Overview
- Helps you manage your EC2 and On-Premise systems at scale
- Get operational insights about the state of your infrastructure
- Easily detect problems
- Patching automation for enhanced compliance
- Works for both Windows and Linux OS
- Integrated with CloudWatch metrics / dashboards
- Intergrated with AWS Config
Features
SSM Agent
- Some system has SSM Agent pre-installed
- NO SSH needed, increase secruity
Has some pre-defined updates running in 7 days windows after release.
Patch lines Steps
1. Define patch baseline
2. Define targets: patch group
3. Define maintenance windows
4. Add AWS-RunPatchBaseline Run Command
5. Define Rate control
6. Monitoring
(5 defines, 4 AWS-RunPatchBaseline and last monitoring)
- With RDS
- Get secrects from Secrects Manager
