Use Case Labs

These focused labs are intended to address common customer use cases including Configuration Management, Inventory and Patch Management, Session Management, and Compliance Management.

Inventory and Patch Management

In this lab you will apply the concepts of Infrastructure as Code and Operations as Code to the following activities:

  • Deployment of Infrastructure
  • Inventory Management *Patch Management

Configuration Management

In this lab we setup a desired state configuration for an Amazon Linux instance using Ansible. Ansible Playbooks are able to run natively on AWS Systems Manager because the service has the runtime engine required to execute the instructions of the playbooks. The benefit for using this approach is that as a customer, you no longer need to worry about managing an Ansible Tower infrastructure.

Compliance Management

In this lab, we show you how to build a fleet-wide enterprise compliance management and remediation system using AWS Config, AWS Systems Manager, and Amazon CloudWatch. In addition, we provide compliance stakeholders with visibility into the performance of the compliance system by using Amazon QuickSight and Amazon Athena for reporting.

We will also learn how to AWS Config Conformance Packs can help you build a configuration compliance solution.

Session Manager

In this use case, you have been tasked with replacing the legacy bastion infrastructure at your organization with an alternative interactive shell-level access solution. You have been given a few key requirements and must develop a proof of concept that demonstrates the ability of Session Manager to address each:

  • Secure Access: The solution must communicate over a secure encrypted channel for all control and session data. The solution must not require inbound ports to be authorized (e.g. TCP 22 or TCP 3389).
  • Access Control: Users must be able to authenticate using IAM security principals (e.g. users and roles) and must not be required to leverage host-level authentication methods (e.g. public-key, password, etc.).
  • Auditing: All session activity must be tracked and logged to include all command input and output.
  • Cross-Platform Interactivity: The solution should provide synchronous execution of commands across both Windows and Linux platforms

If you are working with your AWS Account Team to use these labs then proceed with the Event Engine access lab. If you are performing these labs as an individual you will need to have a non-production AWS account available for use.

Please proceed to the Event Engine access lab.