Configuration and vulnerability analysis in AWS Cloud9 - AWS Cloud9

Configuration and vulnerability analysis in AWS Cloud9

AWS Cloud9 development environments run on top of cloud-compute resources. The cloud-compute resource can be an Amazon EC2 instance (for an EC2 environment) or your own cloud-compute resource (for an SSH environment). These options are described in the Environments and computing resources section.

Important

If your environment's Amazon EC2 instance is based on an Amazon Linux 2 AMI or an Amazon Linux AMI template, security updates are installed on the instance immediately after it's launched. And security patches are then automatically applied to the instance every hour. These updates are applied by a background process and don't affect your use of the instance.

For an Ubuntu EC2 environment, security updates are also installed on the instance immediately after it's launched. Then the unattended-upgrades package automatically installs available updates daily.

Regardless of the underlying cloud-compute resource or the frequency of automatic updates, it remains the responsibility of the AWS Cloud9 user or their AWS Cloud9 administrator to ensure that the cloud-compute resource is patched and up to date.

For more information on what customers are responsible for under the shared responsibility model, see Data protection in AWS Cloud9.