๐ผ 4.12 Ensure the Latest Operating System Updates Are Installed On Your Virtual Machines in All Projects - Level 2 (Manual)
- Contextual name: ๐ผ 4.12 Ensure the Latest Operating System Updates Are Installed On Your Virtual Machines in All Projects - Level 2 (Manual)
- ID:
/frameworks/cis-gcp-v1.3.0/04/12 - Located in: ๐ผ 4 Virtual Machines
Descriptionโ
For the virtual machines where you manage the operating system in Infrastructure as a Service (IaaS), you are responsible for keeping these operating systems and programs up to date. There are multiple ways to manage updates yourself that would be difficult to fit into one recommendation. Check the CIS Benchmarks for each of your Operating Systems as well for potential solutions there. In this recommendation we will use a feature in Google Cloud via its VM manager API to manage updates called Operating System Patch Management (referred to OS Patch Management from here on out). This may requires installing the OS Config API if it is not already installed. Also if you install custom operating systems, they may not functionally support the local OS config agent required to gather operating system patch information and issue update commands. These update commands are the default Linux and Windows commands to install updates such as yum or apt. This feature allows for a central management to issue those commands. OS Patch management also does not host the updates itself, so your VMs will need to be public or be able to access the internet. This is not the only Patch Management solution available to your organization and you should weigh your needs before committing to using this.
Similarโ
- Internal
- ID:
dec-c-a898b682
- ID:
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|