how to patch windows ec2 instances in private subnets
Hi Team,
Regarding patch updates in private subnet, I came across one reference that seemed somewhat intricate. Are there simpler alternatives available for implementing patch updates?
- 最新
- 最多得票
- 最多評論
The other option is to have a local wsus server in a subnet with a route to the internet either via a NAT gateway or public subnet if windows and local Linux repos which in turn they only have routes to the internet while internal servers connect to these and nothing else.
Hello.
NAT Gateway is required for patching EC2 on private subnets.
Without a publicly accessible route, it is not possible to obtain updates from external repositories.
Thank you so much Riku and Gary for your immediate responses.
Let me try it out without NAT gateway as I am looking for reducing cost.
@Gary: Full context regarding this question: https://repost.aws/questions/QUyxuma6m6SO2laxH0GDBkOA/hosting-internal-application-on-aws
You could then in this case use an on prem WSUS/SCCM and if using red hat, a local satellite etc.
I’m sure I’ve also seen default routes back to on prem and allow internet connectivity via on prem. Thus negating the need of a NAT Gateway.
相關內容
AWS 官方已更新 1 年前- AWS 官方已更新 3 年前
The other option is to have a local wsus server if windows and local Linux repos which in turn they only have routes to the internet while internal servers connect to these and nothing else.