Everything you need to know about AWS Systems Manager (SSM) Agent
Вставка
- Опубліковано 28 вер 2024
- This video covers
1. Introduction to AWS SSM Agent & AWS SSM Service
2. Prerequisites for Managed node
3. Network Architecture and Connectivity options
4. Capabilities of AWS Systems Manager
---------------------
Useful Links:
---------------------
AWS SSM Agent
=============
Supported operating systems:
docs.aws.amazo...
Source code:
docs.aws.amazo...
Releases:
github.com/aws...
Prerequisites:
docs.aws.amazo...
AWS SSM Service
=============
VPC interface endpoints
docs.aws.amazo...
![[UA] Eternal Fire проти NAVI | EPL Season 20 Malta](http://i.ytimg.com/vi/chvlsDygrZM/mqdefault.jpg)
Why does the agent needs to communicate with the instance metadata? And if a hybrid activation happens with register code, how does the standard registration of instance happens ? 😳🧐🤔
SSM agent installed on EC2 instance must have access to instance metadata to obtain the AWS region(since SSM is a regional service and has regional endpoints) and temporary credentials ( from IAM role) to then initiate a communication to the AWS Systems Manage service in AWS Cloud. In the case of hybrid activation process is different and has no relevance to instance metadata. The agent obtains the necessary info from registration file that is created on the source machine.
@@unmaskITnow Thank you very much for the answer. And one last question. When you launch an Amazon EC2 instance with public IP and needed SSM Agent IAM Role, is it also registered somehow with ID and Activation code as the hybrid activation or the process is different ?
For an EC2 instance running SSM agent in public subnet, it will use the permissions from IAM role attached to the instance and there is no hybrid activation process as it applies in the case of non EC2 nodes