AwsSsmComplianceSummary - Amazon Security Hub
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AwsSsmComplianceSummary

Provides the details about the compliance status for a patch.

Contents

ComplianceType

The type of resource for which the compliance was determined. For AwsSsmPatchCompliance, ComplianceType is Patch.

Type: String

Pattern: .*\S.*

Required: No

CompliantCriticalCount

For the patches that are compliant, the number that have a severity of CRITICAL.

Type: Integer

Required: No

CompliantHighCount

For the patches that are compliant, the number that have a severity of HIGH.

Type: Integer

Required: No

CompliantInformationalCount

For the patches that are compliant, the number that have a severity of INFORMATIONAL.

Type: Integer

Required: No

CompliantLowCount

For the patches that are compliant, the number that have a severity of LOW.

Type: Integer

Required: No

CompliantMediumCount

For the patches that are compliant, the number that have a severity of MEDIUM.

Type: Integer

Required: No

CompliantUnspecifiedCount

For the patches that are compliant, the number that have a severity of UNSPECIFIED.

Type: Integer

Required: No

ExecutionType

The type of execution that was used determine compliance.

Type: String

Pattern: .*\S.*

Required: No

NonCompliantCriticalCount

For the patch items that are noncompliant, the number of items that have a severity of CRITICAL.

Type: Integer

Required: No

NonCompliantHighCount

For the patches that are noncompliant, the number that have a severity of HIGH.

Type: Integer

Required: No

NonCompliantInformationalCount

For the patches that are noncompliant, the number that have a severity of INFORMATIONAL.

Type: Integer

Required: No

NonCompliantLowCount

For the patches that are noncompliant, the number that have a severity of LOW.

Type: Integer

Required: No

NonCompliantMediumCount

For the patches that are noncompliant, the number that have a severity of MEDIUM.

Type: Integer

Required: No

NonCompliantUnspecifiedCount

For the patches that are noncompliant, the number that have a severity of UNSPECIFIED.

Type: Integer

Required: No

OverallSeverity

The highest severity for the patches. Valid values are as follows:

  • CRITICAL

  • HIGH

  • MEDIUM

  • LOW

  • INFORMATIONAL

  • UNSPECIFIED

Type: String

Pattern: .*\S.*

Required: No

PatchBaselineId

The identifier of the patch baseline. The patch baseline lists the patches that are approved for installation.

Type: String

Pattern: .*\S.*

Required: No

PatchGroup

The identifier of the patch group for which compliance was determined. A patch group uses tags to group EC2 instances that should have the same patch compliance.

Type: String

Pattern: .*\S.*

Required: No

Status

The current patch compliance status. Valid values are as follows:

  • COMPLIANT

  • NON_COMPLIANT

  • UNSPECIFIED_DATA

Type: String

Pattern: .*\S.*

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: