Skip to main content
Security Modules 0.74.0Last updated in version 0.72.1

Security Modules

View SourceRelease Notes

This module can configure a Linux server to automatically install critical security updates.


  • Automatically install critical security updates once per night so your servers don’t go unpatched for long periods of time.

  • Built-in random delay (between 0 and 30 minutes, by default) so all of your servers don’t update at the exact same time.

  • Supports Ubuntu 18.04 and 20.04 via unattended-upgrades.

  • Supports Amazon Linux 2, and CentOS via yum-cron.



This repo is a part of the Gruntwork Infrastructure as Code Library, a collection of reusable, battle-tested, production ready infrastructure code. If you’ve never used the Infrastructure as Code Library before, make sure to read How to use the Gruntwork Infrastructure as Code Library!

Core concepts

Repo organization

  • modules: the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.

  • examples: This folder contains working examples of how to use the submodules.

  • test: Automated tests for the modules and examples.


Non-production deployment (quick start for learning)

If you just want to try this repo out for experimenting and learning, check out the following resources:

  • auto-update example: The examples/auto-update folder contains sample code optimized for learning, experimenting, and testing (but not production usage).

Production deployment

If you want to deploy this repo in production, check out the following resources: