Do you work with too many tools? In this session, learn how AWS Systems Manager can help you manage your servers at scale with the agility and security you need in today's dynamic cloud-enabled world.

1. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Mats Lannér
Sr. Software Development Manager, Amazon Web Services
SRV212
Too Many Tools?
How AWS Systems Manager Bridges Operational Models

2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Cloud Management Challenges
Managing cloud and hybrid environments using a traditional toolset
is complex and costly
Traditional IT toolset not
built for cloud scale
infrastructure
Deploying multiple
products is a significant
overhead
Licensing costs
and complexity
Maintaining
enterprise-wide visibility is
challenging

3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Customer Challenges
Operate safely and
securely at scale
Map resources to
applications and
environments
Diverse set of tools
for managing hybrid
cloud
Complex licensing and
hard to manage the
management
infrastructure
Ability to build
custom solutions to
meet specific business
needs

4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Operate Safely and at Scale
The operations cockpit for any cloud at any scale
Support AWS and
On-Premises
Use cross-platform capabilities manage both
Windows and Linux
Group
The building blocks of your applications
Visualize
Operational insights for applications
Brings other AWS services in a single console
Act
Using AWS best practices with built-in safeties

5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Extensible
Hybrid Compliance Open Source Cross-platform Extensible
Works in hybrid
and multi-cloud
environments
Use existing tools like
Ansible, PowerShell
DSC, and InSpec for
configuration
and Compliance
SSM Agent is open-
sourced on GitHub
Windows and
Linux support
Extensible capabilities
to collect custom
inventory from
instances

6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Systems Manager Customers & Partners

7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Manage Resources at Scale
Resource groups
Define the building blocks of
your application
Give a meaning to a collection
of AWS resources (as an app, env,
or business unit)
Group AWS resources based on
tags using a simple query
Save a search as a heterogeneous
group of (dynamic) resources
Interact with a group directly rather than
individual resources

8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Improved Visibility and Control
Set up operational dashboards
Build and customize your
own ops-dashboards
Leverage your existing
Amazon CloudWatch dashboards
Leverage your existing
CloudWatch metrics
Monitor Compliance
Visualize your application’s metrics

9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Compliance with Patch Manager
corp data center
Individual instances
not grouped
Patch Group=WebServers
Patch Group=SQLCluster
Default Patch Baseline
for the OS
Web Server
Patch Baseline
Patch Manager
Maintenance
Window Compliance Notifications

10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Demo

11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Safe and Secure Operations
corp data center
VPC1
Tags
VPC2
Tags
IAM
Run Command Amazon CloudWatch
Events
AWS CloudTrail
Auditing

12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Gain Insights from Multi-Account Instances
corp data center
Account 1
Account 2
Inventory
Amazon S3
Data Lake
Amazon
QuickSight
AWS
Config
Any BI Tool!

13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Easy to Use Automation
Run the automationRole and permissionInputAutomation
document

14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Config and Secrets Data Management
Rotate
password
/app/test/db_password /app/prod/db_password
Dev Test Prod
App
Change notifications
(event-based)
Email
notification

15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Manage Configuration Drift
Instances
State manager

16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Systems Manager Capabilities
Resource Groups
Run Command
Inventory
Patch Manager
Automation
Parameter Store
Maintenance Window
State Manager

17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Demo

18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Other Enterprise Features
Integrated with AWS
services, such as:
IAM: granular RBAC
AWS CloudTrail: audited actions
Amazon CloudWatch Events:
notification and remediation
AWS Config: configuration history
Available in all AWS
regions including
AWS GovCloud (US)
Accessible through
AWS PrivateLink
SSM Agent is
installed on
Windows Server on
AWS, Amazon Linux,
and Ubuntu AMIs
AWS Systems
Manager is SOC, ISO
and
PCI compliant, HIPAA
enabled

19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Partner Value
Hybrid
Compliance
Open Source
Cross-platform
Extensible
Simple, Secure, Scalable: simplified systems
management that is customizable, extensible, and
scales to thousands of instances while improving
security and compliance.
Virtually anywhere, any Platform: cloud-native
automation and configuration tool that supports
hybrid management – a single tool to manage all
your workloads running on Windows or Linux, on
Amazon EC2 or
on-premises.
Reduced TCO: no need to license, deploy, and
maintain expensive management tools or hire for
specialized skillset.

20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Useful Links
AWS Management Tools Blog
https://aws.amazon.com/blogs/mt/category/management-tools/amazon-ec2-systems-manager/
AWS Blog
https://aws.amazon.com/blogs/aws/category/amazon-ec2-systems-manager/
Product Page
https://aws.amazon.com/systems-manager/
Feedback
ec2-ssm-feedback@amazon.com
Partner Team
whytc@amazon.com
1
2
3
4
5

22. Submit Session Feedback
1. Tap the Schedule icon.
2. Select the session you
attended.
3. Tap Session Evaluation to
submit your feedback.

23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Thank you!

24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Tap your badge as you leave to receive
an email with additional resource links
from this session.
Your feedback is important to us.
Rate this session via the event app.
After This Session