AWS Patch Manager: 6 Things You GOT To Know

54 года назад

289 Просмотров

AWS Patch Manager automates the process of patching managed nodes for both operating systems and applications.

Hi Guys, this is Abi from Gokce DB and in this video you are going to learn 6 things about the Patch Manager in AWS. Let's get into it.

1. Patch Manager is a capability of AWS Systems Manager which allows you to install Service Packs on Windows nodes and perform minor version upgrades on Linux nodes. You can patch fleets of EC2 instances, edge devices, on-premises servers, and virtual machines by operating system type.

2. Patch Manager uses patch baselines, which include rules for auto-approving patches usually within days of their release. When a patching operation is executed, Patch Manager compares the patches currently applied to a managed node to those that should be applied according to the rules set up in the patch baseline.

3. The recommended method for configuring your patching operations is by using patch policies. It provides a more extensive and centralized control over your patching operations. Using a single patch policy configuration, you can define patching for all accounts in all Regions in your organization or for only the accounts and Regions you choose.

4. After a Scan operation, you can use the Systems Manager console to view information about which of your managed nodes are out of patch compliance, and which patches are missing from each of those nodes.

5. You can generate patch compliance reports in csv format that are sent to an S3 bucket which can be further analyzed using a tool like Amazon QuickSight.

6. Patch Manager integrates with other AWS services such as IAM for access control, CloudTrail for auditing patching history, AWS Security Hub for security alerts and AWS Config for recording EC2 management data.

In summary, AWS Systems Manager's Patch Manager automates the patching of managed nodes with both security and non-security related updates.

There you have it.

Тэги: