You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Feature Request: Upload patch details to Patch Manager when using the BaselineOverride parameter.
After configuring my AWS-RunPatchBaseline association to use a central BaselineOverride parameter, I found the instances do not upload their patch details anywhere. Specifically, the contents of "patch-states-configuration.json" is saved locally on the machine but not uploaded to any AWS service.
After opening a support case, I was told this is intended and I would need to use a separate task to upload the contents from the instance to a shared S3 bucket. While this method may work, it seems strange for AWS to not provide a built-in method to collect this critical patch data.
My use case involves using patch baselines from a shared services account that are exported to a baseline override JSON file. The patch baselines are dynamic such as updating the approval date. This allows my organization to control a single set of patch baselines that all accounts will use.
Unfortunately, the Quick Setup Patch Policies were not a viable option for me because they don't support the Schedule Offset parameter available in SSM associations. This would be used to base our maintenance activities around Microsoft's Patch Tuesday.
Thanks!
The text was updated successfully, but these errors were encountered:
Hello,
Feature Request: Upload patch details to Patch Manager when using the BaselineOverride parameter.
After configuring my AWS-RunPatchBaseline association to use a central BaselineOverride parameter, I found the instances do not upload their patch details anywhere. Specifically, the contents of "patch-states-configuration.json" is saved locally on the machine but not uploaded to any AWS service.
After opening a support case, I was told this is intended and I would need to use a separate task to upload the contents from the instance to a shared S3 bucket. While this method may work, it seems strange for AWS to not provide a built-in method to collect this critical patch data.
My use case involves using patch baselines from a shared services account that are exported to a baseline override JSON file. The patch baselines are dynamic such as updating the approval date. This allows my organization to control a single set of patch baselines that all accounts will use.
Unfortunately, the Quick Setup Patch Policies were not a viable option for me because they don't support the Schedule Offset parameter available in SSM associations. This would be used to base our maintenance activities around Microsoft's Patch Tuesday.
Thanks!
The text was updated successfully, but these errors were encountered: