Tag: Patch Compliance

Security and compliance is a shared responsibility between AWS and the customer. The shared responsibility model outlines responsibilities for Security of the Cloud versus Security in the Cloud. Customers are responsible for Security in the Cloud, which includes patching Amazon EC2 instances. For the customers running workloads on EC2 instances, during security audits, they may be […]

Patch Management is a critical operation that every organization wants to prioritize. This becomes tedious and challenging if an enterprise operates on a platform-consumer or hub-spoke model. An example of this would be a multi-account environment with hundreds of accounts and thousands of users using applications hosted in AWS. Different application owners have different requirements […]

Are you an operations administrator trying to enable common configurations such as agent updates or patch scanning across your company? AWS Systems Manager Quick Setup now supports AWS Organizations. With this feature, Organization master accounts can now easily define configurations for Systems Manager to engage on your behalf across accounts in your Organization. You can […]

As organizations migrate their traditional data centers and applications into the AWS cloud, they also want to modernize their patching mechanisms in order to reap the benefits of operating in the cloud. We find that many customers are looking to move away from Microsoft System Center Configuration Manager (SCCM) for patching, and move towards an […]

Update 10/2020 – Viewing patch compliance findings across AWS accounts in AWS Security Hub is supported natively. For more information please see What’s new announcement here. Introduction In this blog post, I discuss how to import critical patch compliance findings into Security Hub. Security Hub is a service that provides customers with a comprehensive view […]

Update 01/2023: AWS Systems Manager announces Patch Policies, enabling cross account and cross Region patching. Patch Policies provide a user experience in a single console to easily define and enforce patch compliance across accounts and Regions with a few clicks. For more information, see Centrally deploy patching operations across your AWS Organization using Systems Manager […]

By Giridharan Varatharajan, Cloud Delivery Platform Architecture lead at TCS and Madhavan Ananthachari, Cloud Delivery Platform Engineering lead at TCS Introduction Now that multitenancy in the cloud is driving IT operation costs down, large enterprises are seeking seamless service delivery methods that address day-to-day activities in your cloud environment. AWS partner Tata Consultancy Services (TCS) […]

This guest post was written by Michael Baker, who works as a DevOps Engineer for the Infrastructure Engineering team at Bulletproof The Bulletproof Group Limited has spent many years investing in system automation to assist with fleet management at scale. More recently, we have spent a significant amount of time working with Amazon EC2 Systems […]

Today we are excited to announce a new target for Amazon CloudWatch Events: Amazon EC2 Systems Manager Automation. Through this integration, Automation workflows can be triggered by a schedule, or when specific AWS system events occur. Automation is part of Amazon EC2 Systems Manager.  Using Automation you can build workflows that are streamlined, repeatable and auditable. […]

The Automation service, which is part of Amazon EC2 Systems Manager, helps you save time and the effort associated with routine management operations. Automation workflows are streamlined, repeatable, and auditable. For example, you can easily automate manual tasks such as golden image creation, baking applications into Amazon Machine Images (AMIs), or patching and updating agents. […]