groups v2 launched last year • Search AWS resources based on tags using a simple query • Save a search as a heterogeneous group of (dynamic) resources
  • 8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Built-In (Cross-Service) Insights Gain operational insights • View recent API calls through AWS CloudTrail • View recent configuration changes through AWS Config • View recent events through AWS Personal Health Dashboard • View recommendations through AWS Trusted Advisor
  • 9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Build your own operational dashboards Set up CloudWatch dashboards • Build your and customize your own ops- dashboards • Leverage your existing CloudWatch dashboards • Leverage your existing CloudWatch metrics • Visualize your application’s metrics
  • 10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Track Software Inventory and Compliance
  • 11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Resource Data Sync
  • 12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Reactive Action – Mitigate Ongoing Issues • Reduce the mean time to resolution of operational issues • React from within the same console experience • Interact with resource groups directly
  • 13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Automation Use AWS vetted documents or create your own  Use community-generated documents  Automate repeatable manual tasks  Open Source Github document repo Trigger documents based on changes to resources  CloudWatch Events or Maintenance Windows as a trigger  Execute on step at a time  Delegated execution to authorized users only Perform bulk operations with built-in safeties  Velocity controls and error thresholds  Run documents on resource groups, tags, or Instance IDs
  • 14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Proactive Action – Day-to-Day Operations • Execute commands on any instance or on-premises host • Manage your configuration to mitigate drifts • Set up maintenance windows for common operations • Manage software patches across your fleets • Store your secrets and configuration data
  • 15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Patch Manager • Select and deploy OS and software patches. • Patch Baselines include rules for auto- approval of selected patches • List of approved or rejected patches
  • 16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. How it works?
  • 17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. State Manager • Define and maintain consistent OS configurations. • Specify a configuration policy for your servers. • Automatically applies your configurations • Monitor configuration status of a large set of servers.
  • 18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Here are few use-cases
  • 19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Running Ansible Playbooks through Run Command and State Manager
  • 20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Overview • Config Management using Ansible on your EC2 and Hybrid environments • Execute AWS-RunAnsiblePlaybook Document across various Linux distributions running SSM Agent to install an Apache server. • Configure State Manager to enforce configuration and remediate drifts.
  • 21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s see how it works through a demo
  • 22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo Video
  • 23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Summary • Native integration with tools like Ansible. • Easy to setup and scale. • Velocity and error control. • Multiple accounts and Hybrid architecture • There is no additional charge for using Systems Manager
  • 24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Central IT Governance Model
  • 25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Overview • Central IT agency account • Agency accounts or on-premises resources • Automatically apply patches or maintain consistent configurations based on tags and custom schedules across all environments • Execute remote commands.
  • 26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Password Rotation forWindows on Amazon EC2 Made Easy with EC2Rescue
  • 27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Overview • EC2Rescue is Run Command document called AWSSupport- RunEC2RescueForWindowsTool • Option to reset the local administrator password allows to specify which KMS key to use to encrypt the randomly generated password • No downtime EC2 Windows instances already enabled with Systems Manager for password resets • Configure a Systems Manager Maintenance Window to run AWSSupport-RunEC2RescueForWindowsTool on a schedule
  • 28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s see it in action through a demo
  • 29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo Video
  • 30. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Wrapping Automated Password Rotation up • Total time to setup this automation? ~ 1 hour • Estimated costs for solution? - $0 There is no additional charge for Systems Manager - (2) KMS keys $1ea/mo - KMS API requests $0.03 per 10,000 (after 20,000 API requests as part of Free Tier)
  • 31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. What we covered today • Overview of Systems Manager service • How Systems Manager can simplify operations, compliance and governance • Efficiencies and ease-of-use through automation • Fleetwide visibility and management
  • 32. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Additional Info • Many other potential use cases not mentioned today • System inventory • Patch management • Management of hybrid environments • Install/remove software • Systems Manager is OpenSource and available on GitHub • https://github.com/awslabs/aws-systems-manager
  • 33. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Questions?
  • 34. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Solutions Architect, AWS sohaibt@amazon.com Sohaib Tahir Solutions Architect Manager, AWS trabrian@amazon.com Brian Tracy
  • 35. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank You and Build On!! Please don’t forget to complete your surveys.