Learn how to efficiently manage and automate the patching process for multiple EC2 instances running different operating systems using AWS Systems Manager’s resource grouping, Patch Manager, and maintenance windows.
Table of Contents
Question
A SysOps administrator is responsible for more than 50 Amazon EC2 instances that are deployed in a single production AWS account. The EC2 instances are running several different operating systems. The company’s standards require patching to be completed at least once a month.
The SysOps administrator wants to use AWS Systems Manager to reduce the number of hours the company spends on operating system patching each month.
Which combination of steps should the SysOps administrator take to meet these requirements? (Choose three.)
A. Group similar EC2 instances together into resource groups by using AWS Resource Groups.
B. Create a schedule in Systems Manager Patch Manager. Specify the appropriate resource group as the target.
C. Specify Systems Manager Automation runbooks to patch the operating systems. Register the runbooks as tasks in the maintenance window. Specify the appropriate resource group as the target.
D. Create a Systems Manager Automation runbook to monitor and control the state of the patches required. Apply the runbook to Systems Manager Patch Manager.
E. Create a single Systems Manager maintenance window for each resource group.
F. Configure Systems Manager Fleet Manager to apply a Systems Manager Automation runbook to the appropriate resource group.
Answer
A. Group similar EC2 instances together into resource groups by using AWS Resource Groups.
B. Create a schedule in Systems Manager Patch Manager. Specify the appropriate resource group as the target.
E. Create a single Systems Manager maintenance window for each resource group.
Explanation
A. Grouping similar EC2 instances into resource groups using AWS Resource Groups allows for efficient targeting and management of instances based on their characteristics.
B. Creating a schedule in Systems Manager Patch Manager and specifying the appropriate resource group as the target allows the administrator to define when and how often patching should occur, as well as which instances should be patched.
E. Creating a single Systems Manager maintenance window for each resource group enables the administrator to schedule and execute patching tasks during a specified time window, minimizing potential operational disruptions.
By following these steps, the SysOps administrator can automate the patching process for the EC2 instances, reducing the time and effort required for manual patching while ensuring compliance with the company’s patching standards.
The incorrect options are:
C. Specifying Systems Manager Automation runbooks for patching and registering them as tasks in the maintenance window is not necessary when using Patch Manager, which handles the patching process directly.
D. Creating an Automation runbook to monitor and control the state of patches is not required when using Patch Manager, which provides the necessary functionality for patching management.
F. Configuring Systems Manager Fleet Manager is not applicable in this scenario, as Fleet Manager is used for managing and controlling the deployment of AWS IoT Greengrass core software on EC2 instances.
Amazon AWS Certified SysOps Administrator – Associate certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Amazon AWS Certified SysOps Administrator – Associate exam and earn Amazon AWS Certified SysOps Administrator – Associate certification.