Build SSM patch baseline configurations with approval rules, severity filters, compliance levels, and custom repositories.
Build SSM patch baseline configurations with approval rules, severity filters, compliance levels, and custom repositories.
Required Fields
NameOperatingSystemApprovalRules.PatchRulesOutput will appear here...Build SSM patch baseline configurations with approval rules, severity filters, compliance levels, and custom repositories. This tool helps AWS engineers generate valid configurations quickly without consulting documentation, reducing errors and accelerating infrastructure deployment. All processing runs in your browser with no data sent to external servers.
Most of the Systems Manager Patch Baseline primitives behave the same in GovCloud and China partitions, but the ARN partition prefix differs (aws-us-gov, aws-cn) and a handful of services are unavailable. The output is portable in terms of resource shape; you must adjust the partition and verify service availability in the target region before applying.
No — generating a Systems Manager Patch Baseline configuration is independent of the IAM permissions required to apply it. Apply the output with a principal that has the documented privileges for that service. If you want a least-privilege starting point, the AWS Managed Policy generator and IAM Access Analyzer can produce an action list scoped to what your apply needs.
Was this tool helpful?
Disclaimer: This tool runs entirely in your browser. No data is sent to our servers. Always verify outputs before using them in production. AWS, Azure, and GCP are trademarks of their respective owners.