I want to know how to use Patch Manager, a capability of AWS Systems Manager to use alternate patch source repositories.
Short description
You can install patches in a different source repository instead of the default one on a managed node by creating a custom patch baseline.
Note: Using a custom patch baseline with alternate patch repositories doesn't change the default repositories on the operating system. After the patching operation is complete, the repositories previously configured remain the defaults. For more information, see How to specify an alternate patch source repository (Linux).
Resolution
Follow these steps to use alternate patch sources for Amazon Elastic Compute Cloud (Amazon EC2) managed nodes. The following steps are for Amazon Linux 2.
-
Open the Systems Manager console.
-
Create a custom patch baseline.
-
Check the box next to Set this patch baseline as the default patch baseline for operating system name instances.
-
In Patch sources, enter the following:
Name: Epel
Product: *
Configuration:
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch
metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
-
(Optional) To use a different operating system, use the following format in Configuration:
[main]
name=MyCustomRepository
baseurl=https://my-custom-repository
enabled=1
-
Choose Create patch baseline.
For more information about how Patch Manager installs patches on different operating systems, see How patches are installed.
Related information
How do I automate Linux updates on my EC2 instance using Systems Manager Patch Manager patch policies?
How can I see the patches that Patch Manager will install on my Amazon EC2 instance?
Troubleshooting Patch Manager