Hey! Josh Frantz here, Lead Security Consultant at Rapid7. In this blog series, we will focus on how to automate the mundane so you can more efficiently secure your AWS environment and focus on solving important, engaging, and difficult issues.
Today, we are going to be installing software on all your existing EC2 instances across several (or all!) accounts under an organization in AWS. I’ll even show you how you can create resource groups to easily use this same automation in the future for things like running scripts, updating patch levels, and more!
For the purposes of this blog, we’ll install the Rapid7 Insight Agent on all of our EC2 instances. The Insight Agent is a lightweight piece of software that runs on your endpoints and collects data for InsightVM (our vulnerability management product), InsightIDR (our cloud-based SIEM product), and InsightOps (our log management product). It sends data to the Insight platform for processing so we can assess for vulnerabilities and provide user behavior analytics (UBA).
The same automation document can be applied to nearly any command you can run in a shell or with PowerShell, so feel free to use this for anything!
Overview
In this blog post, we’ll go over several steps to make sure that automating the installation of the Insight agent for all your existing infrastructure is easy. First, let’s talk about Systems Manager.
