📖 What is AWS Systems Manager?
AWS Systems Manager is a management service that provides a unified interface to view and control your AWS infrastructure. It allows you to automate operational tasks, manage patches, and configure software across a fleet of virtual machines and on-premises servers.
"Focus on its ability to manage 'hybrid' environments. It is the primary tool for running commands on multiple EC2 instances without SSHing into each one."
📚 Certification: AWS Certified Cloud Practitioner (CLF-C02)
🔑 What are the Key Concepts of AWS Systems Manager?
- ▸ Run Command allows you to remotely and securely manage the configuration of your managed nodes without needing to establish SSH or RDP connections.
- ▸ Patch Manager automates the process of patching managed instances with security-related updates, ensuring your fleet remains compliant and secure against vulnerabilities.
- ▸ Hybrid Cloud Management enables the control of on-premises servers alongside EC2 instances, providing a single pane of glass for your entire infrastructure.
- ▸ Parameter Store provides secure, hierarchical storage for configuration data and secrets, allowing applications to retrieve settings without hardcoding them in source code.
- ▸ Session Manager provides a secure way to access instance shells via the AWS Console or CLI, removing the need for bastion hosts.
🎯 How does AWS Systems Manager appear on the CLF-C02 Exam?
You may be asked to identify the service that allows an administrator to execute a specific shell script across a fleet of one hundred EC2 instances simultaneously without having to manually log into each individual server via SSH.
A scenario might describe a company with a hybrid cloud strategy that needs a centralized tool to manage and automate security patches for both AWS EC2 instances and their existing on-premises servers.
Expect questions about improving security by removing the need for open inbound ports, such as port 22 or 3389, while still maintaining administrative shell access to the instance operating system.
❓ Frequently Asked Questions
How does Session Manager differ from traditional SSH access?
Session Manager eliminates the need to manage SSH keys and open inbound ports in Security Groups. Instead, it uses IAM roles to authorize access, providing a more secure and auditable connection method.
Does Systems Manager only work with EC2 instances?
No, by installing the SSM Agent on your on-premises virtual or physical servers, you can register them as managed nodes and control them via the AWS Management Console.