- 最新
- 投票最多
- 评论最多
Hello, you are correct -- when you use the document AWS-RunPatchBaseline
, you target managed nodes using instance IDs, resource tags, or resource groups. The SSM Agent on each instance makes it's own determination for which baseline it should use based on tags added to itself.
You can either set the baseline as default for the OS or you would want to add Patch Group
tags to the instance and the appropriate baseline.
More information can be found in this documentation topic:
https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-patch-patchgroups.html
Yes I did. Looks like answer is -- When you run AWS-RunPatchBaseline, you can target managed nodes using their ID or tags. SSM Agent and Patch Manager then evaluate which patch baseline to use based on the patch group value that you added to the managed node. If this is true, I am good with this set up.
Hello
Did you Set the patch baseline as default https://docs.aws.amazon.com/systems-manager/latest/userguide/set-default-patch-baseline.html
Thank You GK
相关内容
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 3 年前
Good hear that