Week 3 - Self-Service EC2 Fleet Patching with AWS SSM
☁️ AWS Platform Engineering Lab 📅 Week 3 of 52 🖥️ 7 SSM Services 🏗️ 80+ Terraform resources 🔒 Zero SSH Week 3: From Invisible to Fully Managed — Self-Service EC2 Fleet Patching with AWS SSM ServiceNow → API Gateway → Lambda → Step Functions → SSM Automation → Patch Manager Every enterprise inherits a fleet, not a blank slate. Servers were launched months ago by different teams — no consistent tagging, unknown patch state, no baseline assigned. You can't patch what you can't identify. Week 3 of my 52-week AWS lab solves both problems: a self-service platform where an ops engineer submits a ServiceNow ticket to either onboard an unmanaged EC2 instance into the managed fleet, or trigger a patch run across the entire environment. The ticket closes itself with a full compliance report. Zero SSH. Zero manual steps. 7 SSM Services Used 3 Instances Managed 0 SSH Connections 100% Patch Compliance 472 Patches Installed The Problem T...