===== Useful AWS Blog Entries =====
{{tag>AWS Blog}}
=== Blog Entries ===
Centralized multi-account and multi-Region patching with AWS Systems Manager Automation.\\
https://aws.amazon.com/blogs/mt/centralized-multi-account-and-multi-region-patching-with-aws-systems-manager-automation/

Automate deployment of IAM policies across multiple accounts with CloudFormation.\\
https://aws.amazon.com/blogs/mt/supercharge-multi-account-management-with-aws-cloudformation/

Monitor use of root account.\\
https://aws.amazon.com/blogs/mt/monitor-and-notify-on-aws-account-root-user-activity/

Monitor CloudTrail status.\\
https://aws.amazon.com/blogs/mt/monitor-changes-and-auto-enable-logging-in-aws-cloudtrail/

Using SSM automation for performing a backup and the installing updates.\\
https://aws.amazon.com/blogs/mt/maintenance-windows-support-for-new-task-types-using-amazon-ec2-systems-manager/

Using SSM automation for increasing security.\\
https://aws.amazon.com/blogs/mt/improving-security-through-delegated-administration-with-amazon-ec2-systems-manager-automation/

SSM cross platform documents and multiple same steps.\\
https://aws.amazon.com/blogs/mt/amazon-ec2-systems-manager-documents-support-for-cross-platform-documents-and-multiple-steps-of-the-same-type/

Recover an inaccessible Windows EC2 instance with SSM EC2Rescue document.\\
https://aws.amazon.com/blogs/mt/recover-your-impaired-instances-using-ec2rescue-and-amazon-ec2-systems-manager-automation/

Using SSM to automate adding and removing of users to an instance.\\
https://aws.amazon.com/blogs/mt/finra-gatekeeper-amazon-ec2-access-management-system-using-amazon-ec2-systems-manager/

IIS logs to CloudWatch.\\
https://aws.amazon.com/blogs/mt/automate-iis-and-httperr-logs-to-amazon-cloudwatch-using-ec2-systems-manager/

Update instances that are infrequently powered on.\\
https://aws.amazon.com/blogs/mt/how-to-secure-infrequently-used-ec2-instances-with-aws-systems-manager/

Use Systems Manger to run InSpec compliance checks.\\
https://aws.amazon.com/blogs/mt/using-aws-systems-manager-to-run-compliance-scans-using-inspec-by-chef/

CloudFormation Assertions.\\
https://aws.amazon.com/blogs/mt/how-to-perform-cross-parameter-validation-using-aws-cloudformation-rules-and-assertions/

Using SSM to patch instances in private subnets.\\
https://aws.amazon.com/blogs/mt/how-to-patch-windows-ec2-instances-in-private-subnets-using-aws-systems-manager/

Report and remediate instances not managed by SSM.\\
https://aws.amazon.com/blogs/mt/reporting-and-remediating-ec2-instances-that-aws-systems-manager-doesnt-list-as-managed-instances/

Centralized multi-account multi-region SSM automation.\\
https://aws.amazon.com/blogs/mt/centralized-multi-account-and-multi-region-patching-with-aws-systems-manager-automation/

Three custom SSM automation document examples.\\
https://aws.amazon.com/blogs/mt/onica-demonstrates-uses-for-new-aws-systems-manager-automation-actions/

APIGateway for Lambda fronting SSM.\\
https://aws.amazon.com/blogs/mt/how-datacom-solved-hybrid-risk-management-with-aws-systems-manager/

AWS Config best practices.\\
https://aws.amazon.com/blogs/mt/aws-config-best-practices/

AWS Systems Manager Parameter Store labels.\\
https://aws.amazon.com/blogs/mt/use-parameter-labels-for-easy-configuration-update-across-environments/

=== Documentation ===
Tasks that require use of the root account.\\
https://docs.aws.amazon.com/general/latest/gr/aws_tasks-that-require-root.html