Skip to main content
knackforge blog knowledge base

How to apply only security updates in Amazon Linux AMI

Prenote:

The Amazon Linux AMI is a Linux image provided by Amazon Web Services (AWS) for use on Amazon EC2. It is designed to provide a stable, secure, and high performance execution environment for applications running on Amazon EC2.
 

Though Amazon Linux AMI is supported & maintained by AWS themselves, the security & performance patches to Linux Kernel & server packages are not applied automatically on the running instances. A degree of expert intervention is needed to put the security patches in place and they can be availed from official repository itself. 

Below are the some of the commands to help in this connection.

1. To list the available security updates

[ec2-user@ip-123-45-67-890 ]$  yum list-security --security

The above command will only list the available updates for each package by criticality.  

AMAZON LINUX AMI SECURITY UPDATE LIST

2. Applying the security patches

After reviewing the list of available packages we can either apply patches selectively or on the whole.

To apply all the security patches at the same time, 

[ec2-user@ip-123-45-67-890 ]$ sudo yum update --security

Or to apply the security patches selectively.

[ec2-user@ip-123-45-67-890 ]$  yum list-security [PACKAGES-NAME-SEPARTED-BY-COMMA] 

AMAZON LINUX AMI SECURITY UPDATE
 

Once the above command is issued, the package manager will resolve the dependencies to suggest for the install, update & replace of packages as needed.

update prompt

 

 

update prompt

 

update completed

Upon acknowledging with the Y/N prompt the necessary action will be performed by the package manager. These commands do apply only the security patches & don't go for software upgrade which might break the running application. Anyway, it is recommended to take the necessary backup before attempting to apply the security patches.

Add new comment

The content of this field is kept private and will not be shown publicly.

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.