-1

I'm wondering how the security updates for an Amazon Linux Ec2 instance were automatically applied.

Scenario:

  1. Used "Launch More Like This Instance" option on a Micro instance.
  2. Created a snapshot of the original instances root volume.
  3. Deleted the root device volume on the new instance.
  4. Created a new root volume from the snapshot of the original instance
  5. Mounted the new root volume onto the new instance as its root volume.

When I logged in to the new instance all of the needed security updates from the original instance were somehow applied to the new instance, even though it used the old instances snapshot as its root volume. How did the instance have all of the security updates installed since I used the snapshot of the old root device? Shouldn't the new root device match the old instance exactly since i used it's snapshot?

I went back and rebooted the original instance to verify that a reboot didn't somehow trigger the updates, but it did not.

JMC
  • 506
  • 6
  • 23

1 Answers1

1

On first boot, the Amazon Linux AMI installs from the package repositories any user space security updates that are rated critical or important, and it does so before before services, such as SSH, start.

http://aws.amazon.com/amazon-linux-ami/faqs/#auto_update

ceejayoz
  • 32,910
  • 7
  • 82
  • 106
  • Ok, so in this case I believe it happened because I used the "Launch More Like This instance option." I usually don't start instances from an Amazon Linux AMI thus no trigger of the first boot updates. Thanks – JMC Oct 22 '14 at 16:10