This blog shows how to manage patch compliance reports across the AWS organization accounts. If you're looking at how to do/install patching across accounts in the Organization, you can review this blog below.
AWS Systems Manager Automation now supports multi-account and multi-Region actions enabling you to centrally manage your AWS resources. You're right that it will give you abilities to patch by resource groups to logically group your managed instances across the Organization.
You will need to create the required IAM service roles used by Automation in the management and target accounts. After you created your IAM roles, create a custom Automation Document for executing patch baseline operations. Then you can execute Automation Documents that targeted your managed instances via resource groups in target accounts.
You can also customize your workflow further by creating your own Automation Document based on the document AWS-PatchInstanceWithRollback, across the fleets/groups in the Organization.
Why is patch manager ignoring OS scope when scanning/patching instances?asked 3 years ago
Why are my EC2 instances not reporting their compliance status to SSM Patch Manager?asked a month ago
AWS Patch Manager Patching Task failingasked a month ago
SSM Patch Manager OS Supportasked 5 months ago
AWS System Manager Patch Manager Scan operation failedasked 6 months ago
ssm patch manager to patch servers from other cloud vendorsAccepted Answerasked 20 days ago
Does Systems Manager Patch Manager allow patching across multiple accounts and regions?Accepted AnswerMODERATORasked 2 years ago
How to enable AWS Systems Manager for Multi Account and Multi RegionAccepted Answerasked 3 years ago
AWS SSM Patch Managerasked 8 months ago
AWS Systems Managerasked 3 years ago