Explorer

AWS Systems Manager Explorer is a customizable operations dashboard that reports information about your AWS resources. Explorer displays an aggregated view of operations data (OpsData) for your AWS accounts and across Regions. In Explorer, OpsData includes metadata about your EC2 instances, patch compliance details, and State Manager association compliance details. OpsData also includes information from supporting AWS services like AWS Trusted Advisor, AWS Compute Optimizer, and information about your AWS Support cases.

Explorer provides context about how OpsItems are distributed across your business units or applications, how they trend over time, and how they vary by category. You can group and filter information in Explorer to focus on items that are relevant to you and that require action. When you identify high priority issues, you can use Systems Manager OpsCenter to run Automation runbooks and quickly resolve those issues.

Getting Started with Explorer

In this lab we will enable Explorer and review the options for multi-region multi-account deployment. We will also enable AWS Config to populate widgets within Explorer.

  1. Open the AWS Config console

  2. Select 1-click setup

  3. Select Confirm

  4. Once AWS Config completes setting up, you will be brought to the AWS Config dashboard and can continue with the next steps.

  5. Open the AWS Systems Manager console

  6. In the navigation pane, select Explorer

  7. Choose Get started

  8. Leave all settings default

  9. Select Enable Explorer

  10. For the purpose of this lab, we are using a single account / single region. However, in a real world setup you would want to create a resource data sync. The process to configure a resource data sync is worth visualizing

    • This makes it easy to select and configure data collection for:

      • Only regions your organization is active in

      • Select all accounts in an AWS Organization

      • Select OUs within an org

  • Several key items to consider when deciding to use Explorer within your environment:

    • You can specify a Delegated administrator account for Explorer, see Configuring a Delegated Administrator

    • When you enable a data resource sync for all accounts and regions you can get a single dashboard for operational data

    • If you enable Compute Optimizer in Settings and go into the Instance Count widget and click on a specific on a specific tag grouping you will get rightsizing recommendations focused on that group of instances

    • If you enable Trusted Advisor and Support Cases you can get an aggregated view of checks and cases across all of your accounts enabled in the resource data sync

    • You can create 5 resource data syncs so you can control which data is included in the dashboard