About the Customer
Our customer is a life sciences company who is transforming genetic disease care. We have been working with them for several years on AWS as well as their on premise infrastructure.
The customer has a large, complex environment that has grown organically as the company has grown. The result is that many operating systems are in use, and the customer needed an easy way to handle patch management. Patching systems is unique across different environments, and also unique across multiple operating systems, so our approach had to handle many combinations with a single management process and ideally a single technology.
We decided to use AWS SSM to solve this challenge. The customer has a significant current investment in their AWS environment, and plans to expand, and the current features of SSM supported our use case.
We use Ansible to automate the configuration management of the environments, so we leveraged that tooling to install SSM agents across the fleet, with appropriate activation keys. We then set up SSM to run SSM doc, in order to show us what patches SSM planned to run. We then set up Patch Manager for all groups, and also set up a baseline.
Since many of these machines were production machines, we elected to run the patch updates during a maintenance window. All went well the first run, but we wanted to automate the process of notifying IT when new patches were ready to be updated. We set up SSM to run a scan daily and notify IT when new patches were ready.
Results and Benefits
After completion, the IT team was able to get their patch compliance over 95%, and decrease the manual effort involved, allowing for patching to consume less of IT’s time and increasing the quality of each patch cycle.
About the Partner
Foghorn Consulting was founded in 2008 with a mission to ensure that cloud computing initiatives deliver maximum value for its customers. Based in the Silicon Valley, Foghorn provides domain expertise in strategy, planning, execution and managed cloud services to high-growth and enterprise companies seeking a cloud partner. Our team of DevOps engineers, SRE’s and certified cloud architects bring over 20 years of domain expertise to ensure your cloud initiatives are a success.
We invite you to chat with our team to learn more about what Foghorn can do for you.