AWS Partners Prepare For Security Patch System Reboot

Amazon Web Services surprised its users and partners on Wednesday by sending out sudden and unexpected notices alerting them of an impending system reboot to install a set of security patches.

Amazon has not provided specific information about the updates to be performed, but the IaaS leader's emails to partners came within a day of the discovery of Shellshock, a vulnerability to Linux, Unix and Mac OS X systems that takes advantage of a flaw in Bourne-Again Shell or Bash.

Notifications Amazon sent to its partners that were obtained by CRN only state the maintenance "is to install a set of timely security and operational updates." They say the reboots could begin "as early as Friday" and continue throughout the week.

[ Related: Shellshock Bug Has Partners Bracing For Impact]

Sponsored post

Kevin RisonChu, director of systems and infrastructure at San Diego-based Digiteria, was one Amazon partner who told CRN he received such a notification. RisonChu said a third of all instances his company manages on behalf of clients will be affected by the reboot.

"Fortunately most of our client sites are configured with multiple EC2 instances in different availability zones behind an [Elastic Load Balances], so this reboot doesn't impact us as much as you might think," RisonChu told CRN. "We do have a couple of instances that are unique for whatever reason, but the maintenance window AWS has provided is within our established maintenance windows with our clients so again not a big issue."

The email RisonChu received Wednesday afternoon from Amazon said, "Each instance will experience a clean reboot and will be unavailable while the updates are applied to the underlying host. This generally takes no more than a few minutes to complete."

RisonChu said he found two aspects of the reboot particularly interesting.

One was the short notice given. The other was Amazon's insistence on doing the reboot in the specified timeframe with no option of stopping and then re-launching instances to avoid the maintenance update.

"Typically, the ability to start/stop or re-launch instances allows our operations team to coordinate a time based on our customers schedule, but with this maintenance, AWS made it sound like this was not an option," RisonChu said.