参考:用于修补操作的 Amazon S3 存储桶 - AWS Systems Manager
包含用于修补操作的 SSM 命令文档的存储桶(Linux 和 Windows Server)包含用于修补操作的 SSM 命令文档的存储桶 (macOS)包含 AWS 托管补丁基准快照的存储桶

参考:用于修补操作的 Amazon S3 存储桶

在执行各种 Patch Manager 修补操作的过程中,AWS Systems Manager Agent(SSM Agent)访问 Amazon Web Services(AWS)拥有和维护的某些 Amazon Simple Storage Service(Amazon S3)存储桶。这些 S3 存储桶可以公开访问,默认情况下,SSM Agent 使用 HTTP 调用连接到这些存储桶。

但是,如果您正在 Systems Manager 操作中使用虚拟私有云(VPC)端点,则必须在 Systems Manager 的 Amazon Elastic Compute Cloud(Amazon EC2)实例配置文件中提供显式权限,或者在混合和多云环境中的非 EC2 计算机的服务角色中提供。否则,资源无法访问这些公有存储桶。

本参考主题列出了每个受支持 AWS 区域 的修补相关存储桶。

有关在 EC2 实例配置文件中指定这些 S3 存储桶的信息,请参阅 SSM Agent 与 AWS 托管 S3 存储桶进行通信

有关将 VPC 端点与 Systems Manager 结合使用的信息,请参阅 使用适用于 Systems Manager 的 VPC 端点提高 EC2 实例的安全性

包含用于修补操作的 SSM 命令文档的存储桶(Linux 和 Windows Server)

格式为 aws-patch-manager-region-unique-suffix 的存储桶包含在 Linux 和 Windows Server 操作系统上进行 Patch Manager 修补操作时使用的以下文档:

  • AWS-RunPatchBaseline

  • AWS-RunPatchBaselineAssociation

  • AWS-RunPatchBaselineWithHooks

  • AWS-InstanceRebootWithHooks

  • AWS-PatchAsgInstance

  • AWS-PatchInstanceWithRollback

区域名称 区域代码 aws-patch-manager-region-suffix 存储桶
美国东部(俄亥俄州) us-east-2 aws-patch-manager-us-east-2-552881074
美国东部(弗吉尼亚州北部) us-east-1 aws-patch-manager-us-east-1-1970c647d
美国西部(加利福尼亚北部) us-west-1 aws-patch-manager-us-west-1-8badb4304
美国西部(俄勒冈州) us-west-2 aws-patch-manager-us-west-2-34d7f99f8
非洲(开普敦) af-south-1 aws-patch-manager-af-south-1-bdd5f65a9
亚太地区(香港) ap-east-1 aws-patch-manager-ap-east-1-632356271
亚太地区(海得拉巴) ap-south-2 aws-patch-manager-ap-south-2-32f4b4128
亚太地区(雅加达) ap-southeast-3 aws-patch-manager-ap-southeast-3-aa48fc462
亚太地区(墨尔本) ap-southeast-4 aws-patch-manager-ap-southeast-4-01e2c40d3
亚太地区(孟买) ap-south-1 aws-patch-manager-ap-south-1-cb7c62ff9
Asia Pacific (Osaka) ap-northeast-3 aws-patch-manager-ap-northeast-3-67373598a
Asia Pacific (Seoul) ap-northeast-2 aws-patch-manager-ap-northeast-2-10467995c
亚太地区(新加坡) ap-southeast-1 aws-patch-manager-ap-southeast-1-7fdfd9ef7
亚太地区(悉尼) ap-southeast-2 aws-patch-manager-ap-southeast-2-17283a275
Asia Pacific (Tokyo) ap-northeast-1 aws-patch-manager-ap-northeast-1-4849fa78f
加拿大(中部) ca-central-1 aws-patch-manager-ca-central-1-3148e69e3
加拿大西部(卡尔加里) ca-west-1 aws-patch-manager-ca-west-1-9e3a4b2f9
欧洲(法兰克福) eu-central-1 aws-patch-manager-eu-central-1-9163fdaaf
欧洲地区(爱尔兰) eu-west-1 aws-patch-manager-eu-west-1-5522fb710
欧洲(伦敦) eu-west-2 aws-patch-manager-eu-west-2-902a2bc74
欧洲(米兰) eu-south-1 aws-patch-manager-eu-south-1-c52f3f594
欧洲(巴黎) eu-west-3 aws-patch-manager-eu-west-3-29bf85721
欧洲(西班牙) eu-south-2 aws-patch-manager-eu-south-2-a4cf248b1
欧洲地区(斯德哥尔摩) eu-north-1 aws-patch-manager-eu-north-1-795879e9b
欧洲(苏黎世) eu-central-2 aws-patch-manager-eu-central-2-184ce43c8
以色列(特拉维夫) il-central-1 aws-patch-manager-il-central-1-e221cb57b
中东(巴林) me-south-1 aws-patch-manager-me-south-1-a53fc9dce
中东(阿联酋) me-central-1 aws-patch-manager-me-central-1-2932f2f80
南美洲(圣保罗) sa-east-1 aws-patch-manager-sa-east-1-ddf4b6a09

包含用于修补操作的 SSM 命令文档的存储桶 (macOS)

格式为 aws-patchmanager-macos-region-unique-suffix 的存储桶包含在 macOS 操作系统上进行 Patch Manager 修补操作时使用的以下文档:

  • AWS-RunPatchBaseline

  • AWS-RunPatchBaselineAssociation

  • AWS-RunPatchBaselineWithHooks

  • AWS-InstanceRebootWithHooks

  • AWS-PatchAsgInstance

  • AWS-PatchInstanceWithRollback

区域名称 区域代码 aws-patchmanager-macos-region-suffix 存储桶
美国东部(俄亥俄州) us-east-2 aws-patchmanager-macos-us-east-2-552881074
美国东部(弗吉尼亚州北部) us-east-1 aws-patchmanager-macos-us-east-1-1970c647d
美国西部(加利福尼亚北部) us-west-1 aws-patchmanager-macos-us-west-1-8badb4304
美国西部(俄勒冈州) us-west-2 aws-patchmanager-macos-us-west-2-34d7f99f8
非洲(开普敦) af-south-1 aws-patchmanager-macos-af-south-1-bdd5f65a9
亚太地区(香港) ap-east-1 aws-patchmanager-macos-ap-east-1-632356271
亚太地区(海得拉巴) ap-south-2 aws-patchmanager-macos-ap-south-2-32f4b4128
亚太地区(雅加达) ap-southeast-3 aws-patchmanager-macos-ap-southeast-3-aa48fc462
亚太地区(墨尔本) ap-southeast-4 aws-patchmanager-macos-ap-southeast-4-01e2c40d3
亚太地区(孟买) ap-south-1 aws-patchmanager-macos-ap-south-1-cb7c62ff9
Asia Pacific (Osaka) ap-northeast-3 aws-patchmanager-macos-ap-northeast-3-67373598a
Asia Pacific (Seoul) ap-northeast-2 aws-patchmanager-macos-ap-northeast-2-10467995c
亚太地区(新加坡) ap-southeast-1 aws-patchmanager-macos-ap-southeast-1-7fdfd9ef7
亚太地区(悉尼) ap-southeast-2 aws-patchmanager-macos-ap-southeast-2-17283a275
Asia Pacific (Tokyo) ap-northeast-1 aws-patchmanager-macos-ap-northeast-1-4849fa78f
加拿大(中部) ca-central-1 aws-patchmanager-macos-ca-central-1-3148e69e3
加拿大西部(卡尔加里) ca-west-1 aws-patchmanager-macos-ca-west-1-9e3a4b2f9
欧洲(法兰克福) eu-central-1 aws-patchmanager-macos-eu-central-1-9163fdaaf
欧洲地区(爱尔兰) eu-west-1 aws-patchmanager-macos-eu-west-1-5522fb710
欧洲(伦敦) eu-west-2 aws-patchmanager-macos-eu-west-2-902a2bc74
欧洲(米兰) eu-south-1 aws-patchmanager-macos-eu-south-1-c52f3f594
欧洲(巴黎) eu-west-3 aws-patchmanager-macos-eu-west-3-29bf85721
欧洲(西班牙) eu-south-2 aws-patchmanager-macos-eu-south-2-a4cf248b1
欧洲地区(斯德哥尔摩) eu-north-1 aws-patchmanager-macos-eu-north-1-795879e9b
欧洲(苏黎世) eu-central-2 aws-patchmanager-macos-eu-central-2-184ce43c8
以色列(特拉维夫) il-central-1 aws-patchmanager-macos-il-central-1-e221cb57b
中东(巴林) me-south-1 aws-patchmanager-macos-me-south-1-a53fc9dce
中东(阿联酋) me-central-1 aws-patchmanager-macos-me-central-1-2932f2f80
南美洲(圣保罗) sa-east-1 aws-patchmanager-macos-sa-east-1-ddf4b6a09

包含 AWS 托管补丁基准快照的存储桶

格式为 patch-baseline-snapshot-regionpatch-baseline-snapshot-region-unique-suffix 的存储桶包含 AWS 托管补丁基准快照。如果您使用下列 SSM 文档,则必须具有此 S3 存储桶的访问权限:

  • AWS-RunPatchBaseline

  • AWS-RunPatchBaselineAssociation

  • AWS-RunPatchBaselineWithHooks

  • AWS-ApplyPatchBaseline(原有 SSM 文档)

区域名称 区域代码 patch-baseline-snapshot-* 存储桶
美国东部(俄亥俄州) us-east-2 patch-baseline-snapshot-us-east-2
美国东部(弗吉尼亚州北部) us-east-1 patch-baseline-snapshot-us-east-1
美国西部(加利福尼亚北部) us-west-1 patch-baseline-snapshot-us-west-1
美国西部(俄勒冈州) us-west-2 patch-baseline-snapshot-us-west-2
非洲(开普敦) af-south-1 patch-baseline-snapshot-af-south-1-tbxdb5b9
亚太地区(香港) ap-east-1 patch-baseline-snapshot-ap-east-1
亚太地区(海得拉巴) ap-south-2 patch-baseline-snapshot-ap-south-2-50209442
亚太地区(雅加达) ap-southeast-3 patch-baseline-snapshot-ap-southeast-3-be0a3174
亚太地区(墨尔本) ap-southeast-4 patch-baseline-snapshot-ap-southeast-4-dc6f76ce
亚太地区(孟买) ap-south-1 patch-baseline-snapshot-ap-south-1
Asia Pacific (Osaka) ap-northeast-3 patch-baseline-snapshot-ap-northeast-3
Asia Pacific (Seoul) ap-northeast-2 patch-baseline-snapshot-ap-northeast-2
亚太地区(新加坡) ap-southeast-1 patch-baseline-snapshot-ap-southeast-1
亚太地区(悉尼) ap-southeast-2 patch-baseline-snapshot-ap-southeast-2
Asia Pacific (Tokyo) ap-northeast-1 patch-baseline-snapshot-ap-northeast-1
加拿大(中部) ca-central-1 patch-baseline-snapshot-ca-central-1
加拿大西部(卡尔加里) ca-west-1 patch-baseline-snapshot-ca-west-1
欧洲(法兰克福) eu-central-1 patch-baseline-snapshot-eu-central-1
欧洲地区(爱尔兰) eu-west-1 patch-baseline-snapshot-eu-west-1
欧洲(伦敦) eu-west-2 patch-baseline-snapshot-eu-west-2
欧洲(米兰) eu-south-1 patch-baseline-snapshot-eu-south-1
欧洲(巴黎) eu-west-3 patch-baseline-snapshot-eu-west-3
欧洲(西班牙) eu-south-2 patch-baseline-snapshot-eu-south-2-df2c9d70
欧洲地区(斯德哥尔摩) eu-north-1 patch-baseline-snapshot-eu-north-1
欧洲(苏黎世) eu-central-2 patch-baseline-snapshot-eu-central-2
以色列(特拉维夫) il-central-1 patch-baseline-snapshot-il-central-1
中东(巴林) me-south-1 patch-baseline-snapshot-me-south-1-uduvl7q8
中东(阿联酋) me-central-1 patch-baseline-snapshot-me-central-1
南美洲(圣保罗) sa-east-1 patch-baseline-snapshot-sa-east-1