Working with Patch Manager (console) - AWS Systems Manager

Working with Patch Manager (console)

To use Patch Manager, a capability of AWS Systems Manager, complete the following tasks. These tasks are described in more detail in this section.

  1. Verify that the AWS predefined patch baseline for each operating system type that you use meets your needs. If it doesn't, create a patch baseline that defines a standard set of patches for that managed node type and set it as the default instead.

  2. Organize managed nodes into patch groups by using Amazon EC2 tags (optional, but recommended).

  3. Schedule patching by using a maintenance window that defines which managed nodes to patch and when to patch them.


    Patch or scan managed nodes on demand whenever you need to.

  4. Monitor patching to verify compliance and investigate failures.