I have a few hundred EC2 servers running. How do I do patch management across those servers? I am looking for an alternative to AWS Systems Manager. I also am looking for a way to execute other commands in these instances at scale (updating firewall rules for example). Is ansible a good tool for this?
You can define the instances and run playbooks that have what you need to update or run commands on all of in instances (can be done in batches too).