Do I need to be in the Managerment account to use System Manager / Patch Manager to patch instances across an Organization

0

I see the blog posts about being able to patch across an AWS Organization; I'm just wondering if you need to do that from the Management account or can you do it from a different account? So far it seems like you need to do it from the Management account and it looks like you need to enable a few other services ( like Config ) which I can do; but I already have a delagated account for Config so I would need to move that back to the Management account if I have to patch from there.

질문됨 일 년 전494회 조회
1개 답변
0

Hi, thanks for your question.

At the time, AWS Systems Manager Patch Policy across Organization [1] should be deployed from the Management Account. There is no need of setup AWS Config service to create a Patch Policy for your organization. Here is blog post you can follow to complete this setup [2]. In order to monitor your patch compliance , you can use AWS Systems Manager Explorer, which can set up a Delegated Administrator account within your Organization [3].

[1]https://aws.amazon.com/about-aws/whats-new/2023/01/aws-systems-manager-patch-policies-cross-account-region-patching/ [2]https://aws.amazon.com/blogs/mt/centrally-deploy-patching-operations-across-your-aws-organization-using-systems-manager-quick-setup/ [3]https://docs.aws.amazon.com/systems-manager/latest/userguide/Explorer-setup-delegated-administrator.html

Regards,

AWS
rodrggi
답변함 일 년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠