Create a Role for communicating with InfraGuard

  • Log into the AWS account
  • Go to CloudFormation and create a stack with AWS-SystemsManager-AutomationExecutionRole attached to this document
  • It will prompt you to enter your AWS account id as "028197385767". Enter and create the stack
  • This will create an IAM role

Ensure SSM is installed and active

  • Log on to your AWS console and click on “Run Command” under the “AWS SYSTEMS MANAGER” service
  • Click on “Run a command”
  • Select “AWS-RunShellScript” for Linux or "AWS-RunPowerShellScript" for Windows from the list of Command document
  • Now click on the select instance button and select the instance from the instance list
  • Enter sudo status amazon-ssm-agent for Linux and Get-Service -Name "AmazonSSMAgent" for Windows instance in the commands text area and click 'Run'
  • Now click on command id and select 'Output' tab and then view the output
  • Make sure the output is amazon-ssm-agent start/running

Onboard your servers to InfraGuard

  • Log onto account
  • Select CLUSTER from side-menu
  • Click on “MANAGE ACCOUNT”
  • Add your Role ARN (IAM -> Roles ->AWS-SystemsManager-AutomationExecutionRole)
  • Add external ID as "InfraGuardApp"
  • Click ‘Sync’
  • Wait for 2 minutes then check your inbox to get a report for onboarding 
  • Now, you can see your server on IG