Best practices for keeping EC2 Ubuntu machines updated
The unattended-upgrades package is the standard way to automatically apply important bug fixes and security patches in Ubuntu.
I recommend installing this on every Ubuntu system:
sudo apt-get update &&
sudo apt-get install unattended-upgrades
You don't need to create your own cron job. The package installs one for you.
You can edit the default configuration if you'd like to alter its behavior: https://help.ubuntu.com/lts/serverguide/automatic-updates.html