AWS greengrass documentation change
Summary
Added offline installation instructions for core22 snap in restricted networks
Security assessment
Added security-relevant documentation for air-gapped environments but doesn't address a specific vulnerability
Diff
diff --git a/greengrass/v2/developerguide/systems-manager-agent-component.md b/greengrass/v2/developerguide/systems-manager-agent-component.md index ef1ab4f0b..23e87ed6b 100644 --- a//greengrass/v2/developerguide/systems-manager-agent-component.md +++ b//greengrass/v2/developerguide/systems-manager-agent-component.md @@ -97,0 +98,16 @@ When you deploy this component, you must specify this role's name for the `SSMRe + * On Ubuntu devices using snap packaging, this component requires the `core22` base snap. If your device can reach `api.snapcraft.io`, `snap` downloads `core22` automatically. On restricted networks where the device cannot reach the snap store, manually install `core22` before you deploy this component: + + 1. Download the snap and its assertion from an internet-connected machine that has the same architecture as the target device: + + snap download core22 + + 2. Transfer the `.snap` and `.assert` files to the target device. + + 3. Acknowledge the assertion on the target device: + + sudo snap ack core22.assert + + 4. Install the snap on the target device: + + sudo snap install core22.snap +