构建用于智能 AWS 补丁自动化的自定义代理 [重复].pdf

《构建用于智能 AWS 补丁自动化的自定义代理 [重复].pdf》由会员分享，可在线阅读，更多相关《构建用于智能 AWS 补丁自动化的自定义代理 [重复].pdf（19页珍藏版）》请在三个皮匠报告上搜索。

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.C O P 4 0 7-RBuilding custom agents for intelligent AWS patch automationPraveen BhatPrincipal Solutions ArchitectJustin ThomasSr.Cloud Support Eng.2025,Amazon Web Se

2、rvices,Inc.or its affiliates.All rights reserved.Problem Scenario1The Security DirectorCVE-2025-XXXX just dropped.Whats our exposure?The Platform EngineerThis is going to take some time.I will have to test this patch first23The Compliance ManagerWhats the CVSS score?Are we talking emergency patching

3、 or can this wait for the maintenance window?4The CTOEvery CVE is a manual scavenger hunt.We need better Automation and Intelligence.Manual Everything Corp.ALARM 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Demo 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved

4、.DemoInfrastructure(15 EC2 Instances)Staging(5)Daily 1AM UTCWeekly Tue 2AM UTCMonthly 25th 2AM UTCAmazon InspectorAWS ConfigAWS Systems ManagerExisting AWS Services(Foundation)Amazon S3AWS Account:demo Region:us-east-1Dev(5)Prod(5)Patch Schedule 2025,Amazon Web Services,Inc.or its affiliates.All rig

5、hts reserved.DemoInfrastructure(15 EC2 Instances)Staging(5)Daily 1AM UTCWeekly Tue 2AM UTCMonthly 25th 2AM UTCAmazon InspectorAWS ConfigAWS Systems ManagerExisting AWS Services(Foundation)Amazon S3Intelligent Patch AutomationPatch Manager AgentCompliance Analyst AgentAWS Account:demo Region:us-east-

6、1Dev(5)Prod(5)Vulnerability Analyst AgentSupervisor AgentPatch Schedule 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Architecture 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Supervisor AgentArchitecture Agents 2025,Amazon Web Services,Inc.or its affiliate