How can I use alternate patch source repositories using Systems Manager Patch Manager?

Short description

You can install patches in a different source repository instead of the default one on a managed node by creating a custom patch baseline.
Note: Using a custom patch baseline with alternate patch repositories doesn't change the default repositories on the operating system. After the patching operation is complete, the repositories previously configured remain the defaults. For more information, see How to specify an alternate patch source repository (Linux).

Resolution

Follow these steps to use alternate patch sources for Amazon Elastic Compute Cloud (Amazon EC2) managed nodes. The following steps are for Amazon Linux 2.

1. Open the Systems Manager console.

2. Create a custom patch baseline.

3. Check the box next to Set this patch baseline as the default patch baseline for operating system name instances.

4. In Patch sources, enter the following:
   Name: Epel
   Product: *
   Configuration:

   [epel]
   name=Extra Packages for Enterprise Linux 7 - $basearch
   #baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch
   metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
   failovermethod=priority
   enabled=1
   gpgcheck=1
   gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

5. (Optional) To use a different operating system, use the following format in Configuration:

   [main]
   name=MyCustomRepository
   baseurl=https://my-custom-repository
   enabled=1

6. Choose Create patch baseline.

For more information about how Patch Manager installs patches on different operating systems, see How patches are installed.

Related information

How do I automate Linux updates on my EC2 instance using Systems Manager Patch Manager patch policies?

How can I see the patches that Patch Manager will install on my Amazon EC2 instance?

Troubleshooting Patch Manager