AWS systems-manager documentation change
Summary
Added clarification that PatchSummary reports are only generated by successful patching operations and include capture time
Security assessment
The change adds operational clarity about compliance reporting but does not address vulnerabilities or document security features
Diff
diff --git a/systems-manager/latest/userguide/patch-manager-find-noncompliant-nodes.md b/systems-manager/latest/userguide/patch-manager-find-noncompliant-nodes.md index 8e754e6a5..114ab8daa 100644 --- a//systems-manager/latest/userguide/patch-manager-find-noncompliant-nodes.md +++ b//systems-manager/latest/userguide/patch-manager-find-noncompliant-nodes.md @@ -18 +18 @@ Processes that use the document | **Patch on demand** \- You can scan or patch -Format of the patch scan result data | After `AWS-RunPatchBaseline` runs, Patch Manager sends an `AWS:PatchSummary` object to Inventory, a tool in AWS Systems Manager. | After `AWS-RunPatchBaselineAssociation` runs, Patch Manager sends an `AWS:ComplianceItem` object to Systems Manager Inventory. +Format of the patch scan result data | After `AWS-RunPatchBaseline` runs, Patch Manager sends an `AWS:PatchSummary` object to Inventory, a tool in AWS Systems Manager. This report is generated only by successful patching operations and includes a capture time that identifies when the compliance status was calculated. | After `AWS-RunPatchBaselineAssociation` runs, Patch Manager sends an `AWS:ComplianceItem` object to Systems Manager Inventory.