Does this tool connect to my AWS account?

No. This tool runs entirely in your browser and generates configuration JSON that you can copy and paste into your infrastructure-as-code templates, CLI commands, or cloud console. It never connects to any cloud account or sends data externally.

Are the generated configurations production-ready?

The tool produces syntactically valid configurations based on current AWS service specifications. Always review generated configs against your organization security policies and test in a non-production environment before deploying.

AWS Systems Manager Patch Baseline Builder

MonitoringAWS

Build SSM patch baseline configurations with approval rules, severity filters, compliance levels, and custom repositories.

AWS Systems Manager Configuration

Build SSM patch baseline configurations with approval rules, severity filters, compliance levels, and custom repositories.

Required Fields

NameOperatingSystemApprovalRules.PatchRules

{
  "Name": "production-linux-patch-baseline",
  "Description": "Patch baseline for production Amazon Linux 2023 and Ubuntu instances",
  "OperatingSystem": "AMAZON_LINUX_2023",
  "ApprovalRules": {
    "PatchRules": [
      {
        "PatchFilterGroup": {
          "PatchFilters": [
            {
              "Key": "CLASSIFICATION",
              "Values": ["Security", "Bugfix"]
            },
            {
              "Key": "SEVERITY",
              "Values": ["Critical", "Important"]
            }
          ]
        },
        "ApproveAfterDays": 3,
        "ComplianceLevel": "CRITICAL",
        "EnableNonSecurity": false
      },
      {
        "PatchFilterGroup": {
          "PatchFilters": [
            {
              "Key": "CLASSIFICATION",
              "Values": ["Security", "Bugfix", "Enhancement"]
            },
            {
              "Key": "SEVERITY",
              "Values": ["Medium", "Low"]
            }
          ]
        },
        "ApproveAfterDays": 7,
        "ComplianceLevel": "HIGH",
        "EnableNonSecurity": true
      }
    ]
  },
  "ApprovedPatches": [
    "KB5012345",
    "KB5067890"
  ],
  "ApprovedPatchesComplianceLevel": "CRITICAL",
  "RejectedPatches": [
    "KB9999999"
  ],
  "RejectedPatchesAction": "BLOCK",
  "GlobalFilters": {
    "PatchFilters": [
      {
        "Key": "PRODUCT",
        "Values": ["AmazonLinux2023", "AmazonLinux2023.5.0"]
      }
    ]
  },
  "Sources": [
    {
      "Name": "custom-repo",
      "Products": ["AmazonLinux2023"],
      "Configuration": "[custom-repo]\nname=Custom Repository\nbaseurl=https://repo.example.com/amzn2023/\nenabled=1\ngpgcheck=1"
    }
  ],
  "Tags": [
    {
      "Key": "Environment",
      "Value": "production"
    }
  ]
}

Generated Output

Output will appear here...

About This Tool

Build SSM patch baseline configurations with approval rules, severity filters, compliance levels, and custom repositories. This tool helps AWS engineers generate valid configurations quickly without consulting documentation, reducing errors and accelerating infrastructure deployment. All processing runs in your browser with no data sent to external servers.

When to Use This Tool

•Generating aws systems manager patch baseline configurations for new infrastructure deployments.
•Validating existing configurations against best practices before applying changes.
•Learning AWS service configuration patterns through interactive examples.
•Accelerating infrastructure-as-code development by producing correct JSON/YAML starting points.

Frequently Asked Questions

Does this tool connect to my AWS account?: No. This tool runs entirely in your browser and generates configuration JSON that you can copy and paste into your infrastructure-as-code templates, CLI commands, or cloud console. It never connects to any cloud account or sends data externally.
Are the generated configurations production-ready?: The tool produces syntactically valid configurations based on current AWS service specifications. Always review generated configs against your organization security policies and test in a non-production environment before deploying.

Related Learning Guides

DynamoDB Data Modeling28 min read
Cost Optimization Strategies26 min read

Disclaimer: This tool runs entirely in your browser. No data is sent to our servers. Always verify outputs before using them in production. AWS, Azure, and GCP are trademarks of their respective owners.

AWS Systems Manager Patch Baseline Builder

MonitoringAWS

Build SSM patch baseline configurations with approval rules, severity filters, compliance levels, and custom repositories.

AWS Systems Manager Configuration

Build SSM patch baseline configurations with approval rules, severity filters, compliance levels, and custom repositories.

Required Fields

NameOperatingSystemApprovalRules.PatchRules

Generated Output

Output will appear here...

About This Tool

When to Use This Tool

•Generating aws systems manager patch baseline configurations for new infrastructure deployments.
•Validating existing configurations against best practices before applying changes.
•Learning AWS service configuration patterns through interactive examples.
•Accelerating infrastructure-as-code development by producing correct JSON/YAML starting points.

Frequently Asked Questions

Does this tool connect to my AWS account?: No. This tool runs entirely in your browser and generates configuration JSON that you can copy and paste into your infrastructure-as-code templates, CLI commands, or cloud console. It never connects to any cloud account or sends data externally.
Are the generated configurations production-ready?: The tool produces syntactically valid configurations based on current AWS service specifications. Always review generated configs against your organization security policies and test in a non-production environment before deploying.

Related Learning Guides

DynamoDB Data Modeling28 min read
Cost Optimization Strategies26 min read