Install SSM Agent on EC2 instance
The Amazon Machine Images (AMIs) for Red Hat Enterprise Linux (RHEL) that are provided by AWS do not come with AWS Systems Manager Agent (SSM Agent) preinstalled by default. For a list of AWS managed AMIs on which the agent might be preinstalled, see Amazon Machine Images (AMIs) with SSM Agent preinstalled. Show Use the information in this section to help you manually install or reinstall SSM Agent on a RHEL instance. Before you begin
Topics
At Halodoc, we take security very seriously. We also run a security bounty program. We audit our systems regularly. This blog talks about one security measure that we took by implementing SSM. Session Manager Overview: Session Manager is a fully managed resource by AWS that allows you to manage, access and troubleshoot Amazon Elastic Compute Cloud (EC2) instances. SSM provides you the Secure instance management without need to open inbound ports, or manage SSH key. Why is Managing SSH is so challenging?
Why SSM? Benefits of using SSM:
How SSM Works: (Behind the scenes)
Requirements:
Implementation:
2. Creating IAM Role for SSM:
3. Now "SSM Role" can be attached to the EC2 instances on which we want to implement the SSM. Below are the steps to attach the IAM role to an EC2 instance.
4. Now, "SSM Role" is successfully attached to the EC2 instance. Role creation for users:
This role now can be attached to the users who require access to instances using SSM. Local Setup:
Let's Login to instance using SSM: There are 2 ways to connect with EC2 instances.
hurry.... We are successfully connected to EC2 instances, using SSM. 2. Using GUI:
Logs and Session:
Removing SSH port from the Security Group:
Decommission the Bastion Host:
Conclusion: Join us Scalability, reliability, and maintainability are the three pillars that govern what we build at Halodoc Tech. We are actively looking for engineers at all levels and if solving hard problems with challenging requirements is your forte, please reach out to us with your resumé at [email protected].
Halodoc is the number 1 all around Healthcare application in Indonesia. Our mission is to simplify and bring quality healthcare across Indonesia, from Sabang to Merauke. We connect 20,000+ doctors with patients in need through our Tele-consultation service. We partner with 3500+ pharmacies in 100+ cities to bring medicine to your doorstep. We've also partnered with Indonesia's largest lab provider to provide lab home services, and to top it off we have recently launched a premium appointment service that partners with 500+ hospitals that allow patients to book a doctor appointment inside our application. We are extremely fortunate to be trusted by our investors, such as the Bill & Melinda Gates Foundation, Singtel, UOB Ventures, Allianz, GoJek, Astra, Temasek and many more. We recently closed our Series C round and In total have raised around USD$180 million for our mission. Our team works tirelessly to make sure that we create the best healthcare solution personalised for all of our patient's needs, and are continuously on a path to simplify healthcare for Indonesia. How to install SSM Agent on AWS?Resolution. Create an AWS Identity and Access Management (IAM) instance profile to use with SSM Agent.. Follow steps 1 through 5 at Launch an instance using the launch instance wizard.. On the Configure Instance Details page, in the IAM role dropdown list, select the instance profile you created in step 1.. Is SSM agent automatically installed?SSM Agent is installed by default on Amazon Linux, Amazon Linux 2, SUSE Linux Enterprise Server (SLES) 12 and 15, Ubuntu Server 16.04, 18.04 LTS, and 20.04 base Amazon EC2 AMIs. You must manually install SSM Agent on other versions of Amazon EC2 for Linux, including non-base images.
Where is SSM agent installed?The SSM Agent must be installed on an instance with a supported Operating System (OS). An AWS Identity and Access Management (IAM) instance profile that supplies the required permissions for the instance to communicate with the Systems Manager service must be attached to the EC2 instance.
How to install SSM agent on Centos?Step 1: Complete general Systems Manager setup steps.. Step 2: Create an IAM service role for a hybrid environment.. Step 3: Create a managed-instance activation for a hybrid environment.. Step 4: Install SSM Agent for a hybrid environment (Linux). Step 5: Install SSM Agent for a hybrid environment (Windows). |