PatchRule - AWS Systems Manager

PatchRule

Defines an approval rule for a patch baseline.

Contents

PatchFilterGroup

The patch filter group that defines the criteria for the rule.

Type: PatchFilterGroup object

Required: Yes

ApproveAfterDays

The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. For example, a value of 7 means that patches are approved seven days after they are released. Not supported on Debian Server or Ubuntu Server.

Type: Integer

Valid Range: Minimum value of 0. Maximum value of 360.

Required: No

ApproveUntilDate

The cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically. Not supported on Debian Server or Ubuntu Server.

Enter dates in the format YYYY-MM-DD. For example, 2021-12-31.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 10.

Required: No

ComplianceLevel

A compliance severity level for all approved patches in a patch baseline.

Type: String

Valid Values: CRITICAL | HIGH | MEDIUM | LOW | INFORMATIONAL | UNSPECIFIED

Required: No

EnableNonSecurity

For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is false. Applies to Linux managed nodes only.

Type: Boolean

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: