Auto-remediation for Amazon-Linux patching

IBM Concert's auto-remediation feature for Amazon-Linux patching streamlines vulnerability management by applying patches to Amazon-Linux operating systems.

Before you begin

  • You must have sudo access (root) to reboot machines.
  • Your Concert instance must have the Concert Workflows feature installed to enable auto-remediation capabilities.

Setting up the Apply Linux patch Workflow

To set up the Apply Linux patch Workflow, follow these steps:

  1. Go to Workflows > Manage and create a folder that is named Remediation.
  2. Download the Apply_Linux_Patch Workflow from the Automation library.
  3. Import the Apply_Linux_Patch Workflow to the Remediation folder.
  4. Set up the Sync AWS Linux Bulletin Workflow. Refer to the Setting up the Sync AWS Linux Bulletin workflow topic for details.

Creating authentication for Amazon-Linux through Workflow

To create authentication for Amazon-Linux, follow these steps:

  1. Navigate to Workflows > Authentications > Create Authentication.
  2. Select Ansible as the authentication service.
  3. Provide authentication details, OpenSSH private key in the private key field.
    Note: To obtain the OpenSSH private key for Red Hat machines:
    1. Run cd /root/.ssh and cat id_rsa to copy the complete private key.
    2. Add the private key to the authentication with an additional newline.
    3. If the OpenSSH private key does not exist, create one using the command ssh-keygen.
  4. Add the following inventory details: 
    [canary]
rhelPatch ansible_host=<host-name> ansible_user=<user_name>

    Replace <host-name> with the hostname or IP address of your Amazon-Linux machine.

    Replace <user_name> with the username of your Amazon-Linux machine.

  5. Click Create to obtain the authentication key.
  6. Test the connection to RHEL: Verify the authentication connection to ensure it's successful.
    1. Go to Workflows > Manage and create a folder that is named Test.
    2. Download the Test Connection to RHEL Workflow from the Automation library.
    3. Import the Test Connection to RHEL Workflow to the Test folder.
    4. Provide the newly created Linux authentication key as input to the Test Connection to RHEL Workflow.
    5. Run the workflow to ensure the connection is successful ("success":true).
  7. Provide the authentication key to the authentication variable in the Apply_Linux_Patch Workflow.
  8. Click Save.

Next steps

For a detailed, step-by-step guide to the auto-remediation process in Concert, refer to the Navigating auto-remediation in the Concert UI topic.