You are working as a SysOps administrator for a large IT firm.
After successfully setting up the Systems Manager on EC2 instance across all regions, you plan to set up Systems Manager for 50database servers deployed in the corporate Data Centre.
Which of the following actions are mandatory to complete the Systems Manager set-up on these servers? (Select Four).
Click on the arrows to vote for the correct answer
A. B. C. D. E. F. G.Correct Answer - B, C, D, G.For setup of Systems Manager for Hybrid environment following actions need to be done.
1
Complete General Systems Manager Setup Steps.
2
Create an IAM Service Role for a Hybrid Environment.
3
Install a TLS certificate on On-Premises Servers and VMs.
4
Create a Managed-Instance Activation for a Hybrid Environment.
5
Install SSM Agent for a Hybrid Environment (Windows & Linux).
6
(Optional) Enable the Advanced-Instances Tier for more than 1000 servers per account per region.
Option A is incorrect as the number of servers in the Data Centre is less than 1000
The Advanced tier is not required to be enabled.
Option E is incorrect as having Direct Connect Link between the corporate Data Centre & AWS is not mandatory.
Option F is incorrect as creating an S3 bucket is not a mandatory option.
For more information on Setting Up AWS Systems Manager for Hybrid Environments, refer to the following URL-
https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances.htmlSure, I'd be happy to help explain the mandatory steps required to complete the Systems Manager set-up on the 50 database servers deployed in the corporate data centre.
Systems Manager is a management service provided by Amazon Web Services (AWS) that allows you to manage and automate operational tasks across your infrastructure at scale. With Systems Manager, you can perform various management tasks such as patching, automation, compliance, and configuration management on your instances.
To set up Systems Manager on the 50 database servers in the corporate data centre, you need to complete the following mandatory steps:
Download and Install SSM Agent on servers in Data Centre SSM Agent is a software component that needs to be installed on each instance that you want to manage with Systems Manager. The SSM Agent is responsible for processing the requests and commands that you send to the instance using Systems Manager. You need to download and install the SSM Agent on each of the 50 database servers in the corporate data centre to enable them to communicate with Systems Manager.
Create an IAM Role to communicate with the Systems Manager service IAM roles are used to grant permissions to AWS services to access AWS resources securely. To enable Systems Manager to manage your database servers, you need to create an IAM role that grants Systems Manager the necessary permissions to access the database servers. This role should have the required permissions to perform various management tasks such as patching, automation, compliance, and configuration management.
Create a Managed Instance Activation for servers in Data Centre A managed instance activation is required to activate an EC2 instance or on-premises instance for use with Systems Manager. You need to create a managed instance activation for each of the 50 database servers in the corporate data centre to allow Systems Manager to manage them.
Enable Advanced-instance tier Enabling the advanced-instance tier provides additional capabilities for Systems Manager. This feature is enabled by default for instances running in AWS. You need to enable this feature on the 50 database servers in the corporate data centre to unlock advanced management capabilities.
The following options are not mandatory but are good to consider:
Create an S3 bucket to store all Service Manager logs. You can create an S3 bucket to store all the logs generated by Systems Manager, including automation logs, patch compliance reports, and inventory reports. This allows you to keep track of all your Systems Manager activity in a central location.
Install a TLS certificate on servers in Data Centre. Transport Layer Security (TLS) provides secure communication between servers and clients. You can install a TLS certificate on the database servers in the corporate data centre to ensure secure communication between Systems Manager and the database servers.
Set up a Direct Connect link between Data Centre & VP. You can set up a Direct Connect link between the corporate data centre and the VPC to enable communication between the database servers and the Systems Manager service in AWS.
In summary, to set up Systems Manager on the 50 database servers deployed in the corporate data centre, you need to download and install the SSM Agent on each server, create an IAM role to grant permissions to Systems Manager, create a managed instance activation for each server, and enable the advanced-instance tier to unlock advanced management capabilities. Optionally, you can also create an S3 bucket to store all the logs generated by Systems Manager, install a TLS certificate on the database servers, and set up a Direct Connect link between the data centre and VPC.