I'm looking for ways to update my Windows Server 2019 instance running on EC2, but the server is on a private network with no internet access. What are my options for applying updates? Any guidance would be appreciated!
5 Answers
You can use AWS Systems Manager's Patch Manager or SSM Automation commands to help install Windows updates on your server.
You could also set up a proxy server that does have internet access to cache and download the updates. You can run the proxy in a separate AWS account and use PrivateLink to keep your main account air-gapped while still managing updates.
Another approach is to store the patch files in an S3 bucket and run a script to install them onto your server from there.
For a more professional solution, consider using a patch management platform like WSUS, though keep in mind that it needs an internet connection. If you're DIY inclined, tools like BatchPatch can help list out the required updates, letting you download them to S3 from another machine for installation.
One option is to download the specific KB updates directly from the Microsoft website and copy them over to your server for installation. Alternatively, setting up a WSUS server to sync patches and then using that to install updates can be effective.
Related Questions
How To Get Your Domain Unblocked From Facebook
How To Find A String In a Directory of Files Using Linux