AWS Systems Manager Patch Manager

Feature summary 1

  • Main Purpose: automates the process of patching instances
  • Capability:
    • patch EC2, on-premises servers and VMs
    • OS: Windows Servers, Ubuntu, RHEL, SUSE, CentOS, Amazon Linux and Amazon Linux 2 (All EC2 OS types)
    • Apply individually or groups by using EC2 tags
  • Integrate with:
    • AWS Identity
    • Access Management (IAM)
    • Cloud Trail
    • CloudWatch Events
  • Steps:
    • Verify Systems Manager prerequisites
    • Setup and configure patching
    • Configure permissions for Maintenance Windows (if this feature is used)
    • Create patch baselines, patch groups, and a maintenance windows

Patch groups 2

  • A group can only be registered with one baseline
  • Tag name MUST be: Patch Group
  • One instance can only be in one patch group

  1. [[AWS Systems Manager Patch Manager - AWS Systems Manager]] ↩︎

  2. [[About Patch Groups - AWS Systems Manager]] ↩︎