Month: May 2018

Step-by-Step Guide to AWS Systems Manager (On-Premises Instances) – Part 2

AWSSystemsManager

In my previous post I showed you how to get an Amazon EC2 instance to report into AWS Systems Manager.  In this blog post I’ll go through how you can get an on-premises instance be it physical or virtual to report into AWS Systems Manager as well.

Create the IAM Role to enable access for Hybrid Environments

  • Create a text file named ‘SSMService-Trust.json’ with the following trust policy. Save the file with the ‘.json’ file extension.

SSM-IAM-1

  • Use the create-role command to create the service role.

SSM-IAM-2

  • Use attach-role-policy as follows to enable the SSMServiceRole to create a session token. The session token gives your managed instance permission to run commands using Systems Manager.

SSM-IAM-3

Continue reading “Step-by-Step Guide to AWS Systems Manager (On-Premises Instances) – Part 2”

Step-by-Step Guide to AWS Systems Manager (EC2 Instances) – Part 1

AWSSystemsManager

In this blog post I’ll show you how to configure the relevant components to enable your Amazon EC2 instances to have the ability to be managed via AWS Systems Manager.  In a follow up post, I’ll then show you how to configure the relevant components to allow you to also manage existing on-premises infrastructure via AWS Systems Manager.

There are 2 different types of instances that can be registered with AWS Systems Manager:

  1. Amazon EC2 Instances that are within the Amazon Platform.
  2. On-Premises Instances which are either Physical or Virtual.

In this blog post, I’ll walk through how to get either an Amazon EC2 instance to report into AWS Systems Manager.

Create the IAM Role to enable access for EC2 instances

  • Login to the AWS Management Console.
  • Navigate to Identity and Access Management (IAM).
  • Click Roles.
  • Click Create Role.
  • Select AWS Service and Click EC2.
  • Click Next:Permissions.
  • Filter on ‘SSM’ to make finding the correct policy easier.
  • Select ‘AmazonEC2RoleforSSM’

IAM-Policy-1

  • Click Next:Review.
  • Give the IAM Role a name such as ‘ManagedInstanceRoleforSSM’.
  • Click Create Role.

Continue reading “Step-by-Step Guide to AWS Systems Manager (EC2 Instances) – Part 1”