AWS Systems Manager
AWS announces a unified management interface, AWS Systems Manager to manage components of both cloud and hybrid environments. Available under Management tools this is a one point solution to your integrated system maintenance. Integration of CloudWatch and CloudTrail dashboards for resource groups created based on tags saves the time spent in multiple switching of consoles. Further addition of features like automation, inventory and compliance helps you completely manage your system infrastructure.
Resource Groups and Insights
Resource groups, a familiar service on AWS has been strengthened by the addition of insights and an integrated dashboard view.
- Cloudtrail, Config Insights : Details recorded under cloudtrail, config services for all the operations on the saved resource group can be obtained in a single place. Personalised dashboard gives an overview about the issues resolved.
- Cloudwatch Insights : Cloudwatch metrics for the resources under resource groups along with option to create custom dashboard for required metric is provided that helps in metric wise view of required resources in one place.
On and Off Cloud Compliance
AWS Systems Manager provides facility for inventory and compliance of instances in cloud infrastructure as well as hybrid environments (by setting up SSM agent and other configurations required).
- Inventory : Inventory can be set up by specifying a tag or by manually selecting certain instances. These instances are checked for parameters like Applications, Network configurations, Windows updates, etc regularly based on the scheduled cron build. There is also provision for storing this details in an S3 bucket specified.
- Patch Manager : Patch baseline can be set up for any operating system required with configurations such as Product, Section, Priority of the update along with exceptions if any. This helps in regular alerts on patch updates for the OS.
- State Manager : To manage associations that consist of a document (Any action that needs to be done on specified targets), target (set of instances) and scheduled time (when action is to be performed).
AWS has added intelligence to automation of tasks and simplified maintenance activities by providing provisions for one time setup of routine tasks. Automation and maintenance window can be used to target specific resource groups or instances.
- Automation : Provision for setting up of documents that can be scheduled to run at particular time can be done using Automation. Document can be chosen from AWS owned ones or your own script. Selected targets can be specified using tags or resource specific Ids.
- Maintenance Window : The documents that contain required action to be performed can be scheduled to run at a particular time, or also based on certain values of cloudwatch insights using this window. These features add intelligence to the automated tasks.
AWS Systems Manager shows potential in acting as a sole manager of maintenance of an entire system consisting of resources on cloud and also on hybrid or virtual machines. Integration of various insights and consolidated dashboard facilities definitely is a step forward in saving a lot of time that goes in manual devops tasks.
How it works