Answer-first summary for fast verification
Answer: Use Systems Manager Inventory to collect patch versions. Generate a report of all instances.
**AWS Systems Manager Inventory** provides visibility into your Amazon EC2 and on-premises computing environments. You can use it to collect metadata from your managed instances, which includes operating system details, installed applications, and patch information. This service stores the state and automatically updates it based on the schedule you define, making it the most operationally efficient way to collect, query, and generate reports on the patch status of all instances without requiring custom scripts or running commands manually.
Author: Ritesh Yadav
Ultimate access to all questions.
Question #70 A company uses hundreds of Amazon EC2 On-Demand Instances and Spot Instances to run production and non-production workloads. The company installs and configures the AWS Systems Manager Agent (SSM Agent) on the EC2 instances. During a recent instance patch operation, some instances were not patched because the instances were either busy or down. The company needs to generate a report that lists the current patch version of all instances. Which solution will meet these requirements in the MOST operationally efficient way?
A
Use Systems Manager Inventory to collect patch versions. Generate a report of all instances.
B
Use Systems Manager Run Command to remotely collect patch version information. Generate a report of all instances.
C
Use AWS Config to track EC2 instance configuration changes by using output from the SSM Agents. Create a custom rule to check for patch versions. Generate a report of all unpatched instances.
D
Use AWS Config to monitor the patch status of the EC2 instances by using output from the SSM Agents. Create a configuration compliance rule to check whether patches are installed. Generate a report of all instances.
No comments yet.