I'm having auto-scaling group in AWS from where I start new ECS (Amazon ECS-optimized Linux) instances. I'm wondering if could apply latest security updates automatically during instance launch?
So in practice can I run "sudo yum update --security" automatically at startup? I've tried to place that command under "User Data" but without real success.
Or is it preferred way that I do this manually periodically and build new AMI?
It is not working in user data because this is a interactive command. Use below command in user data and it will work.
sudo yum update --security -y