Using Systems Manager from a Service-Linked Role
AWS Systems Manager and IAM Roles
AWS Systems Manager provides visibility into your AWS environment by unifying operational data across AWS services and automating operational tasks. According to AWS, its main features include:
AWS Systems Manager provides visibility into your AWS environment by unifying operational data across AWS services and automating operational tasks. According to AWS, its main features include:
- Explorer
- OpsCenter
- Application Manager
- AppConfig
- Parameter Store
- Change Manager
- Automation
- Maintenance Windows
- Fleet Manager
- Compliance
- Inventory
- Session Manager
Through IAM service-linked roles, AWS Systems Manager can execute automated tasks such as patching or other maintenance. This can be a valuable feature to utilize as your AWS security program scales.
Transcription
AWS Systems Manager allows you to get operational insight about your resources within the AWS environment. It also allows you to execute automations. Access from AWS Systems Manager to execute automations, such as patching or other maintenance tasks, should be executed via a service-linked role. Service-linked roles can be enabled and enacted through AWS Identity and Access Management. Specifically, the service-linked roles or custom-created service roles should be defined and attached to the AWS Systems Manager service so that it can execute enabled automations as required.
Related Videos
Activate Microsoft Defender for Azure SQL Databases
Antivirus Solutions on EC2 Instances
Autoprovisioning of Microsoft Defender for Containers Components.mov
Deploying Security Patches on EC2 Instances
Enable Autoprovisioning of Vulnerability Assessment for Machines
Enable Microsoft Defender for App Services
Enable Microsoft Defender for DNS
Enable Microsoft Defender for IoT
Enable Microsoft Defender for Open Source Relationship Databases
Enable Microsoft Defender for SQL Server on Machines
Enable Microsoft Defender for Servers
Ensure Autoprovisioning of the Log Analytics Agent Is Enabled for Azure VMs
Ensure Microsoft Defender Is Enabled for Storage Accounts
Ensure Microsoft Defender Is Enabled for the Azure Resource Manager
Ensure Microsoft Defender for Databases Is Enabled
Ensure Microsoft Defender for Key Vaults Is Enabled
Identifying and Ranking Vulnerabilities in AWS
Meeting Your Baseline with Patch Manager
PCI Requirement 11.1.2 – Unauthorized Wireless Access Points Detection
PCI Requirement 11.2 – Quarterly Internal & External Vulnerability Scans
PCI Requirement 11.2.1 – Perform Quarterly Internal Vulnerability Scans
PCI Requirement 11.2.2 – Perform Quarterly External Vulnerability Scans
PCI Requirement 11.2.3 – Perform Internal and External Scans and Rescans as Needed
PCI Requirement 11.4 – Use Intrusion-Detection and/or Intrusion-Prevention Techniques
PCI Requirement 11.5 – Deploy a Change-Detection Mechanisms to Alert Personnel
PCI Requirement 5.1 – Deploy Anti-Virus Software on all Commonly Affected Systems
PCI Requirement 5.1.1 – Ensure Anti-Virus Programs Detect, Remove and Protect Against Malware
PCI Requirement 5.1.2 – Perform Evaluations to Identify & Evaluate Evolving Malware Threats
PCI Requirement 5.2 – Ensure Anti-Virus Mechanisms are Current, Perform Scans, & Generate Audit Logs
PCI Requirement 5.3 – Ensure Anti-Virus Mechanisms are Active and Can’t be Altered
PCI Requirement 6.1 – Establish a Process to Identify Security Vulnerabilities
PCI Requirement 6.5.6 – All “High Risk” Vulnerabilities
PCI Requirement 6.6 – Address Threats & Vulnerabilities Regularly for Public-Facing Web Applications
Running Vulnerability Scans After a Significant Change
SOC 2 Academy: Performing Daily Log Reviews
Shared Responsibility Matrix in PCI
Testing for Unauthorized Wireless Access Points
The Importance of Patching
The Value of Quarterly Internal Vulnerability Scans
Top 10 AWS Mistakes
Using VPC Endpoints to Access Systems Manager
Using an ASV for External Vulnerability Scans
Utilize Microsoft Defender for Azure Cosmos DB
