8. Identify the Instances and prep
with required permissions
Package the play into S3
SSM - RunAnsiblePlaybook -
point to s3 URL
Verify logs from S3 bucket
Apply SSM Runcommand
Pick the play from Git/Ansible
Galaxy
14. Check status of the SSM Agent
1) SSM Agent is the key
2) Available in Amazon AMIs
3) Other flavours of OS needs installation
4) For fresh instances deploy via user data
16. Package the code into S3
1) Code packaging will be one time activity if role from galaxy is used
2) If code is used from Repo, then add steps to move code from Repo to S3
3) Code is safe and encrypted, if packaged in S3
29. Unbeatable gains on using AWS SSM for patch or deploy tasks
1. 1) SSH keys management & monitoring is eliminated
2. 2) Centralized logs for all instance deployments
3. 3) Cloudtrail captures the API calls against each resource
4. 4) Log verification in N instances makes tracking easier
5. 5) Well secured Authentication and Authorization(IAM Roles,
Policies)
30. Vijaya Nirmala Gopal (Nirmala)
Hybrid Cloud Implementation Specialist,
IBM GTS Labs, Redhat Center of Excellence
https://galaxy.ansible.com/gvnirmalaa/ansible_role_snowsql
https://cloudgoddess.blogspot.com
Editor's Notes
What is SSM
High level overview of operations and activities that can be achieved with AWS SSM
Explain about what possible operational activities can be performed using RunCommand against Instances both Cloud & On-prem
Slide which gives the overview of AWS network diagram on using AWS SSM
Stages in current use case which is about Applying a Ansible playbook in target instances