BabuDEVUDU Posted November 6, 2024 Report Share Posted November 6, 2024 Anyone implemented Patching Automation of servers on AWS & On-prem (preferrably) or just AWS, I'm thinking to do a POC and want to take inputs from someone who gone this route before I start working on it. We are migrating from On-Prem to cloud (some portion will still remain in on-prem). Archi wants to use Hashicorp Packer, creating pipelines for AMIs creations etc, I'm looking into Systems Manager as with this, we can simply handle the entire Org's Patch Management with ease (at least from what I learnt so far). Else they wanted to use Packer for creating base AMIs that includes basic stuff like SSM agent, crowdstrike etc and share the Golden AMIs and patching of those AMIs to what ever teams that uses them to create AMIs in their respective AWS accounts (each team has their seperate AWS accounts). I want to see if instead of giving the teams the responsibility to create AMIs and patching, what if our team can take the entire responsibility of AMI provision and Patching (for configuration I'm looking at asnible playbooks document to integrate with SSM for app configurations and other complex deployments. Please help with providing your valuable insights Quote Link to comment Share on other sites More sharing options...
kevinUsa Posted November 6, 2024 Report Share Posted November 6, 2024 HashiCorp Packer and Golden AMI Pipeline Quote Link to comment Share on other sites More sharing options...
Kalam_Youtheman Posted November 6, 2024 Report Share Posted November 6, 2024 I did this 3 years ago using AWS SSM.. it was easy because all our machines were in AWS its simple run commands, schedules and all. AWS has pretty good documentation on it. Quote Link to comment Share on other sites More sharing options...
Khali_ista Posted November 6, 2024 Report Share Posted November 6, 2024 @AWSCloudArchitect @aws_help @AWS Quote Link to comment Share on other sites More sharing options...
maverick19 Posted November 6, 2024 Report Share Posted November 6, 2024 8 hours ago, BabuDEVUDU said: Anyone implemented Patching Automation of servers on AWS & On-prem (preferrably) or just AWS, I'm thinking to do a POC and want to take inputs from someone who gone this route before I start working on it. We are migrating from On-Prem to cloud (some portion will still remain in on-prem). Archi wants to use Hashicorp Packer, creating pipelines for AMIs creations etc, I'm looking into Systems Manager as with this, we can simply handle the entire Org's Patch Management with ease (at least from what I learnt so far). Else they wanted to use Packer for creating base AMIs that includes basic stuff like SSM agent, crowdstrike etc and share the Golden AMIs and patching of those AMIs to what ever teams that uses them to create AMIs in their respective AWS accounts (each team has their seperate AWS accounts). I want to see if instead of giving the teams the responsibility to create AMIs and patching, what if our team can take the entire responsibility of AMI provision and Patching (for configuration I'm looking at asnible playbooks document to integrate with SSM for app configurations and other complex deployments. Please help with providing your valuable insights I would say it is best to use packer to create base AMI and use that ami to create application images and deploy on regular basis. this is one time setup if the applications are immutable in nature. If applications are not immutable and hosts are static you have to do in place patching through SSM. Quote Link to comment Share on other sites More sharing options...
.thumb.jpg.abf7d08f99d33f7507f9f0e982085cc3.jpg)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.