A company has a production workload that runs on 1,000 Amazon EC2 Linux instances. The workload is powered by third-party software. The company needs to patch the third-party software on all EC2 instances as quickly as possible to remediate a critical security vulnerability.
What should a solutions architect do to meet these requirements?
A. Create an AWS Lambda function to apply the patch to all EC2 instances.
B. Configure AWS Systems Manager Patch Manager to apply the patch to all EC2 instances.
C. Schedule an AWS Systems Manager maintenance window to apply the patch to all EC2 instances.
D. Use AWS Systems Manager Run Command to run a custom command that applies the patch to all EC2 instances.
The best option to quickly patch the third-party software on all EC2 instances for a critical security vulnerability would be:
D. Use AWS Systems Manager Run Command to run a custom command that applies the patch to all EC2 instances.
AWS Systems Manager Run Command allows you to manage your AWS resources by automating common administrative tasks like running shell scripts or commands on an Amazon EC2 instance. This service will enable you to quickly run commands across an entire fleet of instances, making it a suitable choice for this scenario.
Please note that while AWS Systems Manager Patch Manager and maintenance windows can also patch instances, they are typically used for maintaining a regular patch compliance baseline rather than for immediate, one-off patching tasks. AWS Lambda is not typically used for patch management tasks on EC2 instances.