AI-Driven Host Patching Compliance
- AWS
- Bedrock
- Lambda
- Slack
A compliance automation pipeline that keeps hosts patched without a human manually chasing every out-of-date package. AWS Bedrock analyses the relevant code and reviews the automated remediation steps, acting as an AI gate that sanity-checks the proposed change before it is ever surfaced to a person.
Lambda orchestrates the end-to-end flow, and the Slack API is used to reach out directly to the owning team for each package. The remediation itself is delivered as a pull request that applies the approved golden path, so owners review a concrete, standards-compliant change in their normal code-review workflow rather than a vague ticket.
Note: this was built as internal tooling, so the source code cannot be shown publicly. The architecture and behaviour described here are a deliberately high-level summary — many of the supporting tools, functions, and integrations are not described in full.
Highlights
- AWS Bedrock analyses code and reviews the automated remediation steps
- Lambda-orchestrated, event-driven compliance workflow
- Slack API outreach to notify and engage package owners directly
- Fixes shipped as golden-path pull requests for owner review
Architecture
Loading diagram…