Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Automate EC2 into System Manager

0

Besides setting up DHMC, is there a way to setup either a config rule or event bridge rule, that will check if an ec2 is managed by SM. If not, then either add the correct IAM role, or add device into SM?

Argomenti
Gestione e amministrazioneComputazionaliServerlessIntegrazione delle applicazioni
Tag
AWS ConfigAmazon EC2Amazon EventBridgeGestore dei sistemi AWS
Lingua
English
rePost-User-4136916
posta 3 mesi fa204 visualizzazioni
1 Risposta
1

Hello.

The AWS Config rule "ec2-instance-managed-by-systems-manager" may be helpful.
https://docs.aws.amazon.com/config/latest/developerguide/ec2-instance-managed-by-systems-manager.html

After creating a Config rule using this rule, I think it is possible to have EventBridge detect "complianceType" of "NON_COMPLIANT".
If you refer to the events in the document below, the event pattern will be as follows.
https://repost.aws/knowledge-center/config-resource-non-compliant

{
  "source": ["aws.config"],
  "detail-type": ["Config Rules Compliance Change"],
  "detail": {
    "messageType": ["ComplianceChangeNotification"],
    "configRuleName": ["ec2-instance-managed-by-systems-manager"],
    "newEvaluationResult": {
      "complianceType": ["NON_COMPLIANT"]
    }
  }
}
profile picture
ESPERTO
Riku_Kobayashi
con risposta 3 mesi fa
profile picture
ESPERTO
Giovanni Lauria
verificato un mese fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente