Security Modules 0.74.5Last updated in version 0.74.2

Security Modules

View Source Release Notes

This module can configure a Linux server to automatically install critical security updates.

Features

• Automatically install critical security updates once per night so your servers don’t go unpatched for long periods of time.

• Built-in random delay (between 0 and 30 minutes, by default) so all of your servers don’t update at the exact same time.

• Supports Ubuntu 18.04 and 20.04 via unattended-upgrades.

• Supports Amazon Linux 2, Amazon Linux 2023, and CentOS Stream 9 yum-cron.

Learn

Note

This repo is a part of the Gruntwork Infrastructure as Code Library, a collection of reusable, battle-tested, production ready infrastructure code. If you’ve never used the Infrastructure as Code Library before, make sure to read How to use the Gruntwork Infrastructure as Code Library!

Core concepts

• How to install Auto Update

• How Auto Update works on Ubuntu

• How Auto Update works on Amazon Linux 2

• Auto Update Limitations

• Core Security Concepts

Repo organization

• modules: the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.

• examples: This folder contains working examples of how to use the submodules.

• test: Automated tests for the modules and examples.

Deploy

Non-production deployment (quick start for learning)

If you just want to try this repo out for experimenting and learning, check out the following resources:

• auto-update example: The examples/auto-update folder contains sample code optimized for learning, experimenting, and testing (but not production usage).

Production deployment

If you want to deploy this repo in production, check out the following resources:

• Packer template in the Acme example Reference Architecture: Production-ready sample code from the Acme Reference Architecture examples.