71. AWS Systems Manager

Overview

  • AWS Systems Manager is an AWS service that you can use to view and control your infrastructure on AWS.
  • Using the Systems Manager console, you can view operational data from multiple AWS services and automate operational tasks across your AWS resources.
  • Systems Manager helps you maintain security and compliance by scanning your managed nodes and reporting on (or taking corrective action on) any policy violations it detects.
  • A managed node is any machine configured for Systems Manager.
  • Systems Manager supports Amazon Elastic Compute Cloud (Amazon EC2) instances, edge devices, and on-premises servers and virtual machines (VMs), including VMs in other cloud environments.
  • For operating systems, Systems Manager supports Windows Server, macOS, Raspberry Pi OS (formerly Raspbian), and multiple distributions of Linux.

Capabilities in Systems Manager

  • Systems Manager is comprised of individual capabilities, which are grouped into five categories: 
    • Operations Management
      • Incident Manager is an incident management console that helps users mitigate and recover from incidents affecting their AWS hosted applications.
      •  Explorer displays an aggregated view of operations data (OpsData) for your AWS accounts and across AWS Regions.
      • OpsCenter provides a central location where operations engineers and IT professionals can view, investigate, and resolve operational work items (OpsItems) related to AWS resources
      • Amazon CloudWatch Dashboards are customizable pages in the CloudWatch console that you can use to monitor your resources in a single view, even those resources that are spread across different regions. 
    • Application Management
      • Application Manager helps you investigate and remediate issues with your AWS resources in the context of your applications.
      • resource group is a collection of AWS resources that are all in the same AWS Region, and that match criteria provided in a query.
      • AppConfig helps you create, manage, and deploy application configurations.
        • AppConfig supports controlled deployments to applications of any size.
        • You can use AppConfig with applications hosted on Amazon EC2 instances, AWS Lambda containers, mobile applications, or edge devices
      • Parameter Store provides secure, hierarchical storage for configuration data and secrets management. 
    • Change Management
      • Change Manager is an enterprise change management framework for requesting, approving, implementing, and reporting on operational changes to your application configuration and infrastructure.
      • Use Automation to automate common maintenance and deployment tasks. You can use Automation to create and update Amazon Machine Images (AMIs), apply driver and agent updates, reset passwords on Windows Server instance.
      • Change Calendar helps you set up date and time ranges when actions you specify (for example, in Systems Manager Automation runbooks) can or can't be performed in your AWS account.
      • Use Maintenance Windows to set up recurring schedules for managed instances to run administrative tasks such as installing patches and updates without interrupting business-critical operations.
    • Node Management
      • Use Compliance to scan your fleet of managed nodes for patch compliance and configuration inconsistencies. 
      • Fleet Manager is a unified user interface (UI) experience that helps you remotely manage your nodes. 
      • Inventory automates the process of collecting software inventory from your managed nodes. 
      • Use Session Manager to manage your edge devices and Amazon Elastic Compute Cloud (Amazon EC2) instances through an interactive one-click browser-based shell or through the AWS CLI.
      • Use Run Command to remotely and securely manage the configuration of your managed nodes at scale. 
      • Use State Manager to automate the process of keeping your managed nodes in a defined state. 
      • Use Patch Manager to automate the process of patching your managed nodes with both security related and other types of updates. 
      • Use Distributor to create and deploy packages to managed nodes. 
      • Hybrid Activations: To set up servers and VMs in your hybrid environment as managed instances, create a managed instance activation.
    • Shared Resources

SSM Agent

  • AWS Systems Manager Agent (SSM Agent) is Amazon software that runs on Amazon Elastic Compute Cloud (Amazon EC2) instances, edge devices, and on-premises servers and virtual machines (VMs).
  • SSM Agent makes it possible for Systems Manager to update, manage, and configure these resources.
  • The agent processes requests from the Systems Manager service in the AWS Cloud, and then runs them as specified in the request.
  • SSM Agent then sends status and execution information back to the Systems Manager service by using the Amazon Message Delivery Service 
  • SSM Agent must be installed on each instance you want to use with AWS Systems Manager.

Reference

What is AWS Systems Manager? - AWS Systems Manager

你可能感兴趣的:(AWS,Certification,aws)