使用 AWS Systems Manager 实现安全的自动化工作流程.pdf

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.C O P 3 4 1Implement secure automated workflows with AWS Systems ManagerPaul Hoffmann(he/him)Sr.Manager,Product ManagementAWSJim Grabinski(he/him)Sr.Technical Accoun

2、t ManagerAWS 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.The challengeImprove security incident remediation using automationKey problems were facing:Manual processes require excessive staff time and are subject to human error Ad-hoc security responses extend mean time to resol

3、ution(MTTR)Inconsistent procedures create audit risks,especially for emergency access scenarios 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.What well solve together(20 minutes per problem)Problem 1:Security incident detected-now what?From manual chaos to automated response wor

4、kflows Building and using runbooks that actually workwhen it mattersProblem 2:We need emergency access RIGHT NOW(but safely).Controlled break-glass access procedures that meet compliance requirementsJust-in-time access request and approval audit trails 2025,Amazon Web Services,Inc.or its affiliates.

5、All rights reserved.Incident workflowThere is an incident(security,operational)Trigger an automated analysis/responseYou need emergency access to securely and efficiently connect and remediate 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Automate with AWS Systems ManagerUse Run

6、 Command to execute commands remotely on Systems Manager managed nodesUse State Manager to keep managed instances in a defined stateUse Automation to execute complex workflows at scaleUse Patch Manager to install patches to remediate OS vulnerabilitiesUse Compliance to monitor an