[{"data":1,"prerenderedAt":1382},["ShallowReactive",2],{"searchBlogPosts":3,"content-\u002Fblog\u002Faws-cloud-operations-certification-journey-ssm-lab":28},[4,7,10,13,16,19,22,25],{"_path":5,"title":6},"\u002Fblog\u002F2026\u002F03\u002F14\u002Fposthog-observability-tongueflow","How I Used PostHog to Add Observability to My Web App as a Junior DevOps Engineer",{"_path":8,"title":9},"\u002Fblog\u002F2025\u002F10\u002F05\u002Faws-cloud-operations-certification-journey-ssm-lab","AWS Cloud Operations Certification Journey: Mastering Systems Manager",{"_path":11,"title":12},"\u002Fblog\u002F2025\u002F03\u002F14\u002Fansible-setup-configuration","Ansible Setup and Configuration",{"_path":14,"title":15},"\u002Fblog\u002F2025\u002F01\u002F05\u002Fdata-sharing-with-nfs","Data Sharing with NFS: A Complete Guide for System Administrators",{"_path":17,"title":18},"\u002Fblog\u002F2024\u002F05\u002F23\u002Fjava-29th-birth","Java celebrates 29 years of history",{"_path":20,"title":21},"\u002Fblog\u002F2024\u002F03\u002F19\u002Fhow-to-update-to-java21","How to Update to Java 21 Using SDKMAN",{"_path":23,"title":24},"\u002Fblog\u002F2024\u002F02\u002F11\u002Fspring-async-retry","Implementing Asynchronous Retry Mechanism for Email Sending in Spring Applications",{"_path":26,"title":27},"\u002Fblog\u002F2024\u002F01\u002F25\u002Fjdbc-vs-jpa","JDBC vs JPA: Which is Better for Your Application?",{"_path":8,"_dir":29,"_draft":30,"_partial":30,"_locale":31,"title":9,"description":32,"slug":33,"published":34,"date":35,"author":36,"tags":37,"cover":44,"keywords":45,"body":46,"_type":1375,"_id":1376,"_source":1377,"_file":1378,"_stem":1379,"_extension":1380,"sitemap":1381},"05",false,"","Deep dive into AWS Systems Manager capabilities through hands-on lab experience, covering Inventory, Run Command, Parameter Store, and Session Manager for effective cloud operations.","aws-cloud-operations-certification-journey-ssm-lab",true,"2025-10-05","Nidhal Naffati",[38,39,40,41,42,43],"AWS","Cloud Operations","Systems Manager","DevOps","Automation","Certification","aws-ssm-cover.png","AWS, Cloud Operations, Systems Manager, SSM, Inventory, Run Command, Parameter Store, Session Manager, DevOps, Automation, AWS Certification",{"type":47,"children":48,"toc":1347},"root",[49,57,64,70,75,81,86,92,99,104,110,115,140,149,154,160,205,211,217,222,230,236,241,289,297,303,308,890,896,939,945,951,956,962,967,999,1007,1012,1018,1061,1067,1073,1078,1086,1092,1097,1126,1134,1140,1192,1198,1203,1245,1251,1256,1299,1305,1310,1315,1320,1328,1332,1341],{"type":50,"tag":51,"props":52,"children":54},"element","h1",{"id":53},"aws-cloud-operations-certification-journey-mastering-systems-manager",[55],{"type":56,"value":9},"text",{"type":50,"tag":58,"props":59,"children":61},"h2",{"id":60},"introduction",[62],{"type":56,"value":63},"Introduction",{"type":50,"tag":65,"props":66,"children":67},"p",{},[68],{"type":56,"value":69},"As I continue my journey toward AWS Cloud Operations certification, I recently completed an intensive hands-on lab focusing on AWS Systems Manager - a comprehensive toolset for configuring and managing Amazon EC2 instances, on-premises servers, and other AWS resources at scale. Systems Manager provides a unified interface that allows you to easily centralize operational data and automate tasks across your AWS resources, making it an essential component of any cloud operations strategy.",{"type":50,"tag":65,"props":71,"children":72},{},[73],{"type":56,"value":74},"In this post, I'll walk through the key capabilities I explored during the lab: Systems Manager Inventory, Run Command, Parameter Store, and Session Manager, providing practical insights into how these tools enhance operational efficiency and security.",{"type":50,"tag":58,"props":76,"children":78},{"id":77},"understanding-aws-systems-manager",[79],{"type":56,"value":80},"Understanding AWS Systems Manager",{"type":50,"tag":65,"props":82,"children":83},{},[84],{"type":56,"value":85},"AWS Systems Manager is a collection of capabilities designed to help you manage your AWS resources at scale. Whether you're managing EC2 instances, on-premises servers, or virtual machines in a hybrid environment, Systems Manager provides a centralized interface for configuration, management, and automation tasks. The service integrates seamlessly with other AWS services and provides comprehensive operational visibility without requiring direct system access.",{"type":50,"tag":58,"props":87,"children":89},{"id":88},"task-1-using-systems-manager-inventory-for-configuration-verification",[90],{"type":56,"value":91},"Task 1: Using Systems Manager Inventory for Configuration Verification",{"type":50,"tag":93,"props":94,"children":96},"h3",{"id":95},"what-is-systems-manager-inventory",[97],{"type":56,"value":98},"What is Systems Manager Inventory?",{"type":50,"tag":65,"props":100,"children":101},{},[102],{"type":56,"value":103},"AWS Systems Manager Inventory collects metadata from your Amazon EC2 instances and on-premises servers in your hybrid environment. This includes operating system details, applications installed, patches, custom attributes, and other instance metadata. You can query this information to understand which instances meet your software policies and which need updates.",{"type":50,"tag":93,"props":105,"children":107},{"id":106},"lab-experience",[108],{"type":56,"value":109},"Lab Experience",{"type":50,"tag":65,"props":111,"children":112},{},[113],{"type":56,"value":114},"In my lab, I used Systems Manager Inventory to gather configuration details from a managed EC2 instance:",{"type":50,"tag":116,"props":117,"children":118},"ol",{},[119,125,130,135],{"type":50,"tag":120,"props":121,"children":122},"li",{},[123],{"type":56,"value":124},"Navigated to Systems Manager → Fleet Manager",{"type":50,"tag":120,"props":126,"children":127},{},[128],{"type":56,"value":129},"Selected the \"Managed Instance\"",{"type":50,"tag":120,"props":131,"children":132},{},[133],{"type":56,"value":134},"Configured an inventory association named \"Inventory-Association\" for that specific instance",{"type":50,"tag":120,"props":136,"children":137},{},[138],{"type":56,"value":139},"Reviewed the collected inventory data including installed applications",{"type":50,"tag":65,"props":141,"children":142},{},[143],{"type":50,"tag":144,"props":145,"children":148},"img",{"alt":146,"src":147},"Systems Manager Inventory Interface","\u002Fimages\u002Fblog\u002F2025\u002F10\u002F05\u002Fssm-inventory-interface.png",[],{"type":50,"tag":65,"props":150,"children":151},{},[152],{"type":56,"value":153},"This process demonstrated how Inventory enables you to validate software configurations across your infrastructure without logging into each instance. Instead of manually connecting to dozens or hundreds of servers to check what's installed, you can query this information centrally through the AWS console or APIs.",{"type":50,"tag":93,"props":155,"children":157},{"id":156},"practical-benefits",[158],{"type":56,"value":159},"Practical Benefits",{"type":50,"tag":161,"props":162,"children":163},"ul",{},[164,175,185,195],{"type":50,"tag":120,"props":165,"children":166},{},[167,173],{"type":50,"tag":168,"props":169,"children":170},"strong",{},[171],{"type":56,"value":172},"Compliance Verification",{"type":56,"value":174},": Quickly verify that all instances meet security and compliance requirements",{"type":50,"tag":120,"props":176,"children":177},{},[178,183],{"type":50,"tag":168,"props":179,"children":180},{},[181],{"type":56,"value":182},"Software Asset Management",{"type":56,"value":184},": Track software licenses and ensure proper installation across environments",{"type":50,"tag":120,"props":186,"children":187},{},[188,193],{"type":50,"tag":168,"props":189,"children":190},{},[191],{"type":56,"value":192},"Configuration Management",{"type":56,"value":194},": Identify configuration drifts across your fleet",{"type":50,"tag":120,"props":196,"children":197},{},[198,203],{"type":50,"tag":168,"props":199,"children":200},{},[201],{"type":56,"value":202},"Security Assessments",{"type":56,"value":204},": Identify vulnerable software versions that need updating",{"type":50,"tag":58,"props":206,"children":208},{"id":207},"task-2-automating-application-deployment-with-run-command",[209],{"type":56,"value":210},"Task 2: Automating Application Deployment with Run Command",{"type":50,"tag":93,"props":212,"children":214},{"id":213},"run-command-capabilities",[215],{"type":56,"value":216},"Run Command Capabilities",{"type":50,"tag":65,"props":218,"children":219},{},[220],{"type":56,"value":221},"AWS Systems Manager Run Command gives you the ability to remotely and securely manage the configuration of your managed instances at scale. You can run commands across a fleet of instances from a central location, which is particularly useful for patching, configuration changes, and other administrative tasks.",{"type":50,"tag":65,"props":223,"children":224},{},[225],{"type":50,"tag":144,"props":226,"children":229},{"alt":227,"src":228},"Automated Application Installation Flow","\u002Fimages\u002Fblog\u002F2025\u002F10\u002F05\u002FInstallApplication.png",[],{"type":50,"tag":93,"props":231,"children":233},{"id":232},"lab-deployment-process",[234],{"type":56,"value":235},"Lab Deployment Process",{"type":50,"tag":65,"props":237,"children":238},{},[239],{"type":56,"value":240},"The most impressive part of the lab was deploying a custom web application (Widget Manufacturing Dashboard) using Run Command without logging into the instance. Here's what happened:",{"type":50,"tag":116,"props":242,"children":243},{},[244,256,261],{"type":50,"tag":120,"props":245,"children":246},{},[247,249],{"type":56,"value":248},"Selected a pre-configured document named ",{"type":50,"tag":250,"props":251,"children":253},"code",{"className":252},[],[254],{"type":56,"value":255},"InstallDashboardApp",{"type":50,"tag":120,"props":257,"children":258},{},[259],{"type":56,"value":260},"Targeted the \"Managed Instance\"",{"type":50,"tag":120,"props":262,"children":263},{},[264,266],{"type":56,"value":265},"Executed the command that performed these actions:\n",{"type":50,"tag":161,"props":267,"children":268},{},[269,274,279,284],{"type":50,"tag":120,"props":270,"children":271},{},[272],{"type":56,"value":273},"Installed Apache web server and PHP",{"type":50,"tag":120,"props":275,"children":276},{},[277],{"type":56,"value":278},"Activated the web server",{"type":50,"tag":120,"props":280,"children":281},{},[282],{"type":56,"value":283},"Installed the AWS SDK for PHP",{"type":50,"tag":120,"props":285,"children":286},{},[287],{"type":56,"value":288},"Installed the application files",{"type":50,"tag":65,"props":290,"children":291},{},[292],{"type":50,"tag":144,"props":293,"children":296},{"alt":294,"src":295},"Systems Manager Run Command Interface","\u002Fimages\u002Fblog\u002F2025\u002F10\u002F05\u002Fssm-run-command-interface.png",[],{"type":50,"tag":93,"props":298,"children":300},{"id":299},"systems-manager-document-structure",[301],{"type":56,"value":302},"Systems Manager Document Structure",{"type":50,"tag":65,"props":304,"children":305},{},[306],{"type":56,"value":307},"The installation process was handled by a Systems Manager document using the following JSON schema:",{"type":50,"tag":309,"props":310,"children":314},"pre",{"className":311,"code":312,"language":313,"meta":31,"style":31},"language-json shiki shiki-themes nord github-dark monokai","{\n  \"schemaVersion\": \"2.2\",\n  \"description\": \"Install Dashboard App\",\n  \"mainSteps\": [\n    {\n      \"inputs\": {\n        \"runCommand\": [\n          \" #!\u002Fbin\u002Fsh\",\n          \" # Install Apache Web Server and PHP\",\n          \" yum install -y httpd\",\n          \" amazon-linux-extras install -y php7.2\",\n          \" # Turn on web server\",\n          \" systemctl enable httpd.service\",\n          \" systemctl start  httpd.service\",\n          \" # Download and install the AWS SDK for PHP\",\n          \" wget https:\u002F\u002Fgithub.com\u002Faws\u002Faws-sdk-php\u002Freleases\u002Fdownload\u002F3.62.3\u002Faws.zip\",\n          \" unzip aws -d \u002Fvar\u002Fwww\u002Fhtml\",\n          \" # Download Application files\",\n          \" wget https:\u002F\u002Faws-tc-largeobjects.s3.us-west-2.amazonaws.com\u002FILT-TF-200-ACSOPS-1\u002Flab-1-ssm\u002Fwidget-app.zip\",\n          \" unzip widget-app.zip -d \u002Fvar\u002Fwww\u002Fhtml\u002F\"\n        ]\n      },\n      \"name\": \"InstallDashboardApp\",\n      \"action\": \"aws:runShellScript\"\n    }\n  ]\n}\n","json",[315],{"type":50,"tag":250,"props":316,"children":317},{"__ignoreMap":31},[318,330,377,415,441,450,477,503,525,546,567,588,609,630,651,672,693,714,735,756,774,783,792,829,863,872,881],{"type":50,"tag":319,"props":320,"children":323},"span",{"class":321,"line":322},"line",1,[324],{"type":50,"tag":319,"props":325,"children":327},{"style":326},"--shiki-default:#ECEFF4;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2",[328],{"type":56,"value":329},"{\n",{"type":50,"tag":319,"props":331,"children":333},{"class":321,"line":332},2,[334,340,346,351,356,362,368,372],{"type":50,"tag":319,"props":335,"children":337},{"style":336},"--shiki-default:#ECEFF4;--shiki-default-font-style:inherit;--shiki-dark:#79B8FF;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic",[338],{"type":56,"value":339},"  \"",{"type":50,"tag":319,"props":341,"children":343},{"style":342},"--shiki-default:#8FBCBB;--shiki-default-font-style:inherit;--shiki-dark:#79B8FF;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic",[344],{"type":56,"value":345},"schemaVersion",{"type":50,"tag":319,"props":347,"children":348},{"style":336},[349],{"type":56,"value":350},"\"",{"type":50,"tag":319,"props":352,"children":353},{"style":326},[354],{"type":56,"value":355},":",{"type":50,"tag":319,"props":357,"children":359},{"style":358},"--shiki-default:#ECEFF4;--shiki-dark:#9ECBFF;--shiki-sepia:#CFCFC2",[360],{"type":56,"value":361}," \"",{"type":50,"tag":319,"props":363,"children":365},{"style":364},"--shiki-default:#A3BE8C;--shiki-dark:#9ECBFF;--shiki-sepia:#CFCFC2",[366],{"type":56,"value":367},"2.2",{"type":50,"tag":319,"props":369,"children":370},{"style":358},[371],{"type":56,"value":350},{"type":50,"tag":319,"props":373,"children":374},{"style":326},[375],{"type":56,"value":376},",\n",{"type":50,"tag":319,"props":378,"children":380},{"class":321,"line":379},3,[381,385,390,394,398,402,407,411],{"type":50,"tag":319,"props":382,"children":383},{"style":336},[384],{"type":56,"value":339},{"type":50,"tag":319,"props":386,"children":387},{"style":342},[388],{"type":56,"value":389},"description",{"type":50,"tag":319,"props":391,"children":392},{"style":336},[393],{"type":56,"value":350},{"type":50,"tag":319,"props":395,"children":396},{"style":326},[397],{"type":56,"value":355},{"type":50,"tag":319,"props":399,"children":400},{"style":358},[401],{"type":56,"value":361},{"type":50,"tag":319,"props":403,"children":404},{"style":364},[405],{"type":56,"value":406},"Install Dashboard App",{"type":50,"tag":319,"props":408,"children":409},{"style":358},[410],{"type":56,"value":350},{"type":50,"tag":319,"props":412,"children":413},{"style":326},[414],{"type":56,"value":376},{"type":50,"tag":319,"props":416,"children":418},{"class":321,"line":417},4,[419,423,428,432,436],{"type":50,"tag":319,"props":420,"children":421},{"style":336},[422],{"type":56,"value":339},{"type":50,"tag":319,"props":424,"children":425},{"style":342},[426],{"type":56,"value":427},"mainSteps",{"type":50,"tag":319,"props":429,"children":430},{"style":336},[431],{"type":56,"value":350},{"type":50,"tag":319,"props":433,"children":434},{"style":326},[435],{"type":56,"value":355},{"type":50,"tag":319,"props":437,"children":438},{"style":326},[439],{"type":56,"value":440}," [\n",{"type":50,"tag":319,"props":442,"children":444},{"class":321,"line":443},5,[445],{"type":50,"tag":319,"props":446,"children":447},{"style":326},[448],{"type":56,"value":449},"    {\n",{"type":50,"tag":319,"props":451,"children":453},{"class":321,"line":452},6,[454,459,464,468,472],{"type":50,"tag":319,"props":455,"children":456},{"style":336},[457],{"type":56,"value":458},"      \"",{"type":50,"tag":319,"props":460,"children":461},{"style":342},[462],{"type":56,"value":463},"inputs",{"type":50,"tag":319,"props":465,"children":466},{"style":336},[467],{"type":56,"value":350},{"type":50,"tag":319,"props":469,"children":470},{"style":326},[471],{"type":56,"value":355},{"type":50,"tag":319,"props":473,"children":474},{"style":326},[475],{"type":56,"value":476}," {\n",{"type":50,"tag":319,"props":478,"children":480},{"class":321,"line":479},7,[481,486,491,495,499],{"type":50,"tag":319,"props":482,"children":483},{"style":336},[484],{"type":56,"value":485},"        \"",{"type":50,"tag":319,"props":487,"children":488},{"style":342},[489],{"type":56,"value":490},"runCommand",{"type":50,"tag":319,"props":492,"children":493},{"style":336},[494],{"type":56,"value":350},{"type":50,"tag":319,"props":496,"children":497},{"style":326},[498],{"type":56,"value":355},{"type":50,"tag":319,"props":500,"children":501},{"style":326},[502],{"type":56,"value":440},{"type":50,"tag":319,"props":504,"children":506},{"class":321,"line":505},8,[507,512,517,521],{"type":50,"tag":319,"props":508,"children":509},{"style":358},[510],{"type":56,"value":511},"          \"",{"type":50,"tag":319,"props":513,"children":514},{"style":364},[515],{"type":56,"value":516}," #!\u002Fbin\u002Fsh",{"type":50,"tag":319,"props":518,"children":519},{"style":358},[520],{"type":56,"value":350},{"type":50,"tag":319,"props":522,"children":523},{"style":326},[524],{"type":56,"value":376},{"type":50,"tag":319,"props":526,"children":528},{"class":321,"line":527},9,[529,533,538,542],{"type":50,"tag":319,"props":530,"children":531},{"style":358},[532],{"type":56,"value":511},{"type":50,"tag":319,"props":534,"children":535},{"style":364},[536],{"type":56,"value":537}," # Install Apache Web Server and PHP",{"type":50,"tag":319,"props":539,"children":540},{"style":358},[541],{"type":56,"value":350},{"type":50,"tag":319,"props":543,"children":544},{"style":326},[545],{"type":56,"value":376},{"type":50,"tag":319,"props":547,"children":549},{"class":321,"line":548},10,[550,554,559,563],{"type":50,"tag":319,"props":551,"children":552},{"style":358},[553],{"type":56,"value":511},{"type":50,"tag":319,"props":555,"children":556},{"style":364},[557],{"type":56,"value":558}," yum install -y httpd",{"type":50,"tag":319,"props":560,"children":561},{"style":358},[562],{"type":56,"value":350},{"type":50,"tag":319,"props":564,"children":565},{"style":326},[566],{"type":56,"value":376},{"type":50,"tag":319,"props":568,"children":570},{"class":321,"line":569},11,[571,575,580,584],{"type":50,"tag":319,"props":572,"children":573},{"style":358},[574],{"type":56,"value":511},{"type":50,"tag":319,"props":576,"children":577},{"style":364},[578],{"type":56,"value":579}," amazon-linux-extras install -y php7.2",{"type":50,"tag":319,"props":581,"children":582},{"style":358},[583],{"type":56,"value":350},{"type":50,"tag":319,"props":585,"children":586},{"style":326},[587],{"type":56,"value":376},{"type":50,"tag":319,"props":589,"children":591},{"class":321,"line":590},12,[592,596,601,605],{"type":50,"tag":319,"props":593,"children":594},{"style":358},[595],{"type":56,"value":511},{"type":50,"tag":319,"props":597,"children":598},{"style":364},[599],{"type":56,"value":600}," # Turn on web server",{"type":50,"tag":319,"props":602,"children":603},{"style":358},[604],{"type":56,"value":350},{"type":50,"tag":319,"props":606,"children":607},{"style":326},[608],{"type":56,"value":376},{"type":50,"tag":319,"props":610,"children":612},{"class":321,"line":611},13,[613,617,622,626],{"type":50,"tag":319,"props":614,"children":615},{"style":358},[616],{"type":56,"value":511},{"type":50,"tag":319,"props":618,"children":619},{"style":364},[620],{"type":56,"value":621}," systemctl enable httpd.service",{"type":50,"tag":319,"props":623,"children":624},{"style":358},[625],{"type":56,"value":350},{"type":50,"tag":319,"props":627,"children":628},{"style":326},[629],{"type":56,"value":376},{"type":50,"tag":319,"props":631,"children":633},{"class":321,"line":632},14,[634,638,643,647],{"type":50,"tag":319,"props":635,"children":636},{"style":358},[637],{"type":56,"value":511},{"type":50,"tag":319,"props":639,"children":640},{"style":364},[641],{"type":56,"value":642}," systemctl start  httpd.service",{"type":50,"tag":319,"props":644,"children":645},{"style":358},[646],{"type":56,"value":350},{"type":50,"tag":319,"props":648,"children":649},{"style":326},[650],{"type":56,"value":376},{"type":50,"tag":319,"props":652,"children":654},{"class":321,"line":653},15,[655,659,664,668],{"type":50,"tag":319,"props":656,"children":657},{"style":358},[658],{"type":56,"value":511},{"type":50,"tag":319,"props":660,"children":661},{"style":364},[662],{"type":56,"value":663}," # Download and install the AWS SDK for PHP",{"type":50,"tag":319,"props":665,"children":666},{"style":358},[667],{"type":56,"value":350},{"type":50,"tag":319,"props":669,"children":670},{"style":326},[671],{"type":56,"value":376},{"type":50,"tag":319,"props":673,"children":675},{"class":321,"line":674},16,[676,680,685,689],{"type":50,"tag":319,"props":677,"children":678},{"style":358},[679],{"type":56,"value":511},{"type":50,"tag":319,"props":681,"children":682},{"style":364},[683],{"type":56,"value":684}," wget https:\u002F\u002Fgithub.com\u002Faws\u002Faws-sdk-php\u002Freleases\u002Fdownload\u002F3.62.3\u002Faws.zip",{"type":50,"tag":319,"props":686,"children":687},{"style":358},[688],{"type":56,"value":350},{"type":50,"tag":319,"props":690,"children":691},{"style":326},[692],{"type":56,"value":376},{"type":50,"tag":319,"props":694,"children":696},{"class":321,"line":695},17,[697,701,706,710],{"type":50,"tag":319,"props":698,"children":699},{"style":358},[700],{"type":56,"value":511},{"type":50,"tag":319,"props":702,"children":703},{"style":364},[704],{"type":56,"value":705}," unzip aws -d \u002Fvar\u002Fwww\u002Fhtml",{"type":50,"tag":319,"props":707,"children":708},{"style":358},[709],{"type":56,"value":350},{"type":50,"tag":319,"props":711,"children":712},{"style":326},[713],{"type":56,"value":376},{"type":50,"tag":319,"props":715,"children":717},{"class":321,"line":716},18,[718,722,727,731],{"type":50,"tag":319,"props":719,"children":720},{"style":358},[721],{"type":56,"value":511},{"type":50,"tag":319,"props":723,"children":724},{"style":364},[725],{"type":56,"value":726}," # Download Application files",{"type":50,"tag":319,"props":728,"children":729},{"style":358},[730],{"type":56,"value":350},{"type":50,"tag":319,"props":732,"children":733},{"style":326},[734],{"type":56,"value":376},{"type":50,"tag":319,"props":736,"children":738},{"class":321,"line":737},19,[739,743,748,752],{"type":50,"tag":319,"props":740,"children":741},{"style":358},[742],{"type":56,"value":511},{"type":50,"tag":319,"props":744,"children":745},{"style":364},[746],{"type":56,"value":747}," wget https:\u002F\u002Faws-tc-largeobjects.s3.us-west-2.amazonaws.com\u002FILT-TF-200-ACSOPS-1\u002Flab-1-ssm\u002Fwidget-app.zip",{"type":50,"tag":319,"props":749,"children":750},{"style":358},[751],{"type":56,"value":350},{"type":50,"tag":319,"props":753,"children":754},{"style":326},[755],{"type":56,"value":376},{"type":50,"tag":319,"props":757,"children":759},{"class":321,"line":758},20,[760,764,769],{"type":50,"tag":319,"props":761,"children":762},{"style":358},[763],{"type":56,"value":511},{"type":50,"tag":319,"props":765,"children":766},{"style":364},[767],{"type":56,"value":768}," unzip widget-app.zip -d \u002Fvar\u002Fwww\u002Fhtml\u002F",{"type":50,"tag":319,"props":770,"children":771},{"style":358},[772],{"type":56,"value":773},"\"\n",{"type":50,"tag":319,"props":775,"children":777},{"class":321,"line":776},21,[778],{"type":50,"tag":319,"props":779,"children":780},{"style":326},[781],{"type":56,"value":782},"        ]\n",{"type":50,"tag":319,"props":784,"children":786},{"class":321,"line":785},22,[787],{"type":50,"tag":319,"props":788,"children":789},{"style":326},[790],{"type":56,"value":791},"      },\n",{"type":50,"tag":319,"props":793,"children":795},{"class":321,"line":794},23,[796,800,805,809,813,817,821,825],{"type":50,"tag":319,"props":797,"children":798},{"style":336},[799],{"type":56,"value":458},{"type":50,"tag":319,"props":801,"children":802},{"style":342},[803],{"type":56,"value":804},"name",{"type":50,"tag":319,"props":806,"children":807},{"style":336},[808],{"type":56,"value":350},{"type":50,"tag":319,"props":810,"children":811},{"style":326},[812],{"type":56,"value":355},{"type":50,"tag":319,"props":814,"children":815},{"style":358},[816],{"type":56,"value":361},{"type":50,"tag":319,"props":818,"children":819},{"style":364},[820],{"type":56,"value":255},{"type":50,"tag":319,"props":822,"children":823},{"style":358},[824],{"type":56,"value":350},{"type":50,"tag":319,"props":826,"children":827},{"style":326},[828],{"type":56,"value":376},{"type":50,"tag":319,"props":830,"children":832},{"class":321,"line":831},24,[833,837,842,846,850,854,859],{"type":50,"tag":319,"props":834,"children":835},{"style":336},[836],{"type":56,"value":458},{"type":50,"tag":319,"props":838,"children":839},{"style":342},[840],{"type":56,"value":841},"action",{"type":50,"tag":319,"props":843,"children":844},{"style":336},[845],{"type":56,"value":350},{"type":50,"tag":319,"props":847,"children":848},{"style":326},[849],{"type":56,"value":355},{"type":50,"tag":319,"props":851,"children":852},{"style":358},[853],{"type":56,"value":361},{"type":50,"tag":319,"props":855,"children":856},{"style":364},[857],{"type":56,"value":858},"aws:runShellScript",{"type":50,"tag":319,"props":860,"children":861},{"style":358},[862],{"type":56,"value":773},{"type":50,"tag":319,"props":864,"children":866},{"class":321,"line":865},25,[867],{"type":50,"tag":319,"props":868,"children":869},{"style":326},[870],{"type":56,"value":871},"    }\n",{"type":50,"tag":319,"props":873,"children":875},{"class":321,"line":874},26,[876],{"type":50,"tag":319,"props":877,"children":878},{"style":326},[879],{"type":56,"value":880},"  ]\n",{"type":50,"tag":319,"props":882,"children":884},{"class":321,"line":883},27,[885],{"type":50,"tag":319,"props":886,"children":887},{"style":326},[888],{"type":56,"value":889},"}\n",{"type":50,"tag":93,"props":891,"children":893},{"id":892},"key-advantages",[894],{"type":56,"value":895},"Key Advantages",{"type":50,"tag":161,"props":897,"children":898},{},[899,909,919,929],{"type":50,"tag":120,"props":900,"children":901},{},[902,907],{"type":50,"tag":168,"props":903,"children":904},{},[905],{"type":56,"value":906},"No SSH Required",{"type":56,"value":908},": The installation happened without opening port 22 or managing SSH keys",{"type":50,"tag":120,"props":910,"children":911},{},[912,917],{"type":50,"tag":168,"props":913,"children":914},{},[915],{"type":56,"value":916},"Centralized Execution",{"type":56,"value":918},": Commands run consistently across multiple instances",{"type":50,"tag":120,"props":920,"children":921},{},[922,927],{"type":50,"tag":168,"props":923,"children":924},{},[925],{"type":56,"value":926},"Audit Trail",{"type":56,"value":928},": All command executions are logged for compliance and troubleshooting",{"type":50,"tag":120,"props":930,"children":931},{},[932,937],{"type":50,"tag":168,"props":933,"children":934},{},[935],{"type":56,"value":936},"Scalability",{"type":56,"value":938},": The same command can be applied to hundreds of instances simultaneously",{"type":50,"tag":58,"props":940,"children":942},{"id":941},"task-3-managing-application-settings-with-parameter-store",[943],{"type":56,"value":944},"Task 3: Managing Application Settings with Parameter Store",{"type":50,"tag":93,"props":946,"children":948},{"id":947},"parameter-store-overview",[949],{"type":56,"value":950},"Parameter Store Overview",{"type":50,"tag":65,"props":952,"children":953},{},[954],{"type":56,"value":955},"AWS Systems Manager Parameter Store provides secure, hierarchical storage for configuration data and secrets management. You can store values such as passwords, database connection strings, and application settings as parameter values, with options to store them as plain text or encrypted data.",{"type":50,"tag":93,"props":957,"children":959},{"id":958},"dynamic-configuration-in-action",[960],{"type":56,"value":961},"Dynamic Configuration in Action",{"type":50,"tag":65,"props":963,"children":964},{},[965],{"type":56,"value":966},"In the lab, I created a parameter that dynamically enabled features in the deployed application:",{"type":50,"tag":116,"props":968,"children":969},{},[970,989,994],{"type":50,"tag":120,"props":971,"children":972},{},[973,975,981,983],{"type":56,"value":974},"Created a parameter ",{"type":50,"tag":250,"props":976,"children":978},{"className":977},[],[979],{"type":56,"value":980},"\u002Fdashboard\u002Fshow-beta-features",{"type":56,"value":982}," with value ",{"type":50,"tag":250,"props":984,"children":986},{"className":985},[],[987],{"type":56,"value":988},"True",{"type":50,"tag":120,"props":990,"children":991},{},[992],{"type":56,"value":993},"The application automatically detected this parameter and enabled additional features",{"type":50,"tag":120,"props":995,"children":996},{},[997],{"type":56,"value":998},"Refreshing the application showed an additional chart that was previously hidden",{"type":50,"tag":65,"props":1000,"children":1001},{},[1002],{"type":50,"tag":144,"props":1003,"children":1006},{"alt":1004,"src":1005},"Parameter Store Interface","\u002Fimages\u002Fblog\u002F2025\u002F10\u002F05\u002Fssm-parameter-store-interface.png",[],{"type":50,"tag":65,"props":1008,"children":1009},{},[1010],{"type":56,"value":1011},"This demonstrates how Parameter Store enables dynamic configuration changes without redeploying applications. The application can check Parameter Store at runtime to determine which features to enable, allowing for dark launches and feature toggles.",{"type":50,"tag":93,"props":1013,"children":1015},{"id":1014},"security-benefits",[1016],{"type":56,"value":1017},"Security Benefits",{"type":50,"tag":161,"props":1019,"children":1020},{},[1021,1031,1041,1051],{"type":50,"tag":120,"props":1022,"children":1023},{},[1024,1029],{"type":50,"tag":168,"props":1025,"children":1026},{},[1027],{"type":56,"value":1028},"Encrypted Storage",{"type":56,"value":1030},": Sensitive parameters can be encrypted using AWS KMS",{"type":50,"tag":120,"props":1032,"children":1033},{},[1034,1039],{"type":50,"tag":168,"props":1035,"children":1036},{},[1037],{"type":56,"value":1038},"IAM Integration",{"type":56,"value":1040},": Fine-grained access control for who can read or modify parameters",{"type":50,"tag":120,"props":1042,"children":1043},{},[1044,1049],{"type":50,"tag":168,"props":1045,"children":1046},{},[1047],{"type":56,"value":1048},"Version Control",{"type":56,"value":1050},": Parameter Store maintains a version history of all changes",{"type":50,"tag":120,"props":1052,"children":1053},{},[1054,1059],{"type":50,"tag":168,"props":1055,"children":1056},{},[1057],{"type":56,"value":1058},"Cross-Region Replication",{"type":56,"value":1060},": Parameters can be replicated across regions for disaster recovery",{"type":50,"tag":58,"props":1062,"children":1064},{"id":1063},"task-4-secure-instance-access-with-session-manager",[1065],{"type":56,"value":1066},"Task 4: Secure Instance Access with Session Manager",{"type":50,"tag":93,"props":1068,"children":1070},{"id":1069},"session-manager-security-features",[1071],{"type":56,"value":1072},"Session Manager Security Features",{"type":50,"tag":65,"props":1074,"children":1075},{},[1076],{"type":56,"value":1077},"AWS Systems Manager Session Manager provides secure and auditable instance management without requiring SSH access. It offers an interactive one-click browser-based shell or CLI access to EC2 instances, eliminating the need to open inbound ports, maintain bastion hosts, or manage SSH keys.",{"type":50,"tag":65,"props":1079,"children":1080},{},[1081],{"type":50,"tag":144,"props":1082,"children":1085},{"alt":1083,"src":1084},"Secure Instance Access via Session Manager","\u002Fimages\u002Fblog\u002F2025\u002F10\u002F05\u002FAccessInstances.png",[],{"type":50,"tag":93,"props":1087,"children":1089},{"id":1088},"hands-on-experience",[1090],{"type":56,"value":1091},"Hands-On Experience",{"type":50,"tag":65,"props":1093,"children":1094},{},[1095],{"type":56,"value":1096},"During the lab, I accessed the managed instance through Session Manager:",{"type":50,"tag":116,"props":1098,"children":1099},{},[1100,1105,1110,1121],{"type":50,"tag":120,"props":1101,"children":1102},{},[1103],{"type":56,"value":1104},"Started a session from the Systems Manager console",{"type":50,"tag":120,"props":1106,"children":1107},{},[1108],{"type":56,"value":1109},"Ran commands on the instance through the browser interface",{"type":50,"tag":120,"props":1111,"children":1112},{},[1113,1115],{"type":56,"value":1114},"Verified application files were installed in ",{"type":50,"tag":250,"props":1116,"children":1118},{"className":1117},[],[1119],{"type":56,"value":1120},"\u002Fvar\u002Fwww\u002Fhtml",{"type":50,"tag":120,"props":1122,"children":1123},{},[1124],{"type":56,"value":1125},"Demonstrated that traditional SSH access was not required by checking that port 22 wasn't open",{"type":50,"tag":65,"props":1127,"children":1128},{},[1129],{"type":50,"tag":144,"props":1130,"children":1133},{"alt":1131,"src":1132},"Session Manager Interface","\u002Fimages\u002Fblog\u002F2025\u002F10\u002F05\u002Fssm-session-manager-interface.png",[],{"type":50,"tag":93,"props":1135,"children":1137},{"id":1136},"security-and-compliance-benefits",[1138],{"type":56,"value":1139},"Security and Compliance Benefits",{"type":50,"tag":161,"props":1141,"children":1142},{},[1143,1153,1163,1172,1182],{"type":50,"tag":120,"props":1144,"children":1145},{},[1146,1151],{"type":50,"tag":168,"props":1147,"children":1148},{},[1149],{"type":56,"value":1150},"No Open Ports",{"type":56,"value":1152},": Eliminates the need to open SSH ports (22) in security groups",{"type":50,"tag":120,"props":1154,"children":1155},{},[1156,1161],{"type":50,"tag":168,"props":1157,"children":1158},{},[1159],{"type":56,"value":1160},"IAM Policy Enforcement",{"type":56,"value":1162},": Access control through IAM policies rather than key management",{"type":50,"tag":120,"props":1164,"children":1165},{},[1166,1170],{"type":50,"tag":168,"props":1167,"children":1168},{},[1169],{"type":56,"value":926},{"type":56,"value":1171},": Session Manager logs all commands in AWS CloudTrail",{"type":50,"tag":120,"props":1173,"children":1174},{},[1175,1180],{"type":50,"tag":168,"props":1176,"children":1177},{},[1178],{"type":56,"value":1179},"Cross-Platform Access",{"type":56,"value":1181},": Works consistently across Linux and Windows instances",{"type":50,"tag":120,"props":1183,"children":1184},{},[1185,1190],{"type":50,"tag":168,"props":1186,"children":1187},{},[1188],{"type":56,"value":1189},"Session Recording",{"type":56,"value":1191},": Commands and output can be recorded for compliance purposes",{"type":50,"tag":58,"props":1193,"children":1195},{"id":1194},"real-world-applications",[1196],{"type":56,"value":1197},"Real-World Applications",{"type":50,"tag":65,"props":1199,"children":1200},{},[1201],{"type":56,"value":1202},"The skills and tools explored in this lab have immediate practical applications:",{"type":50,"tag":116,"props":1204,"children":1205},{},[1206,1216,1225,1235],{"type":50,"tag":120,"props":1207,"children":1208},{},[1209,1214],{"type":50,"tag":168,"props":1210,"children":1211},{},[1212],{"type":56,"value":1213},"Centralized Patching",{"type":56,"value":1215},": Use Run Command to apply security patches across your entire fleet simultaneously",{"type":50,"tag":120,"props":1217,"children":1218},{},[1219,1223],{"type":50,"tag":168,"props":1220,"children":1221},{},[1222],{"type":56,"value":192},{"type":56,"value":1224},": Leverage Parameter Store to manage application settings dynamically",{"type":50,"tag":120,"props":1226,"children":1227},{},[1228,1233],{"type":50,"tag":168,"props":1229,"children":1230},{},[1231],{"type":56,"value":1232},"Compliance Auditing",{"type":56,"value":1234},": Use Inventory to maintain compliance reporting across your infrastructure",{"type":50,"tag":120,"props":1236,"children":1237},{},[1238,1243],{"type":50,"tag":168,"props":1239,"children":1240},{},[1241],{"type":56,"value":1242},"Secure Operations",{"type":56,"value":1244},": Implement Session Manager to eliminate SSH access and improve security posture",{"type":50,"tag":58,"props":1246,"children":1248},{"id":1247},"certification-preparation-insights",[1249],{"type":56,"value":1250},"Certification Preparation Insights",{"type":50,"tag":65,"props":1252,"children":1253},{},[1254],{"type":56,"value":1255},"This lab reinforced several key concepts that are crucial for AWS Cloud Operations certification:",{"type":50,"tag":161,"props":1257,"children":1258},{},[1259,1269,1279,1289],{"type":50,"tag":120,"props":1260,"children":1261},{},[1262,1267],{"type":50,"tag":168,"props":1263,"children":1264},{},[1265],{"type":56,"value":1266},"Infrastructure as Code",{"type":56,"value":1268},": Systems Manager documents provide a declarative way to manage infrastructure state",{"type":50,"tag":120,"props":1270,"children":1271},{},[1272,1277],{"type":50,"tag":168,"props":1273,"children":1274},{},[1275],{"type":56,"value":1276},"Security Best Practices",{"type":56,"value":1278},": Emphasis on least-privilege access and elimination of traditional access methods",{"type":50,"tag":120,"props":1280,"children":1281},{},[1282,1287],{"type":50,"tag":168,"props":1283,"children":1284},{},[1285],{"type":56,"value":1286},"Operational Excellence",{"type":56,"value":1288},": Focus on monitoring, automation, and consistent operational processes",{"type":50,"tag":120,"props":1290,"children":1291},{},[1292,1297],{"type":50,"tag":168,"props":1293,"children":1294},{},[1295],{"type":56,"value":1296},"Cost Optimization",{"type":56,"value":1298},": Centralized management reduces operational overhead and potential human error",{"type":50,"tag":58,"props":1300,"children":1302},{"id":1301},"conclusion",[1303],{"type":56,"value":1304},"Conclusion",{"type":50,"tag":65,"props":1306,"children":1307},{},[1308],{"type":56,"value":1309},"AWS Systems Manager provides a comprehensive platform for managing your AWS resources at scale. The combination of Inventory, Run Command, Parameter Store, and Session Manager creates a powerful operational toolkit that enhances both security and efficiency.",{"type":50,"tag":65,"props":1311,"children":1312},{},[1313],{"type":56,"value":1314},"The hands-on experience with these services has significantly improved my understanding of operational best practices in AWS, particularly around automation, security, and centralized management. These tools are essential for anyone pursuing the AWS Cloud Operations certification or working in operational roles within AWS environments.",{"type":50,"tag":65,"props":1316,"children":1317},{},[1318],{"type":56,"value":1319},"For organizations looking to improve their operational practices, Systems Manager offers a path to eliminate traditional, less secure methods of instance management while providing powerful automation capabilities. The next step in my certification journey will involve exploring more advanced Systems Manager features and integration with other AWS services.",{"type":50,"tag":65,"props":1321,"children":1322},{},[1323],{"type":50,"tag":144,"props":1324,"children":1327},{"alt":1325,"src":1326},"Systems Manager Dashboard Overview","\u002Fimages\u002Fblog\u002F2025\u002F10\u002F05\u002Fssm-dashboard-overview.png",[],{"type":50,"tag":1329,"props":1330,"children":1331},"hr",{},[],{"type":50,"tag":65,"props":1333,"children":1334},{},[1335],{"type":50,"tag":1336,"props":1337,"children":1338},"em",{},[1339],{"type":56,"value":1340},"This blog post is part of my AWS Cloud Operations certification journey series. Stay tuned for more hands-on experiences and insights as I progress through the certification requirements.",{"type":50,"tag":1342,"props":1343,"children":1344},"style",{},[1345],{"type":56,"value":1346},"html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}",{"title":31,"searchDepth":332,"depth":332,"links":1348},[1349,1350,1351,1356,1362,1367,1372,1373,1374],{"id":60,"depth":332,"text":63},{"id":77,"depth":332,"text":80},{"id":88,"depth":332,"text":91,"children":1352},[1353,1354,1355],{"id":95,"depth":379,"text":98},{"id":106,"depth":379,"text":109},{"id":156,"depth":379,"text":159},{"id":207,"depth":332,"text":210,"children":1357},[1358,1359,1360,1361],{"id":213,"depth":379,"text":216},{"id":232,"depth":379,"text":235},{"id":299,"depth":379,"text":302},{"id":892,"depth":379,"text":895},{"id":941,"depth":332,"text":944,"children":1363},[1364,1365,1366],{"id":947,"depth":379,"text":950},{"id":958,"depth":379,"text":961},{"id":1014,"depth":379,"text":1017},{"id":1063,"depth":332,"text":1066,"children":1368},[1369,1370,1371],{"id":1069,"depth":379,"text":1072},{"id":1088,"depth":379,"text":1091},{"id":1136,"depth":379,"text":1139},{"id":1194,"depth":332,"text":1197},{"id":1247,"depth":332,"text":1250},{"id":1301,"depth":332,"text":1304},"markdown","content:blog:2025:10:05:aws-cloud-operations-certification-journey-ssm-lab.md","content","blog\u002F2025\u002F10\u002F05\u002Faws-cloud-operations-certification-journey-ssm-lab.md","blog\u002F2025\u002F10\u002F05\u002Faws-cloud-operations-certification-journey-ssm-lab","md",{"loc":8},1773617922837]