Update sra-patch_mgmt-org-main-ssm.yaml

ThisIsHowieDeWitt · web-flow · commit c49eb9c6355b · 2024-05-23T15:10:24.000-04:00
diff --git a/aws_sra_examples/solutions/patch_mgmt/patch_mgmt_org/templates/sra-patch_mgmt-org-main-ssm.yaml b/aws_sra_examples/solutions/patch_mgmt/patch_mgmt_org/templates/sra-patch_mgmt-org-main-ssm.yaml
@@ -43,6 +43,53 @@ Metadata:
           - pControlTowerLifeCycleRuleName
           - pComplianceFrequency
 
+      - Label:
+          default: Patch Management Solution Properties
+        Parameters:
+          # Window 1
+          - pPatchMgmtMaintWindow1Name
+          - pPatchMgmtMaintWindow1Desc
+          - pPatchMgmtMaintWindow1Schedule
+          - pPatchMgmtMaintWindow1Duration
+          - pPatchMgmtMaintWindow1Cutoff
+          - pPatchMgmtMaintWindow1TZ
+          - pPatchMgmtTask1Name
+          - pPatchMgmtTask1Desc
+          - pPatchMgmtTask1Operation
+          - pPatchMgmtTask1RunCmd
+          - pPatchMgmtTarget1Name
+          - pPatchMgmtTarget1Desc
+          - pPatchMgmtTarget1Value1
+          - pPatchMgmtTarget1Value2
+          # Window 2
+          - pPatchMgmtMaintWindow2Name
+          - pPatchMgmtMaintWindow2Desc
+          - pPatchMgmtMaintWindow2Schedule
+          - pPatchMgmtMaintWindow2Duration
+          - pPatchMgmtMaintWindow2Cutoff
+          - pPatchMgmtMaintWindow2TZ
+          - pPatchMgmtTask2Name
+          - pPatchMgmtTask2Desc
+          - pPatchMgmtTask2Operation
+          - pPatchMgmtTask2RunCmd
+          - pPatchMgmtTarget2Name
+          - pPatchMgmtTarget2Desc
+          - pPatchMgmtTarget2Value1
+          # Window 3
+          - pPatchMgmtMaintWindow3Name
+          - pPatchMgmtMaintWindow3Desc
+          - pPatchMgmtMaintWindow3Schedule
+          - pPatchMgmtMaintWindow3Duration
+          - pPatchMgmtMaintWindow3Cutoff
+          - pPatchMgmtMaintWindow3TZ
+          - pPatchMgmtTask3Name
+          - pPatchMgmtTask3Desc
+          - pPatchMgmtTask3Operation
+          - pPatchMgmtTask3RunCmd
+          - pPatchMgmtTarget3Name
+          - pPatchMgmtTarget3Desc
+          - pPatchMgmtTarget3Value1
+
     ParameterLabels:
       pAuditAccountId:
         default: Audit Account ID
@@ -74,7 +121,7 @@ Metadata:
         default: SRA Solution Version
       pSRAStagingS3BucketName:
         default: SRA Staging S3 Bucket Name
-      # Window 1
+      # Window 1 - main title of parameter
       pPatchMgmtMaintWindow1Name:
         default: Patch Management Maintenance Window 1 Name
       pPatchMgmtMaintWindow1Desc:
@@ -103,7 +150,7 @@ Metadata:
         default: Patch Management Target 1 Value 1
       pPatchMgmtTarget1Value2:
         default: Patch Management Target 1 Value 2
-      # Window 2
+      # Window 2 - main title of parameter
       pPatchMgmtMaintWindow2Name:
         default: Patch Management Maintenance Window 2 Name
       pPatchMgmtMaintWindow2Desc:
@@ -130,7 +177,7 @@ Metadata:
         default: Patch Management Target 2 Description
       pPatchMgmtTarget2Value1:
         default: Patch Management Target 2 Value 1
-      # Window 3
+      # Window 3 - main title of parameter
       pPatchMgmtMaintWindow3Name:
         default: Patch Management Maintenance Window 3 Name
       pPatchMgmtMaintWindow3Desc:
@@ -263,167 +310,167 @@ Parameters:
     Default: v1.0
     Description: The SRA solution version. Used to trigger updates on the nested StackSets.
     Type: String
-  # Window 1
+  # Window 1 - parameter sub-description and default value
   pPatchMgmtMaintWindow1Name:
-    Description: Patch Management Maintenance Window 1 Name
+    Description: Name for first Maintenance Window
     Default: Update_SSM
     Type: String
   pPatchMgmtMaintWindow1Desc:
-    Description: Patch Management Maintenance Window 1 Description
-    Default: Maintenance Window update the SSM Agent on managed Instances
+    Description: Description for first Maintenance Window
+    Default: Maintenance Window To Update The SSM Agent On Managed Instances
     Type: String
   pPatchMgmtMaintWindow1Schedule:
-    Description: Patch Management Maintenance Window 1 schedule
-    Default: "cron(0 0 1 ? * THU *)"
+    Description: Scheduled start time of the first Maintenance Window
+    Default: "cron(0 0 1 ? * WED *)"
     Type: String
   pPatchMgmtMaintWindow1Duration:
-    Description: Patch Management Maintenance Window 1 Duration (hrs)
+    Description: Duration (hours) of the Maintenance Window
     Default: 6
     Type: Number
   pPatchMgmtMaintWindow1Cutoff:
-    Description: Stop initiating tasks before maintenance window ends (hrs)
+    Description: Stop initiating tasks (hours) before maintenance window ends
     Default: 1
     Type: Number
   pPatchMgmtMaintWindow1TZ:
     Description: Patch Management Maintenance Window 1 Timezone
     Default: America/New_York
     Type: String
   pPatchMgmtTask1Name:
-    Description: Patch Management Task 1 Name
+    Description: Name of the first Task to Update SSM Agent
     Type: String
-    Default: Update_SSMAgent
+    Default: Update SSMAgent On Managed Instances
   pPatchMgmtTask1Desc:
-    Description: Patch Management Task 1 Description
-    Default: Task to update SSM Agent on all managed Instances
+    Description: Description of the Task to Update SSM Agent
+    Default: Task To Update SSMAgent On Managed Instances
     Type: String
   pPatchMgmtTask1Operation:
-    Description: Patch Management Task 1 Operation
+    Description: Patch Management Task 1 Operation (Scan Only, or Install Patches)
     Default: Scan
     Type: String
   pPatchMgmtTask1RunCmd:
     Description: Patch Management Task 1 Run Command
     Default: AWS-UpdateSSMAgent
     Type: String
   pPatchMgmtTarget1Name:
-    Description: Patch Management Target 1 Name
-    Default: AWS-UpdateSSMAgent
+    Description: Name of Target Group for first Maintenance Window
+    Default: Targets To Update SSMAgent On Managed Instances
     Type: String
   pPatchMgmtTarget1Desc:
-    Description: Patch Management Target 1 Description
-    Default: Targets to run the command to update SSM Agent
+    Description: Description of Target Group for first Maintenance Window
+    Default: Targets To Update SSMAgent On Managed Instances
     Type: String
   pPatchMgmtTarget1Value1:
-    Description: Patch Management Tag Value of Target group 1
+    Description: Patch Management Tag 1 Value of Target
     Default: Linux
     Type: String
   pPatchMgmtTarget1Value2:
-    Description: Patch Management Tag Value of Target group 1
+    Description: Patch Management Tag 2 Value of Target
     Default: Windows
     Type: String
-  # Window 2
+  # Window 2 - parameter sub-description and default value
   pPatchMgmtMaintWindow2Name:
-    Description: Patch Management Maintenance Window 2 Name
+    Description: Name for second Maintenance Window
     Default: Windows_Scan
     Type: String
   pPatchMgmtMaintWindow2Desc:
-    Description: Patch Management Maintenance Window Description
+    Description: Description for second Maintenance Window
     Default: Maintenance Window to scan Windows Instances
     Type: String
   pPatchMgmtMaintWindow2Schedule:
-    Description: Patch Management Maintenance Window 2 schedule
-    Default: "cron(0 0 1 ? * WED *)"
+    Description: Scheduled start time of the second Maintenance Window
+    Default: "cron(0 0 1 ? * THU *)"
     Type: String
   pPatchMgmtMaintWindow2Duration:
-    Description: Patch Management Maintenance Window 2 Duration (hrs)
+    Description: Duration (hours) of the Maintenance Window
     Default: 6
     Type: Number
   pPatchMgmtMaintWindow2Cutoff:
-    Description: Stop initiating tasks before maintenance window ends (hrs)
+    Description: Stop initiating tasks (hours) before maintenance window ends
     Default: 1
     Type: Number
   pPatchMgmtMaintWindow2TZ:
     Description: Patch Management Maintenance Window 2 Timezone
     Default: America/New_York
     Type: String
   pPatchMgmtTask2Name:
-    Description: Patch Management Task 2 Name
+    Description: Name of the first Task to Scan Windows
     Type: String
-    Default: Windows_Scan
+    Default: Scan For Patches On Managed Windows Instances
   pPatchMgmtTask2Desc:
-    Description: Patch Management Task 2 Description
-    Default: Task to scan Windows Instances
+    Description: Description of the Task to Scan for Windows Patches
+    Default: Task To Scan For Patches On Managed Windows Instances
     Type: String
   pPatchMgmtTask2Operation:
-    Description: Patch Management Task 2 Operation
+    Description: Patch Management Task 2 Operation (Scan Only, or Install Patches)
     Default: Scan
     Type: String
   pPatchMgmtTask2RunCmd:
     Description: Patch Management Task 2 Run Command
     Default: AWS-RunPatchBaseline
     Type: String
   pPatchMgmtTarget2Name:
-    Description: Patch Management Target 2 Name
-    Default: AWS-RunPatchBaseline
+    Description: Name of Target Group for second Maintenance Window
+    Default: Targets To Scan For Windows Updates On Managed Instances
     Type: String
   pPatchMgmtTarget2Desc:
     Description: Patch Management Target 2 Description
-    Default: Targets to run the command to scan for Windows updates
+    Default: Targets To Scan For Windows Updates On Managed Instances
     Type: String
   pPatchMgmtTarget2Value1:
-    Description: Patch Management Tag Value of Target group 2
+    Description: Patch Management Tag Value of Target
     Default: Windows
     Type: String
-  # Window 3
+  # Window 3 - parameter sub-description and default value
   pPatchMgmtMaintWindow3Name:
-    Description: Patch Management Maintenance Window 3 Name
+    Description: Name for third Maintenance Window
     Default: Linux_Scan
     Type: String
   pPatchMgmtMaintWindow3Desc:
-    Description: Patch Management Maintenance Window 3 Description
-    Default: Maintenance Window scan Linux Instances
+    Description: Description for third Maintenance Window
+    Default: Maintenance Window to scan Linux Instances
     Type: String
   pPatchMgmtMaintWindow3Schedule:
-    Description: Patch Management Maintenance Window 3 schedule
+    Description: Scheduled start time of the third Maintenance Window
     Default: "cron(0 0 1 ? * FRI *)"
     Type: String
   pPatchMgmtMaintWindow3Duration:
-    Description: Patch Management Maintenance Window 3 Duration (hrs)
+    Description: Duration (hours) of the Maintenance Window
     Default: 6
     Type: Number
   pPatchMgmtMaintWindow3Cutoff:
-    Description: Stop initiating tasks before maintenance window ends (hrs)
+    Description: Stop initiating tasks (hours) before maintenance window ends
     Default: 1
     Type: Number
   pPatchMgmtMaintWindow3TZ:
     Description: Patch Management Maintenance Window 3 Timezone
     Default: America/New_York
     Type: String
   pPatchMgmtTask3Name:
-    Description: Patch Management Task 3 Name
+    Description: Name of the third Task to Scan Linux
     Type: String
-    Default: Linux_Scan
+    Default: Scan For Patches On Managed Linux Instances
   pPatchMgmtTask3Desc:
     Description: Patch Management Task 3 Description
-    Default: Task to scan Windows Instances
+    Default: Task To Scan For Patches On Managed Linux Instances
     Type: String
   pPatchMgmtTask3Operation:
-    Description: Patch Management Task 3 Operation
+    Description: Patch Management Task 3 Operation (Scan Only, or Install Patches)
     Default: Scan
     Type: String
   pPatchMgmtTask3RunCmd:
     Description: Patch Management Task 3 Run Command
     Default: AWS-RunPatchBaseline
     Type: String
   pPatchMgmtTarget3Name:
-    Description: Patch Management Target 3 Name
-    Default: AWS-RunPatchBaseline
+    Description: Name of Target Group for third Maintenance Window
+    Default: Targets To Scan For Linux Updates On Managed Instances
     Type: String
   pPatchMgmtTarget3Desc:
     Description: Patch Management Target 3 Description
-    Default: Targets to run the command to scan for Linux updates
+    Default: Targets To Scan For Linux Updates On Managed Instances
     Type: String
   pPatchMgmtTarget3Value1:
-    Description: Patch Management Tag Value of Target group 3
+    Description: Patch Management Tag Value of Target
     Default: Linux
     Type: String
 
@@ -527,7 +574,7 @@ Resources:
         pPatchMgmtMaintWindow3TZ: !Ref pPatchMgmtMaintWindow3TZ
         pPatchMgmtTask3Name: !Ref pPatchMgmtTask3Name
         pPatchMgmtTask3Desc: !Ref pPatchMgmtTask3Desc
-        pPatchMgmtTask2Operation: !Ref pPatchMgmtTask2Operation
+        pPatchMgmtTask3Operation: !Ref pPatchMgmtTask3Operation
         pPatchMgmtTask3RunCmd: !Ref pPatchMgmtTask3RunCmd
         pPatchMgmtTarget3Name: !Ref pPatchMgmtTarget3Name
         pPatchMgmtTarget3Desc: !Ref pPatchMgmtTarget3Desc
