Class: Aws::SSM::Types::BaselineOverride

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb

Overview

Note:

When making an API call, you may pass BaselineOverride data as a hash:

{
  operating_system: "WINDOWS", # accepts WINDOWS, AMAZON_LINUX, AMAZON_LINUX_2, UBUNTU, REDHAT_ENTERPRISE_LINUX, SUSE, CENTOS, ORACLE_LINUX, DEBIAN, MACOS
  global_filters: {
    patch_filters: [ # required
      {
        key: "ARCH", # required, accepts ARCH, ADVISORY_ID, BUGZILLA_ID, PATCH_SET, PRODUCT, PRODUCT_FAMILY, CLASSIFICATION, CVE_ID, EPOCH, MSRC_SEVERITY, NAME, PATCH_ID, SECTION, PRIORITY, REPOSITORY, RELEASE, SEVERITY, SECURITY, VERSION
        values: ["PatchFilterValue"], # required
      },
    ],
  },
  approval_rules: {
    patch_rules: [ # required
      {
        patch_filter_group: { # required
          patch_filters: [ # required
            {
              key: "ARCH", # required, accepts ARCH, ADVISORY_ID, BUGZILLA_ID, PATCH_SET, PRODUCT, PRODUCT_FAMILY, CLASSIFICATION, CVE_ID, EPOCH, MSRC_SEVERITY, NAME, PATCH_ID, SECTION, PRIORITY, REPOSITORY, RELEASE, SEVERITY, SECURITY, VERSION
              values: ["PatchFilterValue"], # required
            },
          ],
        },
        compliance_level: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, UNSPECIFIED
        approve_after_days: 1,
        approve_until_date: "PatchStringDateTime",
        enable_non_security: false,
      },
    ],
  },
  approved_patches: ["PatchId"],
  approved_patches_compliance_level: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, UNSPECIFIED
  rejected_patches: ["PatchId"],
  rejected_patches_action: "ALLOW_AS_DEPENDENCY", # accepts ALLOW_AS_DEPENDENCY, BLOCK
  approved_patches_enable_non_security: false,
  sources: [
    {
      name: "PatchSourceName", # required
      products: ["PatchSourceProduct"], # required
      configuration: "PatchSourceConfiguration", # required
    },
  ],
}

Defines the basic information about a patch baseline override.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#approval_rulesTypes::PatchRuleGroup

A set of rules defining the approval rules for a patch baseline.



1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1665

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#approved_patchesArray<String>

A list of explicitly approved patches for the baseline.

For information about accepted formats for lists of approved patches and rejected patches, see About package name formats for approved and rejected patch lists in the Amazon Web Services Systems Manager User Guide.

Returns:

  • (Array<String>)


1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1665

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#approved_patches_compliance_levelString

Defines the compliance level for approved patches. When an approved patch is reported as missing, this value describes the severity of the compliance violation.

Returns:

  • (String)


1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1665

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#approved_patches_enable_non_securityBoolean

Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is false. Applies to Linux instances only.

Returns:

  • (Boolean)


1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1665

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#global_filtersTypes::PatchFilterGroup

A set of patch filters, typically used for approval rules.



1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1665

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#operating_systemString

The operating system rule used by the patch baseline override.

Returns:

  • (String)


1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1665

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#rejected_patchesArray<String>

A list of explicitly rejected patches for the baseline.

For information about accepted formats for lists of approved patches and rejected patches, see About package name formats for approved and rejected patch lists in the Amazon Web Services Systems Manager User Guide.

Returns:

  • (Array<String>)


1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1665

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#rejected_patches_actionString

The action for Patch Manager to take on patches included in the RejectedPackages list. A patch can be allowed only if it is a dependency of another package, or blocked entirely along with packages that include it as a dependency.

Returns:

  • (String)


1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1665

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#sourcesArray<Types::PatchSource>

Information about the patches to use to update the instances, including target operating systems and source repositories. Applies to Linux instances only.

Returns:



1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1665

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end