GetDeployablePatchSnapshotForInstance
Retrieves the current snapshot for the patch baseline the managed node uses. This API is
primarily used by the AWS-RunPatchBaseline
Systems Manager document (SSM document).
Note
If you run the command locally, such as with the AWS Command Line Interface (AWS CLI), the system attempts to use your local AWS credentials and the operation fails. To avoid
this, you can run the command in the AWS Systems Manager console. Use Run Command, a capability of
AWS Systems Manager, with an SSM document that enables you to target a managed node with a script or
command. For example, run the command using the AWS-RunShellScript
document or the
AWS-RunPowerShellScript
document.
Request Syntax
{
"BaselineOverride": {
"ApprovalRules": {
"PatchRules": [
{
"ApproveAfterDays": number
,
"ApproveUntilDate": "string
",
"ComplianceLevel": "string
",
"EnableNonSecurity": boolean
,
"PatchFilterGroup": {
"PatchFilters": [
{
"Key": "string
",
"Values": [ "string
" ]
}
]
}
}
]
},
"ApprovedPatches": [ "string
" ],
"ApprovedPatchesComplianceLevel": "string
",
"ApprovedPatchesEnableNonSecurity": boolean
,
"GlobalFilters": {
"PatchFilters": [
{
"Key": "string
",
"Values": [ "string
" ]
}
]
},
"OperatingSystem": "string
",
"RejectedPatches": [ "string
" ],
"RejectedPatchesAction": "string
",
"Sources": [
{
"Configuration": "string
",
"Name": "string
",
"Products": [ "string
" ]
}
]
},
"InstanceId": "string
",
"SnapshotId": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- BaselineOverride
-
Defines the basic information about a patch baseline override.
Type: BaselineOverride object
Required: No
- InstanceId
-
The ID of the managed node for which the appropriate patch snapshot should be retrieved.
Type: String
Pattern:
(^i-(\w{8}|\w{17})$)|(^mi-\w{17}$)
Required: Yes
- SnapshotId
-
The snapshot ID provided by the user when running
AWS-RunPatchBaseline
.Type: String
Length Constraints: Fixed length of 36.
Pattern:
^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$
Required: Yes
Response Syntax
{
"InstanceId": "string",
"Product": "string",
"SnapshotDownloadUrl": "string",
"SnapshotId": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- InstanceId
-
The managed node ID.
Type: String
Pattern:
(^i-(\w{8}|\w{17})$)|(^mi-\w{17}$)
- Product
-
Returns the specific operating system (for example Windows Server 2012 or Amazon Linux 2015.09) on the managed node for the specified patch snapshot.
Type: String
- SnapshotDownloadUrl
-
A pre-signed Amazon Simple Storage Service (Amazon S3) URL that can be used to download the patch snapshot.
Type: String
- SnapshotId
-
The user-defined snapshot ID.
Type: String
Length Constraints: Fixed length of 36.
Pattern:
^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$
Errors
For information about the errors that are common to all actions, see Common Errors.
- InternalServerError
-
An error occurred on the server side.
HTTP Status Code: 500
- UnsupportedFeatureRequiredException
-
Patching for applications released by Microsoft is only available on EC2 instances and advanced instances. To patch applications released by Microsoft on on-premises servers and VMs, you must enable advanced instances. For more information, see Turning on the advanced-instances tier in the AWS Systems Manager User Guide.
HTTP Status Code: 400
- UnsupportedOperatingSystem
-
The operating systems you specified isn't supported, or the operation isn't supported for the operating system.
HTTP Status Code: 400
Examples
Example
This example illustrates one usage of GetDeployablePatchSnapshotForInstance.
Sample Request
POST / HTTP/1.1
Host: ssm.us-east-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 91
X-Amz-Target: AmazonSSM.GetDeployablePatchSnapshotForInstance
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/2.2.12 Python/3.8.8 Windows/10 exe/AMD64 prompt/off command/ssm.get-deployable-patch-snapshot-for-instance
X-Amz-Date: 20240618T204500Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIOSFODNN7EXAMPLE/20240618/us-east-2/ssm/aws4_request,
SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=39c3b3042cd2aEXAMPLE
{
"InstanceId": "i-02573cafcfEXAMPLE",
"SnapshotId": "a3f5ff34-9bc4-4d2c-a665-4d1c1EXAMPLE"
}
Sample Response
{
"InstanceId": "i-02573cafcfEXAMPLE",
"SnapshotId": "a3f5ff34-9bc4-4d2c-a665-4d1c1EXAMPLE",
"Product": "AmazonLinux2018.03",
"SnapshotDownloadUrl": "https://amzn-s3-demo-bucket.s3.us-east-2.amazonaws.com/b7d801675252464bEXAMPLE--truncated--"
}
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: