What is AWS Systems Manager?

Posted on by uplatzblog

AWS Systems Manager provides a suite of tools for managing and automating operational tasks on AWS resources. Among its features are Automation and Session Manager, which serve different purposes but can be used in tandem for effective management of AWS instances.

  1. Automation:
    • AWS Systems Manager Automation allows you to automate common maintenance and deployment tasks across your AWS environment. You can define workflows, known as automation documents, that specify the steps required to perform a particular task or remediation action.
    • Automation documents are written in YAML or JSON format and can include a series of steps such as running scripts, executing AWS API commands, invoking AWS Lambda functions, and waiting for specific conditions.
    • Automation documents can be executed manually or triggered by events such as CloudWatch Events, AWS Config rule evaluations, or AWS Health events. You can also schedule them to run at specific times or intervals.
    • Automation provides features such as parameterization (using input parameters and dynamic values), error handling, logging, and integration with other AWS services.
  2. Session Manager:
    • AWS Systems Manager Session Manager allows you to securely connect to your EC2 instances and managed instances (such as on-premises servers or VMs) without the need for SSH or RDP access.
    • With Session Manager, you can initiate interactive sessions with instances directly from the AWS Management Console or AWS CLI, using the AWS Systems Manager console or the AWS Systems Manager Session Manager plugin.
    • Session Manager establishes a secure WebSocket connection to the instance using IAM authentication and encryption, eliminating the need to open inbound ports or manage SSH keys.
    • Session Manager provides features such as session logging, audit trails, fine-grained access control using IAM policies, and integration with AWS CloudTrail for tracking session activity.
    • In addition to interactive sessions, Session Manager supports port forwarding, allowing you to securely access services running on instances without exposing them to the internet.

By leveraging AWS Systems Manager Automation and Session Manager together, you can automate operational tasks across your AWS environment and securely manage access to your instances without relying on traditional SSH or RDP connections. This helps improve security, compliance, and operational efficiency while reducing manual effort and risk.