Keep your Amazon Linux patched

Michael Wittig – 25 Oct 2017

Amazon Linux is the default operating system on AWS. As with any other OS, security patches are released as soon as a vulnerability is closed. The Amazon Linux AMI Security Center lists bulletins for security or privacy events pertaining to the Amazon Linux AMI. As soon as a new bulletin is published, you should start to patch your running EC2 instances.

With marbot, you get alerts in Slack for each new bulletin. To do so, you will use a 3rd party service called Zapier to poll the Amazon Linux AMI Security Center and send a web request to marbot in case of new bulletins.

Set up instructions

  1. Create a free Zapier account.
  2. Log in to your Zapier account.
  3. Click on the Make a Zap button.
  4. First, you have to define the Zap trigger. Search for rss and click on RSS by Zapier.
    Step 1
  5. Select New item in Feed and click on the Save + Continue button.
    Step 2
  6. Set the Feed URL to https://alas.aws.amazon.com/alas.rss and click on the Continue button.
    Step 3
  7. You can review your input. Click on the Fetch & Continue button.
  8. Zapier now verifies the trigger. You should see a Test Successful! message. Click on the Continue button.
    Step 4
  9. Now, you have to define the Zap action. Search for webhook and click on Webhooks by Zapier
    Step 5
  10. Select POST and click on the Continue button
    Step 6
  11. Set the URL to https://api.marbot.io/v1/endpoint/$endpoint-ID. Replace $endpoint-ID with the ID of your endpoint. You can get this value by asking @marbot for it in your Slack channel.
  12. Set the first Data row to Title and select the Title field from step 1 by clicking the Insert a Field button.
  13. Click on the + button to add a second data row
  14. Set the second Data row to Link and select the Link field from step 1 by clicking the Insert a Field button.
  15. Click on the Continue button
    Step 7
  16. You can review your input. Click on the Create& Continue button.
  17. Zapier now verifies the action. You should see a Test Successful! message. Click on the Finish button.
    Step 8
  18. Finally, you can name your Zap. E.g., Amazon Linux Security Advisories to marbot
    Step 9
  19. Don’t forget to turn your Zap on.
    Step 10
  20. Done.

Sample Alert

marbot has received the latest bulletin from Zapier during the Zap test.

ALAS Alert

Michael Wittig

Michael Wittig

I’m the author of Amazon Web Services in Action. I work as a software engineer, and independent consultant focused on AWS and DevOps.

You can contact me via Email, Twitter, and LinkedIn.

Briefcase icon
Hire me
marbot teaser

Incident Management for Slack

Team up to solve incidents with marbot. Never miss a critical alert. Escalate alerts from your AWS infrastructure among your team members. Strong integrations with all parts of your AWS infrastructure: CloudWatch, Elastic Beanstalk, RDS, EC2, ...

Slack icon
Try for free