Step-by-Step Guide to AWS Systems Manager (On-Premises Instances) – Part 2


In my previous post I showed you how to get an Amazon EC2 instance to report into AWS Systems Manager.  In this blog post I’ll go through how you can get an on-premises instance be it physical or virtual to report into AWS Systems Manager as well.

Create the IAM Role to enable access for Hybrid Environments

  • Create a text file named ‘SSMService-Trust.json’ with the following trust policy. Save the file with the ‘.json’ file extension.


  • Use the create-role command to create the service role.


  • Use attach-role-policy as follows to enable the SSMServiceRole to create a session token. The session token gives your managed instance permission to run commands using Systems Manager.


Continue reading “Step-by-Step Guide to AWS Systems Manager (On-Premises Instances) – Part 2”

Step-by-Step Guide to AWS Systems Manager (EC2 Instances) – Part 1


In this blog post I’ll show you how to configure the relevant components to enable your Amazon EC2 instances to have the ability to be managed via AWS Systems Manager.  In a follow up post, I’ll then show you how to configure the relevant components to allow you to also manage existing on-premises infrastructure via AWS Systems Manager.

There are 2 different types of instances that can be registered with AWS Systems Manager:

  1. Amazon EC2 Instances that are within the Amazon Platform.
  2. On-Premises Instances which are either Physical or Virtual.

In this blog post, I’ll walk through how to get either an Amazon EC2 instance to report into AWS Systems Manager.

Create the IAM Role to enable access for EC2 instances

  • Login to the AWS Management Console.
  • Navigate to Identity and Access Management (IAM).
  • Click Roles.
  • Click Create Role.
  • Select AWS Service and Click EC2.
  • Click Next:Permissions.
  • Filter on ‘SSM’ to make finding the correct policy easier.
  • Select ‘AmazonEC2RoleforSSM’


  • Click Next:Review.
  • Give the IAM Role a name such as ‘ManagedInstanceRoleforSSM’.
  • Click Create Role.

Continue reading “Step-by-Step Guide to AWS Systems Manager (EC2 Instances) – Part 1”

AWS Advanced Networking Specialty

AWS Advanced Networking Specialty

Apologies for the lack of posts recently, however I’ve recently been studying for the AWS Advanced Networking Specialty Exam. Since re:Invent at the latter end of 2017 I’d made the decision to take a little time off of the studying but that changed when Sybex Published the AWS official study guide for the Advanced Networking Specialty. To date the book is still not available here in the UK as the release date seems to keep being delayed (perhaps due to distribution issues) but I was able to order it directly from in the US and get it shipped.

AWS Advanced Networking Official Study Guide

The book itself I thought was extremely good and covered the topics in pretty good detail and what I really liked was that it covered a number of the newer services such as PrivateLink and GuardDuty.

Continue reading “AWS Advanced Networking Specialty”

A New Year and New AWS Exams

AWS Cloud Practitioner

Firstly I’d like to wish a Happy New Year to everyone.  Apologies for the lack of posts recently as I’ve taken a bit of a break from the studying following re:Invent and the festive period.

January has started as last year finished from a work perspective with lots of things currently on the go at the moment and hence why I’ve been trying to recharge myself before continuing with any of the AWS certifications.

Last Friday I attended an event at the AWS UK Headquarters for re:Invent 2.0 comes to London which was focused on the Public Sector.  Whilst there wasn’t any new announcements since it was aimed at people that weren’t able to attend Las Vegas for re:Invent, it was designed to bring to life some of new releases to the platform at a. high level.  Personally for myself, it was a good opportunity to listen to the talk on Elastic Container Service (ECS), AWS Fargate and Amazon Elastic Kubernetes Service (EKS).  Fargate and EKS were two new announcements from re:Invent and I didnt have the opportunity to attend any of the breakout sessions related to those services whilst I was there so it was a good opportunity to learn about them.  I’m going to try and spend some time learning more about containers such as Docker, Kubernetes and Mesos and the use cases for them as opposed to traditional IaaS. Continue reading “A New Year and New AWS Exams”

AWS re:Invent – Day 5

It’s been a few days since re:Invent finished in Las Vegas and am currently still on vacation with my wife. Yesterday evening we decided to go on the LINQ High Roller observation wheel to see the view of the Las Vegas strip. Whilst we were doing so I was looking back at the Venetian and the Sands Expo where so much of re:Invent was held and then noticed the huge structure of where the re:Play party was held. Although it was in the car park of the LINQ there were a significant amount of people working to try and dismantle the temporary structure under flood lights so that it could return to normal.

Whilst doing so I also realised that I hadn’t updated the blog regarding sitting the Solution Architect Professional Exam. As I had booked the exam for the last possible slot that I could, I decided to make sure I was well rested from the party the night before and have a good breakfast as I was sitting it just before lunchtime.

Post breakfast I headed back to my hotel room to do some last minute study. As part of this I reviewed a raft of my notes from my OneNote and reviewed the additional questions that we did on the bootcamp earlier in the week.

Continue reading “AWS re:Invent – Day 5”