Patch instance of a patch group using a different & non-default baseline

0

Lets say i have few L2 instances grouped into a Patch Group name - 'Production'. One server has an important patch missing. I create a new baseline just for that missing patch. I want to patch only that instance using that custom baseline without changing the current baseline associated with the group as this is to be used only one time for that instance. How can i do this?
The documentation about custom patch baseline https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-patch-baselines.html states "An instance can have only one patch baseline defined for it.". Please explain this.
How can i define my custom baseline for one instance so that only that instance can be patched with that baseline?

Edited by: curiousdev on Jul 12, 2019 12:10 AM

質問済み 5年前597ビュー
1回答
0

Thank for you using Patch Manager. In your case if you want to patch using a new custom patch baseline without changing the existing one, you would need to

  1. Change Patch Group tag value for that single instance to some other value (say X).
  2. Create the new baseline & register it to Patch Group (X).
  3. Run AWS-RunPatchBaseline Document on that instance
  4. (Optional) Revert these changes.

We currently don't allow setting arbitrary baseline for patching operation unless they are default or registered to the relevant Patch Group.

"An instance can have only one patch baseline defined for it." - By this we mean at a moment of time, only one patch baseline can be associated with an instance (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-patch-patchgroups.html).

Hope this helps.

/Kalhan

Edited by: Kalhan-AWS on Jul 22, 2019 6:03 PM

Edited by: Kalhan-AWS on Jul 22, 2019 6:04 PM

AWS
回答済み 5年前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ