Keep your Amazon Linux patched

Michael Wittig – 25 Oct 2017 (updated 27 Jan 2021)

Amazon Linux (1 or 2) is the default operating system on AWS. As with any other OS, security patches are released as soon as a vulnerability is closed. The Amazon Linux AMI Security Center lists bulletins for security or privacy events pertaining to the Amazon Linux AMI. As soon as a new bulletin is published, you should start to patch your running EC2 instances.

With marbot, you get alerts in Slack or Microsoft Teams for each new bulletin. To do so, you will use a 3rd party service called Zapier to poll the Amazon Linux AMI Security Center and send a web request to marbot in case of new bulletins.

Set up instructions

  1. Create a free Zapier account.
  2. Log in to your Zapier account.
  3. Click on the Make a Zap button.
  4. First, you have to define the Zap trigger. Search for rss and click on RSS by Zapier.
    Step 1
  5. Select New item in Feed and click on the Continue button.
    Step 2
  6. Set the Feed URL to https://alas.aws.amazon.com/alas.rss (or https://alas.aws.amazon.com/AL2/alas.rss for Amazon Linux 2) and click on the Continue button.
    Step 3
  7. Test your trigger. Click on the Test trigger button.
  8. Zapier now verifies the trigger. You should see a We found an item! message. Click on the Continue button.
    Step 4
  9. Now, you have to define the Zap action. Search for webhook and click on Webhooks by Zapier
    Step 5
  10. Select POST and click on the Continue button
    Step 6
  11. Set the URL to https://api.marbot.io/v1/endpoint/$endpoint-ID. Replace $endpoint-ID with the ID of your endpoint. You can get this value by asking @marbot for it in your Slack channel.
  12. Set the first Data row to Title and select the Title field.
  13. Click on the + button to add a second data row.
  14. Set the second Data row to Link and select the Link field.
  15. Add the X-Alert-Key header and select the ID field.
  16. Click on the Continue button.
    Step 7
  17. Test your action. Click on the Test & Continue button.
  18. Zapier now verifies the action. You should see a Test was successful! message. Click on the Turn on Zap button.

Done.

Sample Alert

marbot has received the latest bulletin from Zapier during the Zap test.

ALAS Alert

Michael Wittig

Michael Wittig

Consultant focusing on Amazon Web Services (AWS). Entrepreneur building marbot.io. Author of Amazon Web Services in Action, Rapid Docker on AWS, and cloudonaut.io.

You can contact me via Email, Twitter, and LinkedIn.

Published on and updated on

marbot teaser

Chatbot for AWS Monitoring

Configure monitoring for Amazon Web Services: CloudWatch, EC2, RDS, EB, Lambda, and more. Receive and manage alerts via Slack. Solve incidents as a team.

Slack
Add to Slack
Microsoft Teams
Add to Teams