Systems Manager
AWS Systems Manager (SSM)
Overview
AWS Systems Manager integration - regscale aws sync_ssm - assesses configuration and patch management (CM-2, CM-6, SI-2, CM-3, CM-8).
Command Syntax
regscale aws sync_ssm [OPTIONS]
Basic Usage
# Sync SSM configuration with evidence
regscale aws sync_ssm --regscale-id 123 --create-evidence
# Filter by account and tags
regscale aws sync_ssm \
--regscale-id 123 \
--account-id 123456789012 \
--tags Environment=Production
# Link to specific controls
regscale aws sync_ssm \
--regscale-id 123 \
--create-evidence \
--evidence-control-ids CM-2,CM-6,SI-2
NIST 800-53 Controls Assessed
- CM-2: Baseline Configuration
- CM-3: Configuration Change Control
- CM-6: Configuration Settings
- CM-8: System Component Inventory
- SI-2: Flaw Remediation
What Gets Created in RegScale
- Control Assessments: CM and SI family controls
- Evidence: Managed instances, patch baselines, compliance status, Parameter Store
- Issues: Non-compliant patch status, missing associations
Common Use Cases
# Patch management compliance
regscale aws sync_ssm \
--regscale-id 123 \
--create-evidence \
--evidence-control-ids CM-2,CM-6,SI-2 \
--tags Environment=Production \
--create-issues \
--create-poams
Updated about 7 hours ago