AWS Systems Manager
User Guide

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

Add a Patch Group to a Patch Baseline

To associate a specific patch baseline with your instances, you must add the patch group value to the patch baseline. By registering the patch group with a patch baseline, you can ensure that the correct patches are installed during a patching operation. For more information about patch groups, see About Patch Groups.

To add a patch group to a patch baseline (Console)

  1. Open the AWS Systems Manager console at

  2. In the navigation pane, choose Patch Manager.

  3. In the Patch Baselines list, choose the patch baseline you want to configure for your patch group.

  4. Choose Actions, then Modify patch groups.

  5. Enter the tag value you added to your managed instances in the previous section, then choose Add.

To add a patch group to a patch baseline (AWS CLI)

  1. Install and configure the AWS CLI, if you have not already.

    For information, see Install or Upgrade the AWS CLI.

  2. Run the following command to associate a Patch Group tag value to the specified patch baseline.

    aws ssm register-patch-baseline-for-patch-group --baseline-id "pb-0123456789abcdef0" --patch-group "Development"

    The system returns information like the following:

      "PatchGroup": "Development",
      "BaselineId": "pb-0123456789abcdef0"