By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Benefits of AWS Patch Policy over existing solution

0

We recently deployed a custom patching solution using AWS Patch Manager in the multi-account environment. This devops based solution is on lines of below solutions from AWS. This is a new landing zone environment and the patch management solution is still evolving

https://aws.amazon.com/blogs/mt/scheduling-centralized-multi-account-multi-region-patching-aws-systems-manager-automation/ https://docs.aws.amazon.com/prescriptive-guidance/latest/patch-management-hybrid-cloud/design-multi-account-region.html

Given AWS has recently launched a quick setup based approach of deploying Patch Policies (see the link below), I am wondering if this solution has any merit over what we have in place. Given our existing solution still not 100% ready, I was wondering if there is any benefit of using Patch Policies for managing multi-account patching.

https://aws.amazon.com/blogs/mt/centrally-deploy-patching-operations-across-your-aws-organization-using-systems-manager-quick-setup/

Can anyone provide some guidance here?

Topics
Management & GovernanceAWS Well-Architected Framework
Tags
AWS Systems ManagerSecurity
Language
English
mj123
asked 2 years ago805 views
1 Answer
0

The primary benefit of Patch Polices is consolidation of custom Patch Baselines in a central Management Account. You can refer to the following workshop to learn how to deploy Patch Policies via CloudFormation StackSet templates from a DevOps pipeline rather than from Quick Setup: https://catalog.us-east-1.prod.workshops.aws/workshops/7c0ea253-6462-41cd-af76-3850c92458fa/en-US

profile pictureAWS
jgrabn
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content