AwsSsmComplianceSummary - AWS Security Hub

AwsSsmComplianceSummary

Provides the details about the compliance status for a patch.

Contents

ComplianceType

The type of resource for which the compliance was determined. For AwsSsmPatchCompliance, ComplianceType is Patch.

Type: String

Pattern: .*\S.*

Required: No

CompliantCriticalCount

For the patches that are compliant, the number that have a severity of CRITICAL.

Type: Integer

Required: No

CompliantHighCount

For the patches that are compliant, the number that have a severity of HIGH.

Type: Integer

Required: No

CompliantInformationalCount

For the patches that are compliant, the number that have a severity of INFORMATIONAL.

Type: Integer

Required: No

CompliantLowCount

For the patches that are compliant, the number that have a severity of LOW.

Type: Integer

Required: No

CompliantMediumCount

For the patches that are compliant, the number that have a severity of MEDIUM.

Type: Integer

Required: No

CompliantUnspecifiedCount

For the patches that are compliant, the number that have a severity of UNSPECIFIED.

Type: Integer

Required: No

ExecutionType

The type of execution that was used determine compliance.

Type: String

Pattern: .*\S.*

Required: No

NonCompliantCriticalCount

For the patch items that are noncompliant, the number of items that have a severity of CRITICAL.

Type: Integer

Required: No

NonCompliantHighCount

For the patches that are noncompliant, the number that have a severity of HIGH.

Type: Integer

Required: No

NonCompliantInformationalCount

For the patches that are noncompliant, the number that have a severity of INFORMATIONAL.

Type: Integer

Required: No

NonCompliantLowCount

For the patches that are noncompliant, the number that have a severity of LOW.

Type: Integer

Required: No

NonCompliantMediumCount

For the patches that are noncompliant, the number that have a severity of MEDIUM.

Type: Integer

Required: No

NonCompliantUnspecifiedCount

For the patches that are noncompliant, the number that have a severity of UNSPECIFIED.

Type: Integer

Required: No

OverallSeverity

The highest severity for the patches.

Type: String

Pattern: .*\S.*

Required: No

PatchBaselineId

The identifier of the patch baseline. The patch baseline lists the patches that are approved for installation.

Type: String

Pattern: .*\S.*

Required: No

PatchGroup

The identifier of the patch group for which compliance was determined. A patch group uses tags to group EC2 instances that should have the same patch compliance.

Type: String

Pattern: .*\S.*

Required: No

Status

The current patch compliance status.

The possible status values are:

  • COMPLIANT

  • NON_COMPLIANT

  • UNSPECIFIED_DATA

Type: String

Pattern: .*\S.*

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: