I'm trying to retrieve patch compliance data for AWS ec2 instances using CLI or SDK under below limitations.
I need to retrieve from the master account for sub accounts ec2 instances(within AWS Organization)
The instances has to be limited only to the accounts and regions that are configured in "Quick Setup" in Systems Manager.
Tips ->
I need to retrieve whether the instances are compliant or non-compliant.
I can do this accountwise using ssm:ListComplianceItems but my requirement is to retrieve all accounts details from the Master account.
How to do in console ->
Navigate to Systems Manager console -> Explorer -> OpsData
Apply the correct filter
We can see all sub accounts compliance details.