Using AWs Systems manager maintainance window
Using AWS Systems manager state manager or with cloudwatch event rule
This document is created for 2 diferent deploymnet functions which includes DSM manager deployment without multi tanency and Deep security as a service. SSM document also can be converted for DSM multitanency model. DSM deployment document is already published in AWS SSM document public repository.
Deployment document can be used in following automation scenarios
This approach is useful when you wnat to activate EC2 instance everytime the state of instance changes to running. It can be used in EC2 systems manager state manager or by using Cloudwatch events rules. in any of the case it can make sure that agent will get activated and come to managed state. This feature is under development and script modification is required to prevent duplicate tasks.
This approach is useful when security is provided to EC2 owenr as a self service. EC2 owner can add the tag to EC2 server which can mark the server to deploy DSA and activate it during the maintainance window time line.