Cyber Security Shots

A couple of weeks ago, we saw, How to use Azure service to automate based on the events. If you have not seen it, here is the link.

Let’s see how you can automate it in AWS. In AWS, there are many different ways to automate, But one critical service is AWS System Manager. (SSM)

I firmly believe the service has been less explored or at least less exposed.

As you can see above, SSM has many capabilities. They are

• State Manager, you can define the state based on association. For example, You can define all the association targets to have the Apache application installed using (Run, Automation) with the tag Apache.
•  Inventory, It helps in maintaining the inventory with the environment.
•  In maintenance windows, you can assign the targets to it and assign the task to be performed during the window. Post execution, you can review the status.
•  Patch Manager
•  Session Manager control access to the instances using the IAM Policies.
•  Incident Manager, you can perform an automated response plan using runbooks. Nice Diagram on how it works

• For me, the base of AWS system manager is the Run command and AWS automation. You can also use this with the EventBridge service (Just like EventGrid in Azure). Both services would combine into a powerful tool for automating tasks.

I would like to close this article by sharing a great blog by AWS on Automating Vulnerability Management using Amazon Inspector and AWS system Manager Part1 and Part2. I hope the above feature and article excites you and help you open the Pandora of System Manager capability.