- 新しい順
- 投票が多い順
- コメントが多い順
Hello, you are correct -- when you use the document AWS-RunPatchBaseline, you target managed nodes using instance IDs, resource tags, or resource groups. The SSM Agent on each instance makes it's own determination for which baseline it should use based on tags added to itself.
You can either set the baseline as default for the OS or you would want to add Patch Group tags to the instance and the appropriate baseline.
More information can be found in this documentation topic:
https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-patch-patchgroups.html
Yes I did. Looks like answer is -- When you run AWS-RunPatchBaseline, you can target managed nodes using their ID or tags. SSM Agent and Patch Manager then evaluate which patch baseline to use based on the patch group value that you added to the managed node. If this is true, I am good with this set up.
Hello
Did you Set the patch baseline as default https://docs.aws.amazon.com/systems-manager/latest/userguide/set-default-patch-baseline.html
Thank You GK
関連するコンテンツ
AWS公式更新しました 3年前- AWS公式更新しました 10ヶ月前
Good hear that