I'm looking for guidance on how to update an EC2 instance running Windows Server 2019 that's isolated on a private network without any internet access. What are my options for patching it?
5 Answers
One option is to use Patch Manager or SSM Automation command documents to install Windows updates. This could help you manage patches within the constraints of your network.
Another option is to set up a proxy that has internet access to cache and download updates, then use PrivateLink to maintain the air-gapped nature of your primary EC2 account.
A hands-on approach would be to store patch files in an S3 bucket and then run a script on your server to install them from there.
For a more robust solution, consider using a patch management platform like WSUS Server. It requires internet access for the initial setup, but once configured, it can manage updates offline. Alternatively, you could use BatchPatch to identify needed updates, download them using a different machine, and then apply them.
You can download the necessary KB updates from the Microsoft website, transfer them to your server, and install them manually. Alternatively, setting up a WSUS server that syncs patches can streamline the updating process for your instance.
Related Questions
How To Get Your Domain Unblocked From Facebook
How To Find A String In a Directory of Files Using Linux