I'm trying to set up patch manager to automatically scan for updates to dependencies of my EC2 instances running AL2023.
I've followed this guide to set up patch manager to run scans.
Scans are running based on the schedule and I am able to manually trigger the association but this doesn't report any non-compliance.
However when I use the console and run, patch now, in patch manager this reports as non-compliant in systems manager compliance section.
From my understanding both my association and patch now are running AWS-RunPatchBaseline command.
This doesn't make sense to me why they have different results but are running the same thing. I have removed the patch base line from the association and think I am relying on the default base line for AL2023.
Looking in the Systems Manager > Fleet Manager > Managed nodes > {instance} > Configuration compliance and filtering on compliance type. There are only three items for association which don't have names but execution times match the last time I ran the association.
Does anyone have any ideas? Thanks
