Keep your Amazon Linux patched
Michael Wittig – 25 Oct 2017 (updated 27 Jan 2021)
Amazon Linux (1 or 2) is the default operating system on AWS. As with any other OS, security patches are released as soon as a vulnerability is closed. The Amazon Linux AMI Security Center lists bulletins for security or privacy events pertaining to the Amazon Linux AMI. As soon as a new bulletin is published, you should start to patch your running EC2 instances.
With marbot, you get alerts in Slack or Microsoft Teams for each new bulletin. To do so, you will use a 3rd party service called Zapier to poll the Amazon Linux AMI Security Center and send a web request to marbot in case of new bulletins.
- Create a free Zapier account.
- Log in to your Zapier account.
- Click on the Make a Zap button.
- First, you have to define the Zap trigger. Search for
rssand click on RSS by Zapier.
- Select New item in Feed and click on the Continue button.
- Set the Feed URL to
https://alas.aws.amazon.com/AL2/alas.rssfor Amazon Linux 2) and click on the Continue button.
- Test your trigger. Click on the Test trigger button.
- Zapier now verifies the trigger. You should see a We found an item! message. Click on the Continue button.
- Now, you have to define the Zap action. Search for
webhookand click on Webhooks by Zapier
- Select POST and click on the Continue button
- Set the URL to
$endpoint-IDwith the ID of your endpoint. You can get this value by asking @marbot for it in your Slack channel.
- Set the first Data row to
Titleand select the Title field.
- Click on the + button to add a second data row.
- Set the second Data row to
Linkand select the Link field.
- Add the
X-Alert-Keyheader and select the ID field.
- Click on the Continue button.
- Test your action. Click on the Test & Continue button.
- Zapier now verifies the action. You should see a Test was successful! message. Click on the Turn on Zap button.
marbot has received the latest bulletin from Zapier during the Zap test.
Take your AWS monitoring to a new level! Chatbot for AWS Monitoring: Configure monitoring, receive alerts, solve incidents.