Automation Artifacts for Patching Meltdown/Spectre

Rackspace has developed several Amazon Systems Manager documents to help automate patching and AMI generation tasks. For customers seeking to patch their instances or Auto-Scaling Groups against the January 2018 Meltdown and Spectre vulnerabilities, particularly useful documents are listed below. These can be leveraged as part of the process described in the Patching Guide for Amazon EC2 to patch vulnerable instances in place, or to generate patched AMIs from existing instances or AMIs.

Customers can download these from the direct links below.

1. FAWS-MeltdownSpectre-PatchRunningWinLinuxEC2

   • Checks for presence of meltdown/spectre patch for Windows and Linux machines. Optionally apply patches also.

2. FAWS-MeltdownSpectre-PatchLinuxAMI

   • Creates new patched AMI (Spectre/Meltdown) from Linux source AMI

3. FAWS-MeltdownSpectre-PatchWindowsAMI

   • Creates new patched AMI (Spectre/Meltdown) from Windows source AMI

4. FAWS-MeltdownSpectre-PatchLinuxEC2toAMI

   • Creates new patched AMI (Spectre/Meltdown) from running EC2 instance

5. FAWS-MeltdownSpectre-PatchWindowsEC2toAMI

   • Creates new patched AMI (Spectre/Meltdown) from running Windows EC2 instance