AWS SSM Associations

This StackZone feature simplifies the process of associating EC2 Instances with SSM Inventory, allowing you to manage various aspects of your EC2 Instances with ease.

AWS Systems Manager Inventory provides visibility into your AWS computing environment. You can use Inventory to collect metadata from your managed nodes.

You can activate several AWS Systems Manager Associations by navigating to Provisioning > Baseline Services > AWS SSM Associations and switching on the feature.

You can enable and customize the following settings:

• Update SSM Agent: when enabled, an automation will attempt to update the SSM Agent installed on your SSM Managed EC2 Instance.
• Query Scan Patches: this functionality gathers information around software patches.
• Gather Inventory: collects information about your EC2 Instance, so you can see it from the SSM Dashboard in the AWS Console.

You can also set the severity levels for all the features mentioned above, such as:

• Unspecified
• Medium
• Low
• High
• Critical

These values determines the threshold for classifying a finding as Compliant or Non-Compliant within the Compliance rule evaluation. This configuration can be helpful in organizing and categorizing findings on the SSM Compliance dashboard.

Note that to enable inventory on an EC2 instance, you need to tag the machine with the desired values.

By default the tag:key value is SSM-Managed = True.

To learn more about SSM Inventory, please refer to the official documentation linked here.

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here