How to Automate Operating Systems patches and Security patches using AWS SSM?
ฝัง
- เผยแพร่เมื่อ 10 ธ.ค. 2022
- #awscloud #awscommunity #awstraining #awstrainingvideos
Welcome to the detailed illustration of the Operating Systems and Security Patching automated process for EC2 and Virtual Machines (VMs).
Step-by-step process to configure SSM agent for hybrid environment - • How to Automate On-Pre...
Step-by-step process to configure AWS Systems Manager for - • How to Automate EC2 Ma...
Explained Well in detail, well done. i like the video. Please upload the full AWS series.
Thank you.
Awesome!! Thanks.
If you appreciate our effort, please like and subscribe to our channel and click on the bell icon to get notifications for new content. Thank you.
Hello TH-cam friends and families, what else would you like to learn from CloudExpert Solution? Please let us know your requests as comments, so we can create tutorials for you.
It's very much useful for cloud
Thank you very much
Quite helpful sir, do more videos
Sure 👍Thank you for your support.
Good introduction! Thanks. Perhaps you could improve the audio quality ? It sounds a bit muffled.
Thank you. We will work on it.
sir, there's nothing like patch group now? the dashboard has changed.
my instances are not showing under managed nodes. What to do. Already applied Instancecore role to instances
Thank you for posting your query. This can be because of any one of the following reasons:
Option 1 Verify SSM Agent Installation and Running Status:
Option 2: Please verify the IAM role attached with the EC2 instance has proper privileges. Please validate if you have attached “AmazonSSMManagedEC2InstanceDefaultPolicy” with the Instance Role. You can also temporarily assign Admin Privileges to check if EC2 instance profile is the issue.
Option 3: Ensure that your EC2 instances can connect to Systems Manager endpoints on port 443. Use either Telnet or Netcat commands to verify connectivity.
You can also verify the Security Group outbound rules for the EC2 instance. After performing the following steps if you are still facing the issue. Please let me know, I can help you debug further.
For some reason, @27:24 there is no "Configure Patching" for me. I was able to stumble my way to it by clicking the Patch Now button and under Basic configuration it said "For more patching options, use the "Configure patching" page and that was clickable. Clicking it took me there.
Exactly
@@saivardhan8276 It's odd to me that they've made it hard to get to that page because IMO, it's very much needed.
can you please tell the path where we will find configure patching
@@FixitMys3lf where to get that link please specify
@@utkarshpatel7839 I've temporarily lost access my AWS account, but @27:20, see the Orange button that says "Patch Now" ? Click that and then on the next page you should see Basic Configuration. Under that, in small font and clickable, you should see "Configure patching"
can you demo the new update of patch management (create a patch policy) in aws??
Yes, kindly update for new patch management Patch policy in AWS
@@praveenchaudhary1523 yes please
Sure we will do
PAtch group "crigtical" is not linked with the EC2.
Is the EC2 Tag:Critical shall be kept for Patch group also. Both shall be similar ?
Could you please mention the video time stamp and the error message you are getting? Could you please give more context if this is a general inquiry? Thank you.
Why are we creating patch groups and assigning them to patch baselines .. when we are configuring patching based on tag based approach ?
Thank you for posting your query. In my demo, I addressed multiple use cases using a minimal number of EC2 instances. I used a mixed approach to overcome the following limitations:
* A managed node can only belong to one patch group.
* A patch group can only be associated with one patch baseline for each operating system type.
I hope this clarification helps. If you still have any confusion, please provide me with the timestamp of the video, and I will address your doubts.
Thanks for your answer and for providing such a detailed video. When trying to configure patching, the concept of patch group now seems to be replaced by resource group though. Although, overall the concepts remain the same and now can be manged via Org as well.
You are absolutely correct.
Very nice 👍 but you need to cover more things like advance options
And secondly also show and generate report.
Is amazon inspector also link with this?
Thank you will cover in next session
@@CloudExpertSolution plz share when you create vdo on this, 👍 thanks