AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Class: Aws::SSM::Types::BaselineOverride

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb

Overview

Note:

When making an API call, you may pass BaselineOverride data as a hash:

{
  operating_system: "WINDOWS", # accepts WINDOWS, AMAZON_LINUX, AMAZON_LINUX_2, UBUNTU, REDHAT_ENTERPRISE_LINUX, SUSE, CENTOS, ORACLE_LINUX, DEBIAN, MACOS, RASPBIAN
  global_filters: {
    patch_filters: [ # required
      {
        key: "ARCH", # required, accepts ARCH, ADVISORY_ID, BUGZILLA_ID, PATCH_SET, PRODUCT, PRODUCT_FAMILY, CLASSIFICATION, CVE_ID, EPOCH, MSRC_SEVERITY, NAME, PATCH_ID, SECTION, PRIORITY, REPOSITORY, RELEASE, SEVERITY, SECURITY, VERSION
        values: ["PatchFilterValue"], # required
      },
    ],
  },
  approval_rules: {
    patch_rules: [ # required
      {
        patch_filter_group: { # required
          patch_filters: [ # required
            {
              key: "ARCH", # required, accepts ARCH, ADVISORY_ID, BUGZILLA_ID, PATCH_SET, PRODUCT, PRODUCT_FAMILY, CLASSIFICATION, CVE_ID, EPOCH, MSRC_SEVERITY, NAME, PATCH_ID, SECTION, PRIORITY, REPOSITORY, RELEASE, SEVERITY, SECURITY, VERSION
              values: ["PatchFilterValue"], # required
            },
          ],
        },
        compliance_level: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, UNSPECIFIED
        approve_after_days: 1,
        approve_until_date: "PatchStringDateTime",
        enable_non_security: false,
      },
    ],
  },
  approved_patches: ["PatchId"],
  approved_patches_compliance_level: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, UNSPECIFIED
  rejected_patches: ["PatchId"],
  rejected_patches_action: "ALLOW_AS_DEPENDENCY", # accepts ALLOW_AS_DEPENDENCY, BLOCK
  approved_patches_enable_non_security: false,
  sources: [
    {
      name: "PatchSourceName", # required
      products: ["PatchSourceProduct"], # required
      configuration: "PatchSourceConfiguration", # required
    },
  ],
}

Defines the basic information about a patch baseline override.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#approval_rulesTypes::PatchRuleGroup

A set of rules defining the approval rules for a patch baseline.



1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1663

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#approved_patchesArray<String>

A list of explicitly approved patches for the baseline.

For information about accepted formats for lists of approved patches and rejected patches, see About package name formats for approved and rejected patch lists in the Amazon Web Services Systems Manager User Guide.

Returns:

  • (Array<String>)


1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1663

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#approved_patches_compliance_levelString

Defines the compliance level for approved patches. When an approved patch is reported as missing, this value describes the severity of the compliance violation.

Returns:

  • (String)


1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1663

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#approved_patches_enable_non_securityBoolean

Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes. The default value is false. Applies to Linux managed nodes only.

Returns:

  • (Boolean)


1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1663

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#global_filtersTypes::PatchFilterGroup

A set of patch filters, typically used for approval rules.



1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1663

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#operating_systemString

The operating system rule used by the patch baseline override.

Returns:

  • (String)


1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1663

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#rejected_patchesArray<String>

A list of explicitly rejected patches for the baseline.

For information about accepted formats for lists of approved patches and rejected patches, see About package name formats for approved and rejected patch lists in the Amazon Web Services Systems Manager User Guide.

Returns:

  • (Array<String>)


1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1663

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#rejected_patches_actionString

The action for Patch Manager to take on patches included in the RejectedPackages list. A patch can be allowed only if it is a dependency of another package, or blocked entirely along with packages that include it as a dependency.

Returns:

  • (String)


1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1663

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end

#sourcesArray<Types::PatchSource>

Information about the patches to use to update the managed nodes, including target operating systems and source repositories. Applies to Linux managed nodes only.

Returns:



1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
# File 'gems/aws-sdk-ssm/lib/aws-sdk-ssm/types.rb', line 1663

class BaselineOverride < Struct.new(
  :operating_system,
  :global_filters,
  :approval_rules,
  :approved_patches,
  :approved_patches_compliance_level,
  :rejected_patches,
  :rejected_patches_action,
  :approved_patches_enable_non_security,
  :sources)
  SENSITIVE = []
  include Aws::Structure
end