Implementation of a set of EC2 instances using Terraform and AWS Systems Manager configuration with Amazon Simple Notification Service for automated installation of security officers

In this project based on a real-world scenario, I acted as DevSecOps Engineer, and I deployed a set of EC2 instances and infrastructure in an automated way using Terraform (infrastructure as code — IaC). Also, it was necessary to install a specific security agent on all these instances in an automated way.

Once I provisioned the infrastructure, AWS Systems Manager and its component Command Run were used to install the security agents in an automated way. I used the Amazon Simple Notification Service — SNS to send an email informing the whole process status.

As described in the architecture above, several EC2 instances were created inside a VPC in automated way using Terraform scripts. The main goal is to run commands in these Virtual Machines automatically without manual intervention, for instance installing patches or security agents etc…

In order to achieve automation, AWS Systems manager was used, in a way that it can interact with Amazon Simple notification Service (SNS) so that notification emails will be sent automatically to an end user, also to run scripts automatically among selected EC2 instances. By this I have created a fully automated environment to run commands in a certain number of instances.