Posted On: Apr 14, 2021
Patch Manager, a capability of Amazon Systems Manager, now enables you to configure actions to be performed on a managed instance before and after installing patches. Using this feature, you can configure actions to perform pre-installation checks such as ensuring that “Windows Update Service” is running before patching instances. Furthermore, you can configure actions that perform post-installation health checks to ensure that your instances are healthy after being patched.
To get started, from the Systems Manager console, navigate to Patch Manager, choose ‘Patch now’ and configure scripts that run before and after patching under ‘Advanced Options’. You can also configure scripts to run before and after your scheduled patch installations using the Amazon Web Services-RunPatchBaselineWithHooks document. Furthermore, the configured scripts can easily be shared across Amazon Web Services accounts using Systems Manager document sharing. These feature are only available for Systems Manager Agent (SSM Agent) version 3.0.502 and higher.
This feature is available in all Amazon Web Services Regions where Patch Manager is supported. For more details about the feature and Patch Manager, visit the Amazon Systems Manager product page and documentation.