AWS systems-manager documentation change
Summary
Fixed a typo in 'debian-security' and expanded descriptions for 'MISSING' and 'FAILED' patch compliance states.
Security assessment
The changes improve clarity and fix a typo. While patch management is a security best practice, these updates do not address a specific security issue or add new security documentation.
Diff
diff --git a/systems-manager/latest/userguide/patch-manager-compliance-states.md b/systems-manager/latest/userguide/patch-manager-compliance-states.md index 92e7859fa..a7c13bcff 100644 --- a//systems-manager/latest/userguide/patch-manager-compliance-states.md +++ b//systems-manager/latest/userguide/patch-manager-compliance-states.md @@ -37 +37 @@ Keep the following in mind when you're evaluating the `INSTALLED`, `INSTALLED_OT - * `debian-security` (Debian Server + * `debian-security` (Debian Server) @@ -55,2 +55,2 @@ In neither case does it mean that a patch with this status _requires_ a reboot, -**`MISSING`** | Packages that are filtered through the baseline and not already installed. | Non-Compliant -**`FAILED`** | Packages that failed to install during the patch operation. | Non-Compliant +**`MISSING`** | The patch is approved in the baseline, but it isn't installed on the managed node. If you configure the `AWS-RunPatchBaseline` document task to scan (instead of install), the system reports this status for patches that were located during the scan but haven't been installed. | Non-Compliant +**`FAILED`** | The patch is approved in the baseline, but it couldn't be installed. To troubleshoot this situation, review the command output for information that might help you understand the problem. | Non-Compliant