Navigate to Systems Manager Patch Manager
Scan for Patching Compliance
Click the Configure patching button
Specify instances by selecting Enter instance tags
Enter Name for Tag key
Enter Lab App host for Tag Value - Case Sensitive
Click Add - If you don’t click add, this won’t work
Select Skip scheduling and patch instances now
Select Scan only under Patching operation
Click Configure patching button
Click View details button at the top
You should now see two instances being scanned for patches. If you don’t see any targets, repeat the previous steps and ensure the tags match your instances.
Check Compliance Status
You will see information displayed about the missing patches aligned to the default patching baselines for Amazon Linux 2. For the default baseline, all instances should have Critical and Important Security fixes and all Bugfixes older than 7 days. You now have information to apply patches via Patch Manager if required. You now have awareness of your workload’s patching status and the ability to resolve an issues.