how to patch windows ec2 instances in private subnets
Hi Team,
Regarding patch updates in private subnet, I came across one reference that seemed somewhat intricate. Are there simpler alternatives available for implementing patch updates?
- Le plus récent
- Le plus de votes
- La plupart des commentaires
The other option is to have a local wsus server in a subnet with a route to the internet either via a NAT gateway or public subnet if windows and local Linux repos which in turn they only have routes to the internet while internal servers connect to these and nothing else.
Hello.
NAT Gateway is required for patching EC2 on private subnets.
Without a publicly accessible route, it is not possible to obtain updates from external repositories.
Thank you so much Riku and Gary for your immediate responses.
Let me try it out without NAT gateway as I am looking for reducing cost.
@Gary: Full context regarding this question: https://repost.aws/questions/QUyxuma6m6SO2laxH0GDBkOA/hosting-internal-application-on-aws
You could then in this case use an on prem WSUS/SCCM and if using red hat, a local satellite etc.
I’m sure I’ve also seen default routes back to on prem and allow internet connectivity via on prem. Thus negating the need of a NAT Gateway.
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a un an
AWS OFFICIELA mis à jour il y a un an- AWS OFFICIELA mis à jour il y a 3 ans
The other option is to have a local wsus server if windows and local Linux repos which in turn they only have routes to the internet while internal servers connect to these and nothing else.