Skip to content

Commit

Permalink
Merge pull request #187 from aaalzand/master
Browse files Browse the repository at this point in the history 
Multiple fixes and enhancements
  • Loading branch information
@harniva14
harniva14 authored Dec 17, 2021
2 parents b12de34 + 0fed475 commit 9caf00b
Show file tree
Hide file tree
Showing 17 changed files with 804 additions and 672 deletions.
28 changes: 16 additions & 12 deletions Systems Manager/SSMAgent-Toolkit-Windows/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,10 @@ The [SSMAgent-Toolkit for Windows](https://github.com/awslabs/aws-support-tools/
PS C:\SSMAgent-Toolkit> Import-Module "$destination\SSMAgent-Toolkit\SSMAgent-Toolkit.psm1";Invoke-SSMChecks -Table
Checking for elevated permissions...
Code is running as administrator - executing the script...
[2021-09-17T20:41:53.8766462+00:00] [INFO] Logs directory exists - C:\SSMAgent-Toolkit\logs\
[2021-09-17T20:41:53.8766462+00:00] [INFO] Outputs directory exists - C:\SSMAgent-Toolkit\Outputs\
[2021-09-17T20:41:53.8857124+00:00] [INFO] Logs available at C:\SSMAgent-Toolkit\logs\SSMCheck_2021-09-17-08-41-53.log
[2021-09-17T20:41:53.8857124+00:00] [INFO] Outputs available at C:\SSMAgent-Toolkit\Outputs\SSMCheck_2021-09-17-08-41-53.txt
[2021-12-09T20:26:38.5340080+00:00] [INFO] Logs directory exists - C:\SSMAgent-Toolkit\logs\
[2021-12-09T20:26:38.5340080+00:00] [INFO] Outputs directory exists - C:\SSMAgent-Toolkit\Outputs\
[2021-12-09T20:26:38.5497378+00:00] [INFO] Logs available at C:\SSMAgent-Toolkit\logs\SSMCheck_2021-12-09-08-26-38.log
[2021-12-09T20:26:38.5497378+00:00] [INFO] Outputs available at C:\SSMAgent-Toolkit\Outputs\SSMCheck_2021-12-09-08-26-38.txt
Running all the tests can take a few minutes...
___ _ _______ _____ __ __ ___
/ | | / / ___/ / ___/__ _______/ /____ ____ ___ _____ / |/ /___ _____ ____ _____ ____ _____
Expand All @@ -33,6 +33,7 @@ Check Value
Windows sysprep image state complete Pass Image state is IMAGE_STATE_COMPLETE. This is the desired state
Amazon SSM agent service running Pass amazonssmagent service is in Running state. This is the desired state
Amazon SSM service account LocalSystem This is the recommended account to use
Amazon SSM service startup mode Auto This is the recommended startup mode to use
Managed(hybrid) Instance Registration Pass ManagedInstanceID = mi-abcdef01234567890, Region = us-east-1
EC2 instance metadata accessible Skip This test skipped since this server configured as Managed(hybrid) Instance
IAM instance profile Skip This test skipped since this server configured as Managed(hybrid) Instance
Expand All @@ -44,13 +45,14 @@ ssmmessages.us-east-1.amazonaws.com accessible Pass
S3.us-east-1.amazonaws.com accessible Pass Endpoint IP address is 52.217.165.48
kms.us-east-1.amazonaws.com accessible Pass Endpoint IP address is 52.46.134.194
logs.us-east-1.amazonaws.com accessible Pass Endpoint IP address is 3.236.94.199
monitoring.us-east-1.amazonaws.com accessible Pass Endpoint IP address is 72.21.206.194
SSM Agent Proxy Setting N/A There is no proxy setting for SSM Agent
System-wide environment variable proxy N/A There is no http_proxy, https_proxy or no_proxy configured
LocalSystem account user environment variable proxy N/A There is no http_proxy, https_proxy or no_proxy configured
WinHTTP system-wide proxy N/A There is no ProxyServer(s) configured for WinHTTP system-wide proxy
LocalSystem account user Internet Explorer proxy N/A There is no ProxyServer configured
SSMAgent version Pass The install and the latest agent version in us-east-1 is 3.1.338.0
Session Manager Plugin version Pass The install and the latest Session Manager Plugin version is 1.2.245.0
SSMAgent version Pass The install and the latest agent version in us-east-1 is 3.1.501.0
Session Manager Plugin version Pass The install and the latest Session Manager Plugin version is 1.2.279.0
```

### The instance register as a EC2 instance
Expand All @@ -61,10 +63,10 @@ Session Manager Plugin version Pass
PS C:\SSMAgent-Toolkit> Import-Module "$destination\SSMAgent-Toolkit\SSMAgent-Toolkit.psm1";Invoke-SSMChecks -Table
Checking for elevated permissions...
Code is running as administrator - executing the script...
[2021-10-01T13:16:05.6939670+00:00] [INFO] Logs directory exists - C:\SSMAgent-Toolkit\logs\
[2021-10-01T13:16:05.7095817+00:00] [INFO] Outputs directory exists - C:\SSMAgent-Toolkit\Outputs\
[2021-10-01T13:16:05.7095817+00:00] [INFO] Logs available at C:\SSMAgent-Toolkit\logs\SSMCheck_2021-10-01-01-16-05.log
[2021-10-01T13:16:05.7095817+00:00] [INFO] Outputs available at C:\SSMAgent-Toolkit\Outputs\SSMCheck_2021-10-01-01-16-05.txt
[2021-12-09T20:26:38.5340080+00:00] [INFO] Logs directory exists - C:\SSMAgent-Toolkit\logs\
[2021-12-09T20:26:38.5340080+00:00] [INFO] Outputs directory exists - C:\SSMAgent-Toolkit\Outputs\
[2021-12-09T20:26:38.5497378+00:00] [INFO] Logs available at C:\SSMAgent-Toolkit\logs\SSMCheck_2021-12-09-08-26-38.log
[2021-12-09T20:26:38.5497378+00:00] [INFO] Outputs available at C:\SSMAgent-Toolkit\Outputs\SSMCheck_2021-12-09-08-26-38.txt
Running all the tests can take a few minutes...
___ _ _______ _____ __ __ ___
/ | | / / ___/ / ___/__ _______/ /____ ____ ___ _____ / |/ /___ _____ ____ _____ ____ _____
Expand All @@ -78,6 +80,7 @@ Check Value
Windows sysprep image state complete Pass Image state is IMAGE_STATE_COMPLETE. This is the desired state
Amazon SSM agent service running Pass amazonssmagent service is in Running state. This is the desired state
Amazon SSM service account LocalSystem This is the recommended account to use
Amazon SSM service startup mode Auto This is the recommended startup mode to use
Managed(hybrid) Instance Registration Skip The instance is not configured as Managed(hybrid) Instance. Metadata will be used to get the InstanceId and Region
EC2 instance metadata accessible Pass EC2 InstanceID = i-abcdef01234567890, Region = us-east-1
IAM instance profile SSMInstanceProfile IAM instance profile SSMInstanceProfile is attached to the instance
Expand All @@ -90,13 +93,14 @@ ssmmessages.us-east-1.amazonaws.com accessible Pass
S3.us-east-1.amazonaws.com accessible Pass Endpoint IP address is 52.217.98.142
kms.us-east-1.amazonaws.com accessible Pass Endpoint IP address is 52.46.136.89
logs.us-east-1.amazonaws.com accessible Pass Endpoint IP address is 3.236.94.131
monitoring.us-east-1.amazonaws.com accessible Pass Endpoint IP address is 72.21.206.194
SSM Agent Proxy Setting N/A There is no proxy setting for SSM Agent
System-wide environment variable proxy N/A There is no http_proxy, https_proxy or no_proxy configured
LocalSystem account user environment variable proxy N/A There is no http_proxy, https_proxy or no_proxy configured
WinHTTP system-wide proxy N/A There is no ProxyServer(s) configured for WinHTTP system-wide proxy
LocalSystem account user Internet Explorer proxy N/A There is no ProxyServer configured
SSMAgent version Pass The install and the latest agent version in us-east-1 is 3.1.338.0
Session Manager Plugin version Pass The install and the latest Session Manager Plugin version is 1.2.245.0
SSMAgent version Pass The install and the latest agent version in us-east-1 is 3.1.501.0
Session Manager Plugin version Pass The install and the latest Session Manager Plugin version is 1.2.279.0
```

## Usage
Expand Down
Binary file modified Systems Manager/SSMAgent-Toolkit-Windows/SSMAgent-Toolkit.zip
View file
Binary file not shown.
2 changes: 1 addition & 1 deletion ...ms Manager/SSMAgent-Toolkit-Windows/SSMAgent-Toolkit/Private/Invoke-CustomHTTPRequest.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ function Invoke-CustomHTTPRequest {

process {
try {
$httpResponse = Invoke-WebRequest -Uri $Uri -Method $Method -Headers $Headers
$httpResponse = Invoke-WebRequest -Uri $Uri -Method $Method -Headers $Headers -UseBasicParsing
$resStatusCode = $httpResponse.StatusCode
if ($resStatusCode -eq 200) {
Write-Log "Successfully made the request - Status Code: $($resStatusCode)"
Expand Down
4 changes: 2 additions & 2 deletions Systems Manager/SSMAgent-Toolkit-Windows/SSMAgent-Toolkit/Private/New-ProxyOutput.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,15 @@
.Synopsis
Test if the proxy exist or not in the registry.
.Description
This is a helper function to test registry value and whater if the key is available or not. The provide an output based on that results.
This is a helper function to test registry value and whether if the key is available or not. The provide an output based on that results.
.Example
New-ProxyOutput -Path 'Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AmazonSSMAgent' -Value 'Environment' -SettingName 'System-wide environment variable proxy'
.INPUTS
Path = The registry path
Value = The key to check on that path
SettingName = The name of the test.
.OUTPUTS
Return the value of the check, note and $false, $true whater the value does exist or not.
Return the value of the check, note and $false, $true whether the value does exist or not.
#>
function New-ProxyOutput {
[CmdletBinding()]
Expand Down
4 changes: 2 additions & 2 deletions Systems Manager/SSMAgent-Toolkit-Windows/SSMAgent-Toolkit/Private/Test-RegistryValue.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
.Synopsis
Test registry value
.Description
This is a helper function to test registry value and whater if the key is available or not.
This is a helper function to test registry value and whether if the key is available or not.
.Example
Test-RegistryValue -Path 'Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AmazonSSMAgent' -Value 'Environment'
.INPUTS
Expand All @@ -21,7 +21,7 @@ function Test-RegistryValue {
)

try {
if (Get-ItemProperty -Path $Path | Select-Object -ExpandProperty $Value -ErrorAction Stop) {
if (Get-ItemProperty -Path $Path | Select-Object -ExpandProperty $Value -ErrorAction SilentlyContinue) {
return $true
}
else {
Expand Down
4 changes: 4 additions & 0 deletions Systems Manager/SSMAgent-Toolkit-Windows/SSMAgent-Toolkit/Public/Get-SSMAgentVersion.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,9 @@ Function Get-SSMAgentVersion {
Write-Log -Message "$check"

if (-not ($Skip)) {
if ($Region -eq 0) {
$Region = "us-east-1"
}
$LatestVersionUrl = "https://s3.$Region.amazonaws.com/amazon-ssm-$Region/latest/VERSION"
Write-Log -Message "Checking the latest SSM agent from $LatestVersionUrl."

Expand Down Expand Up @@ -71,6 +74,7 @@ Function Get-SSMAgentVersion {
}
}


else {
$value = "Skip"
$note = "This test skipped since the SSM Agent is not installed"
Expand Down
45 changes: 45 additions & 0 deletions Systems Manager/SSMAgent-Toolkit-Windows/SSMAgent-Toolkit/Public/Get-ServiceStartupMode.ps1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
<#
.Synopsis
Check the Startup mode for the service.
.Description
This is a public function used to check the startup mode for the services and compare it with the desire state.
.Example
Get-ServiceStartupMode
.INPUTS
ServiceName
Skip = Switch to skip this function if the service is not available.
.OUTPUTS
New-PSObjectResponse -Check "$check" -Status "$value" -Note "$note"
#>
Function Get-ServiceStartupMode {
[CmdletBinding()]
param (
[String]$ServiceName = "amazonssmagent",
[Switch]$Skip
)
$check = "Amazon SSM service startup mode"
Write-Log -Message "New check....."
Write-Log -Message "$check"

$ServiceStartupMode = (Get-WmiObject Win32_Service -Filter "Name='$ServiceName'").StartMode

if (-not ($Skip)) {
if ($ServiceStartupMode -ne "Auto") {
$value = $ServiceStartupMode
$note = "It's recommended to use Automatic startup mode"
Write-Log -Message "$ServiceName startup mode is not Automatic. It's recommended to update the startup more to Automatic. " -LogLevel "ERROR"
}
else {
$value = $ServiceStartupMode
$note = "This is the recommended startup mode to use"
Write-Log -Message "$ServiceName startup mode is Automatic. This is the desired account."
}
}
else {
$value = "Skip"
$note = "This test skipped since the $ServiceName service is not available"
Write-Log -Message "The Amazon SSM service startup mode check skipped since The $ServiceName service is not available. " -LogLevel "ERROR"
}

return New-PSObjectResponse -Check "$check" -Status "$value" -Note "$note"
}
Loading

0 comments on commit 9caf00b

Please sign in to comment.