Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Monitoring and Governance > Systems Manager > Flashcards

Systems Manager Flashcards

1
Q

How does Systems Manager achieve visibility control over an instance? (Make them “managed instances”?)

A

Via the SSM Agent. Present at default in MODERN Linux and Windows AMIs. Must be installed for older versions and on-prem instances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Functions AWS Systems Manager can perform

A

Manage Inventory
Patching
Run Commands
Manage Desired State
Parameter Store / Secrets Manager
Session Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Three things an AWS-based instance needs to use SSM

A
  1. Agent installed
  2. EC2 Instance Role
  3. IGW or VPC Endpoint to connect to the Systems Manager Endpoint (in the AWS Public Zone)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How to enable on-prem servers to use Systems Manager

A

Need to set up a “Managed Instance Activation” for each
Select IAM role
Receive an “activation code” and an “activation ID”

This process sets up secure communication between the on-premises servers and the Systems Manager Endpoint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does the “Run Command” do, and how does it work?

A

It runs “command documents” on managed instances (defined by instances, tags, or Resource Groups). The run rate can be defined by “Concurrency” and “Error Threshold.” The command documents are passed to the SSM Agents for execution.

Can have a Run Command as the target of an EventBridge rule.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Types and functionality of SSM Documents

A

JSON or YAML documents, stored in SSM Document Store. They ask for parameters, and include steps.

“Systems Managers uses Documents to support all of its different features.”

Command Documents: Run Command, State Manager, Maintenance
Windows
Automation Documents: Automation, State Manager, Maintenance
Windows
Package Documents: used by Distributor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Patch Manager Concepts: Patch Baseline, Patch Groups, Maintenance Windows, Run Command, Concurrency & Error Threshold, Compliance

A

Patch Baseline – what needs to be installed. Can have many baselines, managed and custom.

    AWS-AmazonLinux2DefaultPatchBaseline

Patch Groups: which resources to patch (“targets” for “patch tasks”)

Maintenance Window: Schedule, Duration, Targets, Tasks

Run Command: what executes the patching behind the scenes

     AWS-RunPatchBaseline

Compliance: after patches are applied, Systems Manager can check the end state (using Systems Manager INVENTORY)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Monitoring and Governance (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions