Ends in
00
days
00
hrs
00
mins
00
secs
LEARN MORE

SALE! Extra $2 OFF our Practice Test + eBook Bundles. Valid until May 12, 2021 6PM UTC+8

Setting up AWS Systems Manager for Hybrid Environments

AWS Systems Manager

allows your organization to monitor and control their infrastructure on AWS and on-premises environments. Systems Manager provides a unified interface to which you can monitor thousands of servers and services of AWS. Essentially, Systems Manager simplifies resource and application management, shortens the time to detect and resolve operational problems, and makes it easy to operate and manage your infrastructure securely at scale.

The following are the capabilities of AWS Systems Manager for your Hybrid Environment:

  • Centrally define the configuration options and policies for your managed instances.
  • Automate or schedule a variety of maintenance and deployment tasks.
  • Use and create runbook-style SSM documents that define the actions to perform on your managed instances.
  • Run a command, with rate and error controls, that targets an entire fleet of managed instances.
  • Securely connect to a managed instance with a single click, without having to open an inbound port or manage SSH keys.
  • Perform automated inventory by collecting metadata about your Amazon EC2 and on-premises managed instances. Metadata can include information about applications, network configurations, and more.
  • View consolidated inventory data from multiple AWS Regions and accounts that you manage.
  • Quickly see which resources in your account are out of compliance and take corrective action from a centralized dashboard.

In this article, we will be talking about deploying the Systems Manager agent to hybrid environments such as on-premises servers or servers of other cloud providers using Windows and Ubuntu workloads. This essentially allows you to manage your on-premises VMs or servers the same way as your managed EC2 instances registered on Systems Manager. 

IT Certification Category (English)728x90

Set up Systems Manager Hybrid Activation

The first part of Hybrid activation is to “create an activation” on Systems Manager which will be used to register your on-premises servers. The following steps outline how to do this.

  1. Login to your AWS Console.
  2. Under the services tab, search for “Systems Manager”
  3. Click on “Hybrid Activations” and click “Create an Activation”

setting_up_aws_systems_manager_for_hybrid_environments1

4. On the Create Activation page, input the following details:

    1. Activation Description: Specify the name of your activation
    2. Instance Limit: Specify the maximum amount of servers you want to deploy the agent to.
    3. IAM Role: Pick “Create a System Default Command”
    4. Activation Expiry Date: Specify your preferred expiration date
      1. If you will add additional servers after the expiry date, you need to create a new activation 
    5. Default Instance Name: Specify the preferred name of your servers that will appear on the console.
    6. Click “Create Activation” to create this activation.

setting_up_aws_systems_manager_for_hybrid_environments2

5. Once you’ve created your activation, you will be redirected to the Hybrid Activations page and at the top, you should see your activation code and activation ID. Take note of these values as you will need them on the next section where you will install the SSM agent.

setting_up_aws_systems_manager_for_hybrid_environments3

Installation and Registration your Hybrid Environment servers

The second part for Hybrid Activation is to install the Systems Manager agent on the on-premises servers or VMs. The following sections show installation steps for Windows and Ubuntu based machines. 

WINDOWS 64 BIT INSTALLATION CODE

  1. RDP into your Windows server.
  2. Launch Powershell with administrator privileges
  3. Copy and paste the code below to your PowerShell. 
    1. Substitute the Activation code and activation ID to the values given before when you created your Hybrid Activation
    2. Specify the AWS region your Systems Manager resides at. 
$code = "activation-code"
$id = "activation-id"
$region = "region"
$dir = $env:TEMP + "\ssm"
New-Item -ItemType directory -Path $dir -Force
cd $dir
(New-Object 
System.Net.WebClient).DownloadFile("https://amazonssm-$region.s3.amazonaws.co
m/latest/windows_amd64/AmazonSSMAgentSetup.exe",           $dir             + 
"\AmazonSSMAgentSetup.exe") 
Start-Process   .\AmazonSSMAgentSetup.exe   -ArgumentList  @("/q",    "/log", 
"install.log", "CODE=$code", "ID=$id", "REGION=$region") -Wait
Get-Content ($env:ProgramData + "\Amazon\SSM\InstanceData\registration")
Get-Service -Name "AmazonSSMAgent"

 4. Run the PowerShell file. After installation, it will return a response. 

setting_up_aws_systems_manager_for_hybrid_environments4

UBUNTU INSTALLATION CODE

  1. SSH into your Ubuntu server.
  2. Create a script with sudo privileges
  3. Copy and paste the code below to your script: 
    1. Substitute the Activation code and activation ID to the values given before when you created your Hybrid Activation
    2. Specify the AWS region your Systems Manager resides at. 
mkdir /tmp/ssm
curl
https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/debian_amd64/am
azon-ssm-agent.deb -o /tmp/ssm/amazon-ssm-agent.deb
sudo dpkg -i /tmp/ssm/amazon-ssm-agent.deb
sudo service amazon-ssm-agent stop
sudo amazon-ssm-agent -register -code "activation-code" -id "activation-id"
-region "regionsudo service amazon-ssm-agent start

 4. Run the script. After installation, a successful response will be returned as shown below.

setting_up_aws_systems_manager_for_hybrid_environments5

Monitoring Managed Instances

You can now monitor your registered instances under the “Managed Instances” tab. 

 setting_up_aws_systems_manager_for_hybrid_environments6.jpg

It is important to note that hybrid activations have a prefix of “mi-” instead of “i-” for AWS hosted EC2 instances. This way, you can easily identify which are hybrid instances from Amazon EC2 instances. You can now perform the same actions on these hybrid instances with the tools provided by Systems Manager such as create Maintenance Windows, schedule patches with Patch Manager, use the Run Command to send commands on the servers, or use Session Manager to create an RDP or SSH connection to the servers from a web browser. 

References:
https://docs.aws.amazon.com/systems-manager/latest/userguide/what-is-systems-manager.html
https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-install-managed-win.html

SALE! EXTRA HUGE Discounts on our Practice Test + eBook Bundles

Pass your AWS, Azure, and Google Cloud Certifications with the Tutorials Dojo Portal

Tutorials Dojo portal

Our Bestselling AWS Certified Solutions Architect Associate Practice Exams

AWS Certified Solutions Architect Associate Practice Exams

Enroll Now – Our AWS Practice Exams with 95% Passing Rate

AWS Practice Exams Tutorials Dojo

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

Tutorials Dojo Study Guide and Cheat Sheets-2

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Browse Other Courses

Generic Category (English)300x250

Recent Posts

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers

Our Community

~98%
passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
200k+
students
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
~4.8
ratings
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?

error: Content is protected !!