GetDeployablePatchSnapshotForInstance - AWS Systems Manager

GetDeployablePatchSnapshotForInstance

Retrieves the current snapshot for the patch baseline the managed node uses. This API is primarily used by the AWS-RunPatchBaseline Systems Manager document (SSM document).

Note

If you run the command locally, such as with the AWS Command Line Interface (AWS CLI), the system attempts to use your local AWS credentials and the operation fails. To avoid this, you can run the command in the AWS Systems Manager console. Use Run Command, a capability of AWS Systems Manager, with an SSM document that enables you to target a managed node with a script or command. For example, run the command using the AWS-RunShellScript document or the AWS-RunPowerShellScript document.

Request Syntax

{ "BaselineOverride": { "ApprovalRules": { "PatchRules": [ { "ApproveAfterDays": number, "ApproveUntilDate": "string", "ComplianceLevel": "string", "EnableNonSecurity": boolean, "PatchFilterGroup": { "PatchFilters": [ { "Key": "string", "Values": [ "string" ] } ] } } ] }, "ApprovedPatches": [ "string" ], "ApprovedPatchesComplianceLevel": "string", "ApprovedPatchesEnableNonSecurity": boolean, "GlobalFilters": { "PatchFilters": [ { "Key": "string", "Values": [ "string" ] } ] }, "OperatingSystem": "string", "RejectedPatches": [ "string" ], "RejectedPatchesAction": "string", "Sources": [ { "Configuration": "string", "Name": "string", "Products": [ "string" ] } ] }, "InstanceId": "string", "SnapshotId": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

BaselineOverride

Defines the basic information about a patch baseline override.

Type: BaselineOverride object

Required: No

InstanceId

The ID of the managed node for which the appropriate patch snapshot should be retrieved.

Type: String

Pattern: (^i-(\w{8}|\w{17})$)|(^mi-\w{17}$)

Required: Yes

SnapshotId

The snapshot ID provided by the user when running AWS-RunPatchBaseline.

Type: String

Length Constraints: Fixed length of 36.

Pattern: ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$

Required: Yes

Response Syntax

{ "InstanceId": "string", "Product": "string", "SnapshotDownloadUrl": "string", "SnapshotId": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

InstanceId

The managed node ID.

Type: String

Pattern: (^i-(\w{8}|\w{17})$)|(^mi-\w{17}$)

Product

Returns the specific operating system (for example Windows Server 2012 or Amazon Linux 2015.09) on the managed node for the specified patch snapshot.

Type: String

SnapshotDownloadUrl

A pre-signed Amazon Simple Storage Service (Amazon S3) URL that can be used to download the patch snapshot.

Type: String

SnapshotId

The user-defined snapshot ID.

Type: String

Length Constraints: Fixed length of 36.

Pattern: ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalServerError

An error occurred on the server side.

HTTP Status Code: 500

UnsupportedFeatureRequiredException

Patching for applications released by Microsoft is only available on EC2 instances and advanced instances. To patch applications released by Microsoft on on-premises servers and VMs, you must enable advanced instances. For more information, see Turning on the advanced-instances tier in the AWS Systems Manager User Guide.

HTTP Status Code: 400

UnsupportedOperatingSystem

The operating systems you specified isn't supported, or the operation isn't supported for the operating system.

HTTP Status Code: 400

Examples

Example

This example illustrates one usage of GetDeployablePatchSnapshotForInstance.

Sample Request

POST / HTTP/1.1 Host: ssm.us-east-2.amazonaws.com Accept-Encoding: identity Content-Length: 91 X-Amz-Target: AmazonSSM.GetDeployablePatchSnapshotForInstance Content-Type: application/x-amz-json-1.1 User-Agent: aws-cli/2.2.12 Python/3.8.8 Windows/10 exe/AMD64 prompt/off command/ssm.get-deployable-patch-snapshot-for-instance X-Amz-Date: 20240618T204500Z Authorization: AWS4-HMAC-SHA256 Credential=AKIAIOSFODNN7EXAMPLE/20240618/us-east-2/ssm/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=39c3b3042cd2aEXAMPLE { "InstanceId": "i-02573cafcfEXAMPLE", "SnapshotId": "a3f5ff34-9bc4-4d2c-a665-4d1c1EXAMPLE" }

Sample Response

{ "InstanceId": "i-02573cafcfEXAMPLE", "SnapshotId": "a3f5ff34-9bc4-4d2c-a665-4d1c1EXAMPLE", "Product": "AmazonLinux2018.03", "SnapshotDownloadUrl": "https://amzn-s3-demo-bucket.s3.us-east-2.amazonaws.com/b7d801675252464bEXAMPLE--truncated--" }

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: