How to apply Patch for windows workspace instance?

0

Customer is building their BYOL windows image for workspace instances. They asked about how to apply frequent OS patches on workspace instances. They can not build and install a new Image every time for a new patch. They need to push the instances to install new patches. What's the best practices to push a new patch to be installed on windows workspace instances? Can we use AWS services such as SSM?

質問済み 5年前1751ビュー
1回答
0
承認された回答

BYOL WorkSpaces running Windows 7/10 OS can receive updates in different ways. Typically, Microsoft SCCM or a 3rd party patch management tool like Manage Engine Desktop Control is used to deploy/push new patches to the WorkSpace just like how it would be done on a physical desktop.

If your customer does not have a patch/update management software such as SCCM or another 3rd party vendor tool, then the options are to have the WorkSpace configured by Group Policy to use Windows update and configure a policy that schedules the update check and sets an installation time. You can deploy a WSUS server to optimize the download and availability of the patches to a large number of WorkSpace and limit Internet traffic.

SSM is not fully supported on WorkSpaces and cannot be used to manage patch installation.

The customer should consider creating and and/or updating the image regularly (e.g. Quarterly or more) to ensure the image has the latest windows update/patches. This would reduce the amount of updates required for each new WorkSpace that is built from that image.

profile pictureAWS
エキスパート
回答済み 5年前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ