Keep your Amazon Linux patched

Michael Wittig – 25 Oct 2017

Amazon Linux is the default operating system on AWS. As with any other OS, security patches are released as soon as a vulnerability is closed. The Amazon Linux AMI Security Center lists bulletins for security or privacy events pertaining to the Amazon Linux AMI. As soon as a new bulletin is published, you should start to patch your running EC2 instances.

With marbot, you get alerts in Slack for each new bulletin. To do so, you will use a 3rd party service called Zapier to poll the Amazon Linux AMI Security Center and send a web request to marbot in case of new bulletins.

Set up instructions

  1. Create a free Zapier account.
  2. Log in to your Zapier account.
  3. Click on the Make a Zap button.
  4. First, you have to define the Zap trigger. Search for rss and click on RSS by Zapier.
    Step 1
  5. Select New item in Feed and click on the Save + Continue button.
    Step 2
  6. Set the Feed URL to https://alas.aws.amazon.com/alas.rss and click on the Continue button.
    Step 3
  7. You can review your input. Click on the Fetch & Continue button.
  8. Zapier now verifies the trigger. You should see a Test Successful! message. Click on the Continue button.
    Step 4
  9. Now, you have to define the Zap action. Search for webhook and click on Webhooks by Zapier
    Step 5
  10. Select POST and click on the Continue button
    Step 6
  11. Set the URL to https://api.marbot.io/v1/endpoint/$endpoint-ID. Replace $endpoint-ID with the ID of your endpoint. You can get this value by asking @marbot for it in your Slack channel.
  12. Set the first Data row to Title and select the Title field from step 1 by clicking the Insert a Field button.
  13. Click on the + button to add a second data row
  14. Set the second Data row to Link and select the Link field from step 1 by clicking the Insert a Field button.
  15. Click on the Continue button
    Step 7
  16. You can review your input. Click on the Create& Continue button.
  17. Zapier now verifies the action. You should see a Test Successful! message. Click on the Finish button.
    Step 8
  18. Finally, you can name your Zap. E.g., Amazon Linux Security Advisories to marbot
    Step 9
  19. Don’t forget to turn your Zap on.
    Step 10
  20. Done.

Sample Alert

marbot has received the latest bulletin from Zapier during the Zap test.

ALAS Alert

Michael Wittig

Michael Wittig

Consultant focusing on Amazon Web Services (AWS). Entrepreneur building marbot.io. Author of Amazon Web Services in Action, Rapid Docker on AWS, and cloudonaut.io.

You can contact me via Email, Twitter, and LinkedIn.

Published on

marbot teaser

Chatbot for AWS Monitoring

Configure monitoring for Amazon Web Services: CloudWatch, EC2, RDS, EB, Lambda, and more. Receive and manage alerts via Slack. Solve incidents as a team.

Slack
Add to Slack
Microsoft Teams
Add to Teams