EC2 YUM --security check-update


I have a amazon linux 2 server running ..every day on same time below process used to run and causes a high cpu spike .

/usr/bin/python /usr/bin/yum --debuglevel 2 --security check-update

just want to know what exactly security updates its getting or is it recommended to disable to security update or i will get into any server trouble after disabling it.

asked 3 months ago245 views
2 Answers


Disabling security updates on servers is generally not recommended, as it leaves them vulnerable to potential exploits. The yum check-update process you're seeing is likely checking for any available security updates from Amazon Linux repositories.


answered 3 months ago
  • You can try to set a yum cron job schedule to run checks during off-peak hours to minimize impact.



To know more about yum --security, go to

This post details what the yum-security plugin brings you. This plugin make it possible to limit list/upgrade of packages to specific security relevant ones.

All possible command options are detailled here:

If it brings a high cpu spike to your machine, you should - if possible - schedule it via cron during a low-activity period. But, it would not be a good idea to disable the package updates, especially those relevant to security. It is better to keep you machine up to date.



profile pictureAWS
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions