En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

How System Manager will work without PORT 80 to Open

0

Problem Statement: We are using System Manager Service for patching our servers, but we are facing one challenge , The process of upgrading the servers are same like updating and patching server via downloading packages from UBUNTU repo over https .i.e. on PORT 80, but we can't open the port 80 as a security compliance on our servers.

Pls help and guide us, then how SMS will upgrade the servers and patch them. if PORT 80 is closed then "defaultbasepatchline" fails over the servers.

Thanks.

Sujets
Gestion et gouvernance
Balises
Gestionnaire de systèmes AWS
Langue
English
AWS-User-9313040
demandé il y a 2 ans271 vues
1 réponse
0

I'm guessing you mean port 80 outbound, so the host can connect to the repo and and download the packages? (Also do you mean port 443, since you mention HTTPS?) If allowing outbound traffic from your hosts to the internet isn't acceptable for your security compliance, you might be able to work around this by setting up a web proxy host in your VPC (e.g. running Squid). You can configure rules on the host to only allow clients to connect to trusted URLs, such as Ubuntu's repos, and then configure the clients to connect via that proxy.

You don't need port 80 open inbound (or any ports open inbound) for any component of SSM to operate, assuming that your firewall is stateful and allows return packets for connections which are created outbound.

profile pictureAWS
EXPERT
James_S
répondu il y a 2 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents