- 최신
- 최다 투표
- 가장 많은 댓글
Hello, you are correct -- when you use the document AWS-RunPatchBaseline
, you target managed nodes using instance IDs, resource tags, or resource groups. The SSM Agent on each instance makes it's own determination for which baseline it should use based on tags added to itself.
You can either set the baseline as default for the OS or you would want to add Patch Group
tags to the instance and the appropriate baseline.
More information can be found in this documentation topic:
https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-patch-patchgroups.html
Yes I did. Looks like answer is -- When you run AWS-RunPatchBaseline, you can target managed nodes using their ID or tags. SSM Agent and Patch Manager then evaluate which patch baseline to use based on the patch group value that you added to the managed node. If this is true, I am good with this set up.
Hello
Did you Set the patch baseline as default https://docs.aws.amazon.com/systems-manager/latest/userguide/set-default-patch-baseline.html
Thank You GK
관련 콘텐츠
- AWS 공식업데이트됨 일 년 전
- AWS 공식업데이트됨 8달 전
- AWS 공식업데이트됨 3년 전
Good hear that