AWS Certified SysOps Administrator – Associate (legacy) — Question 584

A company has an application running on a fleet of Microsoft Windows instances. Patches to the operating system need to be applied each month. AWS Systems
Manager Patch Manager is used to apply the patches on a schedule.
When the fleet is being patched, customers complain about delayed service responses.
What can be done to ensure patches are deployed with MINIMAL customer impact?

Answer options

• A. Change the number of instances patched at any one time to 100%.
• B. Create a snapshot of each server in the fleet using a Systems Manager Automation document before starting the patch process.
• C. Configure the maintenance window to patch 10% of the instances in the patch group at a time.
• D. Create a patched Amazon Machine Image (AMI). Configure the maintenance window option to deploy the patched AMI on only 10% of the fleet at a time.

Correct answer: C

Explanation

Configuring the maintenance window to patch only 10% of the instances at a time ensures that the remaining 90% of the fleet is available to handle customer traffic, minimizing performance impact. Patching 100% of the instances at once would cause complete service disruption, and taking snapshots does not address the performance degradation during patching. Option D is incorrect because AWS Systems Manager Patch Manager is designed for direct patching of instances, not for orchestrating AMI-based rolling deployments.