Which combination of actions will meet these requirements?
(Choose three.)
Add the physical machines into AWS Systems Manager using Systems Manager Hybrid Activations.
Attach an IAM role to the EC2 instances, allowing them to be managed by AWS Systems Manager.
Create IAM access keys for the on-premises machines to interact with AWS Systems Manager.
Run an AWS Systems Manager Automation document to patch the systems every hour
Use Amazon EventBridge scheduled events to schedule a patch window.
Use AWS Systems Manager Maintenance Windows to schedule a patch window.
Explanations:
Adding physical machines into AWS Systems Manager using Hybrid Activations allows the on-premises servers to be managed alongside AWS resources, enabling centralized patching.
Attaching an IAM role to the EC2 instances grants the necessary permissions for AWS Systems Manager to manage and interact with the EC2 instances, facilitating standardization in patch management.
Creating IAM access keys for on-premises machines is not necessary or recommended; instead, Systems Manager uses IAM roles and instances profiles for secure access management, not access keys.
Running an AWS Systems Manager Automation document to patch every hour does not adhere to the company policy of patching only during non-business hours, which requires scheduling.
While Amazon EventBridge scheduled events can trigger actions at specific times, they are not specifically designed to manage patching windows; hence, they do not directly address the requirement for standardized patching.
Using AWS Systems Manager Maintenance Windows allows the DevOps engineer to define a specific time frame for patching tasks, ensuring compliance with the company policy of performing patching during non-business hours.