Amazon Simple Systems Manager (SSM)

2018/02/06 - Amazon Simple Systems Manager (SSM) - 7 updated api methods

Changes  This Patch Manager release supports configuring Linux repos as part of patch baselines, controlling updates of non-OS security packages and also creating patch baselines for SUSE12

CreatePatchBaseline (updated) Link ¶
Changes (request)
{'ApprovalRules': {'PatchRules': {'EnableNonSecurity': 'boolean'}},
 'ApprovedPatchesEnableNonSecurity': 'boolean',
 'OperatingSystem': ['SUSE'],
 'Sources': [{'Configuration': 'string',
              'Name': 'string',
              'Products': ['string']}]}

Creates a patch baseline.

Note

For information about valid key and value pairs in PatchFilters for each supported operating system type, see PatchFilter .

See also: AWS API Documentation

Request Syntax

client.create_patch_baseline(
    OperatingSystem='WINDOWS'|'AMAZON_LINUX'|'UBUNTU'|'REDHAT_ENTERPRISE_LINUX'|'SUSE',
    Name='string',
    GlobalFilters={
        'PatchFilters': [
            {
                'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID'|'SECTION'|'PRIORITY'|'SEVERITY',
                'Values': [
                    'string',
                ]
            },
        ]
    },
    ApprovalRules={
        'PatchRules': [
            {
                'PatchFilterGroup': {
                    'PatchFilters': [
                        {
                            'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID'|'SECTION'|'PRIORITY'|'SEVERITY',
                            'Values': [
                                'string',
                            ]
                        },
                    ]
                },
                'ComplianceLevel': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
                'ApproveAfterDays': 123,
                'EnableNonSecurity': True|False
            },
        ]
    },
    ApprovedPatches=[
        'string',
    ],
    ApprovedPatchesComplianceLevel='CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
    ApprovedPatchesEnableNonSecurity=True|False,
    RejectedPatches=[
        'string',
    ],
    Description='string',
    Sources=[
        {
            'Name': 'string',
            'Products': [
                'string',
            ],
            'Configuration': 'string'
        },
    ],
    ClientToken='string'
)
type OperatingSystem

string

param OperatingSystem

Defines the operating system the patch baseline applies to. The Default value is WINDOWS.

type Name

string

param Name

[REQUIRED]

The name of the patch baseline.

type GlobalFilters

dict

param GlobalFilters

A set of global filters used to exclude patches from the baseline.

  • PatchFilters (list) -- [REQUIRED]

    The set of patch filters that make up the group.

    • (dict) --

      Defines a patch filter.

      A patch filter consists of key/value pairs, but not all keys are valid for all operating system types. For example, the key PRODUCT is valid for all supported operating system types. The key MSRC_SEVERITY , however, is valid only for Windows operating systems, and the key SECTION is valid only for Ubuntu operating systems.

      Refer to the following sections for information about which keys may be used with each major operating system, and which values are valid for each key.

      Windows Operating Systems

      The supported keys for Windows operating systems are PRODUCT , CLASSIFICATION , and MSRC_SEVERITY . See the following lists for valid values for each of these keys.

      Supported key: PRODUCT

      Supported values:

      • Windows7

      • Windows8

      • Windows8.1

      • Windows8Embedded

      • Windows10

      • Windows10LTSB

      • WindowsServer2008

      • WindowsServer2008R2

      • WindowsServer2012

      • WindowsServer2012R2

      • WindowsServer2016

      Supported key: CLASSIFICATION

      Supported values:

      • CriticalUpdates

      • DefinitionUpdates

      • Drivers

      • FeaturePacks

      • SecurityUpdates

      • ServicePacks

      • Tools

      • UpdateRollups

      • Updates

      • Upgrades

      Supported key: MSRC_SEVERITY

      Supported values:

      • Critical

      • Important

      • Moderate

      • Low

      • Unspecified

      Ubuntu Operating Systems

      The supported keys for Ubuntu operating systems are PRODUCT , PRIORITY , and SECTION . See the following lists for valid values for each of these keys.

      Supported key: PRODUCT

      Supported values:

      • Ubuntu14.04

      • Ubuntu16.04

      Supported key: PRIORITY

      Supported values:

      • Required

      • Important

      • Standard

      • Optional

      • Extra

      Supported key: SECTION

      Only the length of the key value is validated. Minimum length is 1. Maximum length is 64.

      Amazon Linux Operating Systems

      The supported keys for Amazon Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

      Supported key: PRODUCT

      Supported values:

      • AmazonLinux2012.03

      • AmazonLinux2012.09

      • AmazonLinux2013.03

      • AmazonLinux2013.09

      • AmazonLinux2014.03

      • AmazonLinux2014.09

      • AmazonLinux2015.03

      • AmazonLinux2015.09

      • AmazonLinux2016.03

      • AmazonLinux2016.09

      • AmazonLinux2017.03

      • AmazonLinux2017.09

      Supported key: CLASSIFICATION

      Supported values:

      • Security

      • Bugfix

      • Enhancement

      • Recommended

      • Newpackage

      Supported key: SEVERITY

      Supported values:

      • Critical

      • Important

      • Medium

      • Low

      RedHat Enterprise Linux (RHEL) Operating Systems

      The supported keys for RedHat Enterprise Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

      Supported key: PRODUCT

      Supported values:

      • RedhatEnterpriseLinux6.5

      • RedhatEnterpriseLinux6.6

      • RedhatEnterpriseLinux6.7

      • RedhatEnterpriseLinux6.8

      • RedhatEnterpriseLinux6.9

      • RedhatEnterpriseLinux7.0

      • RedhatEnterpriseLinux7.1

      • RedhatEnterpriseLinux7.2

      • RedhatEnterpriseLinux7.3

      • RedhatEnterpriseLinux7.4

      Supported key: CLASSIFICATION

      Supported values:

      • Security

      • Bugfix

      • Enhancement

      • Recommended

      • Newpackage

      Supported key: SEVERITY

      Supported values:

      • Critical

      • Important

      • Medium

      • Low

      SUSE Linux Enterprise Server (SUSE) Operating Systems

      The supported keys for SUSE operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

      Supported key: PRODUCT

      Supported values:

      • Suse12.0

      • Suse12.1

      • Suse12.2

      • Suse12.3

      • Suse12.4

      • Suse12.5

      • Suse12.6

      • Suse12.7

      • Suse12.8

      • Suse12.9

      Supported key: CLASSIFICATION

      Supported values:

      • Security

      • Recommended

      • Optional

      • Feature

      • Document

      • Yast

      Supported key: SEVERITY

      Supported values:

      • Critical

      • Important

      • Moderate

      • Low

      • Key (string) -- [REQUIRED]

        The key for the filter.

        See PatchFilter for lists of valid keys for each operating system type.

      • Values (list) -- [REQUIRED]

        The value for the filter key.

        See PatchFilter for lists of valid values for each key based on operating system type.

        • (string) --

type ApprovalRules

dict

param ApprovalRules

A set of rules used to include patches in the baseline.

  • PatchRules (list) -- [REQUIRED]

    The rules that make up the rule group.

    • (dict) --

      Defines an approval rule for a patch baseline.

      • PatchFilterGroup (dict) -- [REQUIRED]

        The patch filter group that defines the criteria for the rule.

        • PatchFilters (list) -- [REQUIRED]

          The set of patch filters that make up the group.

          • (dict) --

            Defines a patch filter.

            A patch filter consists of key/value pairs, but not all keys are valid for all operating system types. For example, the key PRODUCT is valid for all supported operating system types. The key MSRC_SEVERITY , however, is valid only for Windows operating systems, and the key SECTION is valid only for Ubuntu operating systems.

            Refer to the following sections for information about which keys may be used with each major operating system, and which values are valid for each key.

            Windows Operating Systems

            The supported keys for Windows operating systems are PRODUCT , CLASSIFICATION , and MSRC_SEVERITY . See the following lists for valid values for each of these keys.

            Supported key: PRODUCT

            Supported values:

            • Windows7

            • Windows8

            • Windows8.1

            • Windows8Embedded

            • Windows10

            • Windows10LTSB

            • WindowsServer2008

            • WindowsServer2008R2

            • WindowsServer2012

            • WindowsServer2012R2

            • WindowsServer2016

            Supported key: CLASSIFICATION

            Supported values:

            • CriticalUpdates

            • DefinitionUpdates

            • Drivers

            • FeaturePacks

            • SecurityUpdates

            • ServicePacks

            • Tools

            • UpdateRollups

            • Updates

            • Upgrades

            Supported key: MSRC_SEVERITY

            Supported values:

            • Critical

            • Important

            • Moderate

            • Low

            • Unspecified

            Ubuntu Operating Systems

            The supported keys for Ubuntu operating systems are PRODUCT , PRIORITY , and SECTION . See the following lists for valid values for each of these keys.

            Supported key: PRODUCT

            Supported values:

            • Ubuntu14.04

            • Ubuntu16.04

            Supported key: PRIORITY

            Supported values:

            • Required

            • Important

            • Standard

            • Optional

            • Extra

            Supported key: SECTION

            Only the length of the key value is validated. Minimum length is 1. Maximum length is 64.

            Amazon Linux Operating Systems

            The supported keys for Amazon Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

            Supported key: PRODUCT

            Supported values:

            • AmazonLinux2012.03

            • AmazonLinux2012.09

            • AmazonLinux2013.03

            • AmazonLinux2013.09

            • AmazonLinux2014.03

            • AmazonLinux2014.09

            • AmazonLinux2015.03

            • AmazonLinux2015.09

            • AmazonLinux2016.03

            • AmazonLinux2016.09

            • AmazonLinux2017.03

            • AmazonLinux2017.09

            Supported key: CLASSIFICATION

            Supported values:

            • Security

            • Bugfix

            • Enhancement

            • Recommended

            • Newpackage

            Supported key: SEVERITY

            Supported values:

            • Critical

            • Important

            • Medium

            • Low

            RedHat Enterprise Linux (RHEL) Operating Systems

            The supported keys for RedHat Enterprise Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

            Supported key: PRODUCT

            Supported values:

            • RedhatEnterpriseLinux6.5

            • RedhatEnterpriseLinux6.6

            • RedhatEnterpriseLinux6.7

            • RedhatEnterpriseLinux6.8

            • RedhatEnterpriseLinux6.9

            • RedhatEnterpriseLinux7.0

            • RedhatEnterpriseLinux7.1

            • RedhatEnterpriseLinux7.2

            • RedhatEnterpriseLinux7.3

            • RedhatEnterpriseLinux7.4

            Supported key: CLASSIFICATION

            Supported values:

            • Security

            • Bugfix

            • Enhancement

            • Recommended

            • Newpackage

            Supported key: SEVERITY

            Supported values:

            • Critical

            • Important

            • Medium

            • Low

            SUSE Linux Enterprise Server (SUSE) Operating Systems

            The supported keys for SUSE operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

            Supported key: PRODUCT

            Supported values:

            • Suse12.0

            • Suse12.1

            • Suse12.2

            • Suse12.3

            • Suse12.4

            • Suse12.5

            • Suse12.6

            • Suse12.7

            • Suse12.8

            • Suse12.9

            Supported key: CLASSIFICATION

            Supported values:

            • Security

            • Recommended

            • Optional

            • Feature

            • Document

            • Yast

            Supported key: SEVERITY

            Supported values:

            • Critical

            • Important

            • Moderate

            • Low

            • Key (string) -- [REQUIRED]

              The key for the filter.

              See PatchFilter for lists of valid keys for each operating system type.

            • Values (list) -- [REQUIRED]

              The value for the filter key.

              See PatchFilter for lists of valid values for each key based on operating system type.

              • (string) --

      • ComplianceLevel (string) --

        A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: Unspecified, Critical, High, Medium, Low, and Informational.

      • ApproveAfterDays (integer) -- [REQUIRED]

        The number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline.

      • EnableNonSecurity (boolean) --

        For instances identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is 'false'. Applies to Linux instances only.

type ApprovedPatches

list

param ApprovedPatches

A list of explicitly approved patches for the baseline.

  • (string) --

type ApprovedPatchesComplianceLevel

string

param ApprovedPatchesComplianceLevel

Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid compliance severity levels include the following: CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, UNSPECIFIED. The default value is UNSPECIFIED.

type ApprovedPatchesEnableNonSecurity

boolean

param ApprovedPatchesEnableNonSecurity

Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only.

type RejectedPatches

list

param RejectedPatches

A list of explicitly rejected patches for the baseline.

  • (string) --

type Description

string

param Description

A description of the patch baseline.

type Sources

list

param Sources

Information about the patches to use to update the instances, including target operating systems and source repositories. Applies to Linux instances only.

  • (dict) --

    Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only.

    • Name (string) -- [REQUIRED]

      The name specified to identify the patch source.

    • Products (list) -- [REQUIRED]

      The specific operating system versions a patch repository applies to, such as "Ubuntu16.04", "AmazonLinux2016.09", "RedhatEnterpriseLinux7.2" or "Suse12.7". For lists of supported product values, see PatchFilter .

      • (string) --

    • Configuration (string) -- [REQUIRED]

      The value of the yum repo configuration. For example:

      cachedir=/var/cache/yum/$basesearch

      $releasever

      keepcache=0

      debualevel=2

type ClientToken

string

param ClientToken

User-provided idempotency token.

This field is autopopulated if not provided.

rtype

dict

returns

Response Syntax

{
    'BaselineId': 'string'
}

Response Structure

  • (dict) --

    • BaselineId (string) --

      The ID of the created patch baseline.

DescribePatchBaselines (updated) Link ¶
Changes (response)
{'BaselineIdentities': {'OperatingSystem': ['SUSE']}}

Lists the patch baselines in your AWS account.

See also: AWS API Documentation

Request Syntax

client.describe_patch_baselines(
    Filters=[
        {
            'Key': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    MaxResults=123,
    NextToken='string'
)
type Filters

list

param Filters

Each element in the array is a structure containing:

Key: (string, "NAME_PREFIX" or "OWNER")

Value: (array of strings, exactly 1 entry, between 1 and 255 characters)

  • (dict) --

    Defines a filter used in Patch Manager APIs.

    • Key (string) --

      The key for the filter.

    • Values (list) --

      The value for the filter.

      • (string) --

type MaxResults

integer

param MaxResults

The maximum number of patch baselines to return (per page).

type NextToken

string

param NextToken

The token for the next set of items to return. (You received this token from a previous call.)

rtype

dict

returns

Response Syntax

{
    'BaselineIdentities': [
        {
            'BaselineId': 'string',
            'BaselineName': 'string',
            'OperatingSystem': 'WINDOWS'|'AMAZON_LINUX'|'UBUNTU'|'REDHAT_ENTERPRISE_LINUX'|'SUSE',
            'BaselineDescription': 'string',
            'DefaultBaseline': True|False
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • BaselineIdentities (list) --

      An array of PatchBaselineIdentity elements.

      • (dict) --

        Defines the basic information about a patch baseline.

        • BaselineId (string) --

          The ID of the patch baseline.

        • BaselineName (string) --

          The name of the patch baseline.

        • OperatingSystem (string) --

          Defines the operating system the patch baseline applies to. The Default value is WINDOWS.

        • BaselineDescription (string) --

          The description of the patch baseline.

        • DefaultBaseline (boolean) --

          Whether this is the default baseline. Note that Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.

    • NextToken (string) --

      The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.

DescribePatchGroups (updated) Link ¶
Changes (response)
{'Mappings': {'BaselineIdentity': {'OperatingSystem': ['SUSE']}}}

Lists all patch groups that have been registered with patch baselines.

See also: AWS API Documentation

Request Syntax

client.describe_patch_groups(
    MaxResults=123,
    Filters=[
        {
            'Key': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    NextToken='string'
)
type MaxResults

integer

param MaxResults

The maximum number of patch groups to return (per page).

type Filters

list

param Filters

One or more filters. Use a filter to return a more specific list of results.

  • (dict) --

    Defines a filter used in Patch Manager APIs.

    • Key (string) --

      The key for the filter.

    • Values (list) --

      The value for the filter.

      • (string) --

type NextToken

string

param NextToken

The token for the next set of items to return. (You received this token from a previous call.)

rtype

dict

returns

Response Syntax

{
    'Mappings': [
        {
            'PatchGroup': 'string',
            'BaselineIdentity': {
                'BaselineId': 'string',
                'BaselineName': 'string',
                'OperatingSystem': 'WINDOWS'|'AMAZON_LINUX'|'UBUNTU'|'REDHAT_ENTERPRISE_LINUX'|'SUSE',
                'BaselineDescription': 'string',
                'DefaultBaseline': True|False
            }
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • Mappings (list) --

      Each entry in the array contains:

      PatchGroup: string (between 1 and 256 characters, Regex: ^([p{L}p{Z}p{N}_.:/=+-@]*)$)

      PatchBaselineIdentity: A PatchBaselineIdentity element.

      • (dict) --

        The mapping between a patch group and the patch baseline the patch group is registered with.

        • PatchGroup (string) --

          The name of the patch group registered with the patch baseline.

        • BaselineIdentity (dict) --

          The patch baseline the patch group is registered with.

          • BaselineId (string) --

            The ID of the patch baseline.

          • BaselineName (string) --

            The name of the patch baseline.

          • OperatingSystem (string) --

            Defines the operating system the patch baseline applies to. The Default value is WINDOWS.

          • BaselineDescription (string) --

            The description of the patch baseline.

          • DefaultBaseline (boolean) --

            Whether this is the default baseline. Note that Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.

    • NextToken (string) --

      The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.

GetDefaultPatchBaseline (updated) Link ¶
Changes (both)
{'OperatingSystem': ['SUSE']}

Retrieves the default patch baseline. Note that Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.

See also: AWS API Documentation

Request Syntax

client.get_default_patch_baseline(
    OperatingSystem='WINDOWS'|'AMAZON_LINUX'|'UBUNTU'|'REDHAT_ENTERPRISE_LINUX'|'SUSE'
)
type OperatingSystem

string

param OperatingSystem

Returns the default patch baseline for the specified operating system.

rtype

dict

returns

Response Syntax

{
    'BaselineId': 'string',
    'OperatingSystem': 'WINDOWS'|'AMAZON_LINUX'|'UBUNTU'|'REDHAT_ENTERPRISE_LINUX'|'SUSE'
}

Response Structure

  • (dict) --

    • BaselineId (string) --

      The ID of the default patch baseline.

    • OperatingSystem (string) --

      The operating system for the returned patch baseline.

GetPatchBaseline (updated) Link ¶
Changes (response)
{'ApprovalRules': {'PatchRules': {'EnableNonSecurity': 'boolean'}},
 'ApprovedPatchesEnableNonSecurity': 'boolean',
 'OperatingSystem': ['SUSE'],
 'Sources': [{'Configuration': 'string',
              'Name': 'string',
              'Products': ['string']}]}

Retrieves information about a patch baseline.

See also: AWS API Documentation

Request Syntax

client.get_patch_baseline(
    BaselineId='string'
)
type BaselineId

string

param BaselineId

[REQUIRED]

The ID of the patch baseline to retrieve.

rtype

dict

returns

Response Syntax

{
    'BaselineId': 'string',
    'Name': 'string',
    'OperatingSystem': 'WINDOWS'|'AMAZON_LINUX'|'UBUNTU'|'REDHAT_ENTERPRISE_LINUX'|'SUSE',
    'GlobalFilters': {
        'PatchFilters': [
            {
                'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID'|'SECTION'|'PRIORITY'|'SEVERITY',
                'Values': [
                    'string',
                ]
            },
        ]
    },
    'ApprovalRules': {
        'PatchRules': [
            {
                'PatchFilterGroup': {
                    'PatchFilters': [
                        {
                            'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID'|'SECTION'|'PRIORITY'|'SEVERITY',
                            'Values': [
                                'string',
                            ]
                        },
                    ]
                },
                'ComplianceLevel': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
                'ApproveAfterDays': 123,
                'EnableNonSecurity': True|False
            },
        ]
    },
    'ApprovedPatches': [
        'string',
    ],
    'ApprovedPatchesComplianceLevel': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
    'ApprovedPatchesEnableNonSecurity': True|False,
    'RejectedPatches': [
        'string',
    ],
    'PatchGroups': [
        'string',
    ],
    'CreatedDate': datetime(2015, 1, 1),
    'ModifiedDate': datetime(2015, 1, 1),
    'Description': 'string',
    'Sources': [
        {
            'Name': 'string',
            'Products': [
                'string',
            ],
            'Configuration': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • BaselineId (string) --

      The ID of the retrieved patch baseline.

    • Name (string) --

      The name of the patch baseline.

    • OperatingSystem (string) --

      Returns the operating system specified for the patch baseline.

    • GlobalFilters (dict) --

      A set of global filters used to exclude patches from the baseline.

      • PatchFilters (list) --

        The set of patch filters that make up the group.

        • (dict) --

          Defines a patch filter.

          A patch filter consists of key/value pairs, but not all keys are valid for all operating system types. For example, the key PRODUCT is valid for all supported operating system types. The key MSRC_SEVERITY , however, is valid only for Windows operating systems, and the key SECTION is valid only for Ubuntu operating systems.

          Refer to the following sections for information about which keys may be used with each major operating system, and which values are valid for each key.

          Windows Operating Systems

          The supported keys for Windows operating systems are PRODUCT , CLASSIFICATION , and MSRC_SEVERITY . See the following lists for valid values for each of these keys.

          Supported key: PRODUCT

          Supported values:

          • Windows7

          • Windows8

          • Windows8.1

          • Windows8Embedded

          • Windows10

          • Windows10LTSB

          • WindowsServer2008

          • WindowsServer2008R2

          • WindowsServer2012

          • WindowsServer2012R2

          • WindowsServer2016

          Supported key: CLASSIFICATION

          Supported values:

          • CriticalUpdates

          • DefinitionUpdates

          • Drivers

          • FeaturePacks

          • SecurityUpdates

          • ServicePacks

          • Tools

          • UpdateRollups

          • Updates

          • Upgrades

          Supported key: MSRC_SEVERITY

          Supported values:

          • Critical

          • Important

          • Moderate

          • Low

          • Unspecified

          Ubuntu Operating Systems

          The supported keys for Ubuntu operating systems are PRODUCT , PRIORITY , and SECTION . See the following lists for valid values for each of these keys.

          Supported key: PRODUCT

          Supported values:

          • Ubuntu14.04

          • Ubuntu16.04

          Supported key: PRIORITY

          Supported values:

          • Required

          • Important

          • Standard

          • Optional

          • Extra

          Supported key: SECTION

          Only the length of the key value is validated. Minimum length is 1. Maximum length is 64.

          Amazon Linux Operating Systems

          The supported keys for Amazon Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

          Supported key: PRODUCT

          Supported values:

          • AmazonLinux2012.03

          • AmazonLinux2012.09

          • AmazonLinux2013.03

          • AmazonLinux2013.09

          • AmazonLinux2014.03

          • AmazonLinux2014.09

          • AmazonLinux2015.03

          • AmazonLinux2015.09

          • AmazonLinux2016.03

          • AmazonLinux2016.09

          • AmazonLinux2017.03

          • AmazonLinux2017.09

          Supported key: CLASSIFICATION

          Supported values:

          • Security

          • Bugfix

          • Enhancement

          • Recommended

          • Newpackage

          Supported key: SEVERITY

          Supported values:

          • Critical

          • Important

          • Medium

          • Low

          RedHat Enterprise Linux (RHEL) Operating Systems

          The supported keys for RedHat Enterprise Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

          Supported key: PRODUCT

          Supported values:

          • RedhatEnterpriseLinux6.5

          • RedhatEnterpriseLinux6.6

          • RedhatEnterpriseLinux6.7

          • RedhatEnterpriseLinux6.8

          • RedhatEnterpriseLinux6.9

          • RedhatEnterpriseLinux7.0

          • RedhatEnterpriseLinux7.1

          • RedhatEnterpriseLinux7.2

          • RedhatEnterpriseLinux7.3

          • RedhatEnterpriseLinux7.4

          Supported key: CLASSIFICATION

          Supported values:

          • Security

          • Bugfix

          • Enhancement

          • Recommended

          • Newpackage

          Supported key: SEVERITY

          Supported values:

          • Critical

          • Important

          • Medium

          • Low

          SUSE Linux Enterprise Server (SUSE) Operating Systems

          The supported keys for SUSE operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

          Supported key: PRODUCT

          Supported values:

          • Suse12.0

          • Suse12.1

          • Suse12.2

          • Suse12.3

          • Suse12.4

          • Suse12.5

          • Suse12.6

          • Suse12.7

          • Suse12.8

          • Suse12.9

          Supported key: CLASSIFICATION

          Supported values:

          • Security

          • Recommended

          • Optional

          • Feature

          • Document

          • Yast

          Supported key: SEVERITY

          Supported values:

          • Critical

          • Important

          • Moderate

          • Low

          • Key (string) --

            The key for the filter.

            See PatchFilter for lists of valid keys for each operating system type.

          • Values (list) --

            The value for the filter key.

            See PatchFilter for lists of valid values for each key based on operating system type.

            • (string) --

    • ApprovalRules (dict) --

      A set of rules used to include patches in the baseline.

      • PatchRules (list) --

        The rules that make up the rule group.

        • (dict) --

          Defines an approval rule for a patch baseline.

          • PatchFilterGroup (dict) --

            The patch filter group that defines the criteria for the rule.

            • PatchFilters (list) --

              The set of patch filters that make up the group.

              • (dict) --

                Defines a patch filter.

                A patch filter consists of key/value pairs, but not all keys are valid for all operating system types. For example, the key PRODUCT is valid for all supported operating system types. The key MSRC_SEVERITY , however, is valid only for Windows operating systems, and the key SECTION is valid only for Ubuntu operating systems.

                Refer to the following sections for information about which keys may be used with each major operating system, and which values are valid for each key.

                Windows Operating Systems

                The supported keys for Windows operating systems are PRODUCT , CLASSIFICATION , and MSRC_SEVERITY . See the following lists for valid values for each of these keys.

                Supported key: PRODUCT

                Supported values:

                • Windows7

                • Windows8

                • Windows8.1

                • Windows8Embedded

                • Windows10

                • Windows10LTSB

                • WindowsServer2008

                • WindowsServer2008R2

                • WindowsServer2012

                • WindowsServer2012R2

                • WindowsServer2016

                Supported key: CLASSIFICATION

                Supported values:

                • CriticalUpdates

                • DefinitionUpdates

                • Drivers

                • FeaturePacks

                • SecurityUpdates

                • ServicePacks

                • Tools

                • UpdateRollups

                • Updates

                • Upgrades

                Supported key: MSRC_SEVERITY

                Supported values:

                • Critical

                • Important

                • Moderate

                • Low

                • Unspecified

                Ubuntu Operating Systems

                The supported keys for Ubuntu operating systems are PRODUCT , PRIORITY , and SECTION . See the following lists for valid values for each of these keys.

                Supported key: PRODUCT

                Supported values:

                • Ubuntu14.04

                • Ubuntu16.04

                Supported key: PRIORITY

                Supported values:

                • Required

                • Important

                • Standard

                • Optional

                • Extra

                Supported key: SECTION

                Only the length of the key value is validated. Minimum length is 1. Maximum length is 64.

                Amazon Linux Operating Systems

                The supported keys for Amazon Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

                Supported key: PRODUCT

                Supported values:

                • AmazonLinux2012.03

                • AmazonLinux2012.09

                • AmazonLinux2013.03

                • AmazonLinux2013.09

                • AmazonLinux2014.03

                • AmazonLinux2014.09

                • AmazonLinux2015.03

                • AmazonLinux2015.09

                • AmazonLinux2016.03

                • AmazonLinux2016.09

                • AmazonLinux2017.03

                • AmazonLinux2017.09

                Supported key: CLASSIFICATION

                Supported values:

                • Security

                • Bugfix

                • Enhancement

                • Recommended

                • Newpackage

                Supported key: SEVERITY

                Supported values:

                • Critical

                • Important

                • Medium

                • Low

                RedHat Enterprise Linux (RHEL) Operating Systems

                The supported keys for RedHat Enterprise Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

                Supported key: PRODUCT

                Supported values:

                • RedhatEnterpriseLinux6.5

                • RedhatEnterpriseLinux6.6

                • RedhatEnterpriseLinux6.7

                • RedhatEnterpriseLinux6.8

                • RedhatEnterpriseLinux6.9

                • RedhatEnterpriseLinux7.0

                • RedhatEnterpriseLinux7.1

                • RedhatEnterpriseLinux7.2

                • RedhatEnterpriseLinux7.3

                • RedhatEnterpriseLinux7.4

                Supported key: CLASSIFICATION

                Supported values:

                • Security

                • Bugfix

                • Enhancement

                • Recommended

                • Newpackage

                Supported key: SEVERITY

                Supported values:

                • Critical

                • Important

                • Medium

                • Low

                SUSE Linux Enterprise Server (SUSE) Operating Systems

                The supported keys for SUSE operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

                Supported key: PRODUCT

                Supported values:

                • Suse12.0

                • Suse12.1

                • Suse12.2

                • Suse12.3

                • Suse12.4

                • Suse12.5

                • Suse12.6

                • Suse12.7

                • Suse12.8

                • Suse12.9

                Supported key: CLASSIFICATION

                Supported values:

                • Security

                • Recommended

                • Optional

                • Feature

                • Document

                • Yast

                Supported key: SEVERITY

                Supported values:

                • Critical

                • Important

                • Moderate

                • Low

                • Key (string) --

                  The key for the filter.

                  See PatchFilter for lists of valid keys for each operating system type.

                • Values (list) --

                  The value for the filter key.

                  See PatchFilter for lists of valid values for each key based on operating system type.

                  • (string) --

          • ComplianceLevel (string) --

            A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: Unspecified, Critical, High, Medium, Low, and Informational.

          • ApproveAfterDays (integer) --

            The number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline.

          • EnableNonSecurity (boolean) --

            For instances identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is 'false'. Applies to Linux instances only.

    • ApprovedPatches (list) --

      A list of explicitly approved patches for the baseline.

      • (string) --

    • ApprovedPatchesComplianceLevel (string) --

      Returns the specified compliance severity level for approved patches in the patch baseline.

    • ApprovedPatchesEnableNonSecurity (boolean) --

      Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only.

    • RejectedPatches (list) --

      A list of explicitly rejected patches for the baseline.

      • (string) --

    • PatchGroups (list) --

      Patch groups included in the patch baseline.

      • (string) --

    • CreatedDate (datetime) --

      The date the patch baseline was created.

    • ModifiedDate (datetime) --

      The date the patch baseline was last modified.

    • Description (string) --

      A description of the patch baseline.

    • Sources (list) --

      Information about the patches to use to update the instances, including target operating systems and source repositories. Applies to Linux instances only.

      • (dict) --

        Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only.

        • Name (string) --

          The name specified to identify the patch source.

        • Products (list) --

          The specific operating system versions a patch repository applies to, such as "Ubuntu16.04", "AmazonLinux2016.09", "RedhatEnterpriseLinux7.2" or "Suse12.7". For lists of supported product values, see PatchFilter .

          • (string) --

        • Configuration (string) --

          The value of the yum repo configuration. For example:

          cachedir=/var/cache/yum/$basesearch

          $releasever

          keepcache=0

          debualevel=2

GetPatchBaselineForPatchGroup (updated) Link ¶
Changes (both)
{'OperatingSystem': ['SUSE']}

Retrieves the patch baseline that should be used for the specified patch group.

See also: AWS API Documentation

Request Syntax

client.get_patch_baseline_for_patch_group(
    PatchGroup='string',
    OperatingSystem='WINDOWS'|'AMAZON_LINUX'|'UBUNTU'|'REDHAT_ENTERPRISE_LINUX'|'SUSE'
)
type PatchGroup

string

param PatchGroup

[REQUIRED]

The name of the patch group whose patch baseline should be retrieved.

type OperatingSystem

string

param OperatingSystem

Returns he operating system rule specified for patch groups using the patch baseline.

rtype

dict

returns

Response Syntax

{
    'BaselineId': 'string',
    'PatchGroup': 'string',
    'OperatingSystem': 'WINDOWS'|'AMAZON_LINUX'|'UBUNTU'|'REDHAT_ENTERPRISE_LINUX'|'SUSE'
}

Response Structure

  • (dict) --

    • BaselineId (string) --

      The ID of the patch baseline that should be used for the patch group.

    • PatchGroup (string) --

      The name of the patch group.

    • OperatingSystem (string) --

      The operating system rule specified for patch groups using the patch baseline.

UpdatePatchBaseline (updated) Link ¶
Changes (request, response)
Request
{'ApprovalRules': {'PatchRules': {'EnableNonSecurity': 'boolean'}},
 'ApprovedPatchesEnableNonSecurity': 'boolean',
 'Replace': 'boolean',
 'Sources': [{'Configuration': 'string',
              'Name': 'string',
              'Products': ['string']}]}
Response
{'ApprovalRules': {'PatchRules': {'EnableNonSecurity': 'boolean'}},
 'ApprovedPatchesEnableNonSecurity': 'boolean',
 'OperatingSystem': ['SUSE'],
 'Sources': [{'Configuration': 'string',
              'Name': 'string',
              'Products': ['string']}]}

Modifies an existing patch baseline. Fields not specified in the request are left unchanged.

Note

For information about valid key and value pairs in PatchFilters for each supported operating system type, see PatchFilter .

See also: AWS API Documentation

Request Syntax

client.update_patch_baseline(
    BaselineId='string',
    Name='string',
    GlobalFilters={
        'PatchFilters': [
            {
                'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID'|'SECTION'|'PRIORITY'|'SEVERITY',
                'Values': [
                    'string',
                ]
            },
        ]
    },
    ApprovalRules={
        'PatchRules': [
            {
                'PatchFilterGroup': {
                    'PatchFilters': [
                        {
                            'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID'|'SECTION'|'PRIORITY'|'SEVERITY',
                            'Values': [
                                'string',
                            ]
                        },
                    ]
                },
                'ComplianceLevel': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
                'ApproveAfterDays': 123,
                'EnableNonSecurity': True|False
            },
        ]
    },
    ApprovedPatches=[
        'string',
    ],
    ApprovedPatchesComplianceLevel='CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
    ApprovedPatchesEnableNonSecurity=True|False,
    RejectedPatches=[
        'string',
    ],
    Description='string',
    Sources=[
        {
            'Name': 'string',
            'Products': [
                'string',
            ],
            'Configuration': 'string'
        },
    ],
    Replace=True|False
)
type BaselineId

string

param BaselineId

[REQUIRED]

The ID of the patch baseline to update.

type Name

string

param Name

The name of the patch baseline.

type GlobalFilters

dict

param GlobalFilters

A set of global filters used to exclude patches from the baseline.

  • PatchFilters (list) -- [REQUIRED]

    The set of patch filters that make up the group.

    • (dict) --

      Defines a patch filter.

      A patch filter consists of key/value pairs, but not all keys are valid for all operating system types. For example, the key PRODUCT is valid for all supported operating system types. The key MSRC_SEVERITY , however, is valid only for Windows operating systems, and the key SECTION is valid only for Ubuntu operating systems.

      Refer to the following sections for information about which keys may be used with each major operating system, and which values are valid for each key.

      Windows Operating Systems

      The supported keys for Windows operating systems are PRODUCT , CLASSIFICATION , and MSRC_SEVERITY . See the following lists for valid values for each of these keys.

      Supported key: PRODUCT

      Supported values:

      • Windows7

      • Windows8

      • Windows8.1

      • Windows8Embedded

      • Windows10

      • Windows10LTSB

      • WindowsServer2008

      • WindowsServer2008R2

      • WindowsServer2012

      • WindowsServer2012R2

      • WindowsServer2016

      Supported key: CLASSIFICATION

      Supported values:

      • CriticalUpdates

      • DefinitionUpdates

      • Drivers

      • FeaturePacks

      • SecurityUpdates

      • ServicePacks

      • Tools

      • UpdateRollups

      • Updates

      • Upgrades

      Supported key: MSRC_SEVERITY

      Supported values:

      • Critical

      • Important

      • Moderate

      • Low

      • Unspecified

      Ubuntu Operating Systems

      The supported keys for Ubuntu operating systems are PRODUCT , PRIORITY , and SECTION . See the following lists for valid values for each of these keys.

      Supported key: PRODUCT

      Supported values:

      • Ubuntu14.04

      • Ubuntu16.04

      Supported key: PRIORITY

      Supported values:

      • Required

      • Important

      • Standard

      • Optional

      • Extra

      Supported key: SECTION

      Only the length of the key value is validated. Minimum length is 1. Maximum length is 64.

      Amazon Linux Operating Systems

      The supported keys for Amazon Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

      Supported key: PRODUCT

      Supported values:

      • AmazonLinux2012.03

      • AmazonLinux2012.09

      • AmazonLinux2013.03

      • AmazonLinux2013.09

      • AmazonLinux2014.03

      • AmazonLinux2014.09

      • AmazonLinux2015.03

      • AmazonLinux2015.09

      • AmazonLinux2016.03

      • AmazonLinux2016.09

      • AmazonLinux2017.03

      • AmazonLinux2017.09

      Supported key: CLASSIFICATION

      Supported values:

      • Security

      • Bugfix

      • Enhancement

      • Recommended

      • Newpackage

      Supported key: SEVERITY

      Supported values:

      • Critical

      • Important

      • Medium

      • Low

      RedHat Enterprise Linux (RHEL) Operating Systems

      The supported keys for RedHat Enterprise Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

      Supported key: PRODUCT

      Supported values:

      • RedhatEnterpriseLinux6.5

      • RedhatEnterpriseLinux6.6

      • RedhatEnterpriseLinux6.7

      • RedhatEnterpriseLinux6.8

      • RedhatEnterpriseLinux6.9

      • RedhatEnterpriseLinux7.0

      • RedhatEnterpriseLinux7.1

      • RedhatEnterpriseLinux7.2

      • RedhatEnterpriseLinux7.3

      • RedhatEnterpriseLinux7.4

      Supported key: CLASSIFICATION

      Supported values:

      • Security

      • Bugfix

      • Enhancement

      • Recommended

      • Newpackage

      Supported key: SEVERITY

      Supported values:

      • Critical

      • Important

      • Medium

      • Low

      SUSE Linux Enterprise Server (SUSE) Operating Systems

      The supported keys for SUSE operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

      Supported key: PRODUCT

      Supported values:

      • Suse12.0

      • Suse12.1

      • Suse12.2

      • Suse12.3

      • Suse12.4

      • Suse12.5

      • Suse12.6

      • Suse12.7

      • Suse12.8

      • Suse12.9

      Supported key: CLASSIFICATION

      Supported values:

      • Security

      • Recommended

      • Optional

      • Feature

      • Document

      • Yast

      Supported key: SEVERITY

      Supported values:

      • Critical

      • Important

      • Moderate

      • Low

      • Key (string) -- [REQUIRED]

        The key for the filter.

        See PatchFilter for lists of valid keys for each operating system type.

      • Values (list) -- [REQUIRED]

        The value for the filter key.

        See PatchFilter for lists of valid values for each key based on operating system type.

        • (string) --

type ApprovalRules

dict

param ApprovalRules

A set of rules used to include patches in the baseline.

  • PatchRules (list) -- [REQUIRED]

    The rules that make up the rule group.

    • (dict) --

      Defines an approval rule for a patch baseline.

      • PatchFilterGroup (dict) -- [REQUIRED]

        The patch filter group that defines the criteria for the rule.

        • PatchFilters (list) -- [REQUIRED]

          The set of patch filters that make up the group.

          • (dict) --

            Defines a patch filter.

            A patch filter consists of key/value pairs, but not all keys are valid for all operating system types. For example, the key PRODUCT is valid for all supported operating system types. The key MSRC_SEVERITY , however, is valid only for Windows operating systems, and the key SECTION is valid only for Ubuntu operating systems.

            Refer to the following sections for information about which keys may be used with each major operating system, and which values are valid for each key.

            Windows Operating Systems

            The supported keys for Windows operating systems are PRODUCT , CLASSIFICATION , and MSRC_SEVERITY . See the following lists for valid values for each of these keys.

            Supported key: PRODUCT

            Supported values:

            • Windows7

            • Windows8

            • Windows8.1

            • Windows8Embedded

            • Windows10

            • Windows10LTSB

            • WindowsServer2008

            • WindowsServer2008R2

            • WindowsServer2012

            • WindowsServer2012R2

            • WindowsServer2016

            Supported key: CLASSIFICATION

            Supported values:

            • CriticalUpdates

            • DefinitionUpdates

            • Drivers

            • FeaturePacks

            • SecurityUpdates

            • ServicePacks

            • Tools

            • UpdateRollups

            • Updates

            • Upgrades

            Supported key: MSRC_SEVERITY

            Supported values:

            • Critical

            • Important

            • Moderate

            • Low

            • Unspecified

            Ubuntu Operating Systems

            The supported keys for Ubuntu operating systems are PRODUCT , PRIORITY , and SECTION . See the following lists for valid values for each of these keys.

            Supported key: PRODUCT

            Supported values:

            • Ubuntu14.04

            • Ubuntu16.04

            Supported key: PRIORITY

            Supported values:

            • Required

            • Important

            • Standard

            • Optional

            • Extra

            Supported key: SECTION

            Only the length of the key value is validated. Minimum length is 1. Maximum length is 64.

            Amazon Linux Operating Systems

            The supported keys for Amazon Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

            Supported key: PRODUCT

            Supported values:

            • AmazonLinux2012.03

            • AmazonLinux2012.09

            • AmazonLinux2013.03

            • AmazonLinux2013.09

            • AmazonLinux2014.03

            • AmazonLinux2014.09

            • AmazonLinux2015.03

            • AmazonLinux2015.09

            • AmazonLinux2016.03

            • AmazonLinux2016.09

            • AmazonLinux2017.03

            • AmazonLinux2017.09

            Supported key: CLASSIFICATION

            Supported values:

            • Security

            • Bugfix

            • Enhancement

            • Recommended

            • Newpackage

            Supported key: SEVERITY

            Supported values:

            • Critical

            • Important

            • Medium

            • Low

            RedHat Enterprise Linux (RHEL) Operating Systems

            The supported keys for RedHat Enterprise Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

            Supported key: PRODUCT

            Supported values:

            • RedhatEnterpriseLinux6.5

            • RedhatEnterpriseLinux6.6

            • RedhatEnterpriseLinux6.7

            • RedhatEnterpriseLinux6.8

            • RedhatEnterpriseLinux6.9

            • RedhatEnterpriseLinux7.0

            • RedhatEnterpriseLinux7.1

            • RedhatEnterpriseLinux7.2

            • RedhatEnterpriseLinux7.3

            • RedhatEnterpriseLinux7.4

            Supported key: CLASSIFICATION

            Supported values:

            • Security

            • Bugfix

            • Enhancement

            • Recommended

            • Newpackage

            Supported key: SEVERITY

            Supported values:

            • Critical

            • Important

            • Medium

            • Low

            SUSE Linux Enterprise Server (SUSE) Operating Systems

            The supported keys for SUSE operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

            Supported key: PRODUCT

            Supported values:

            • Suse12.0

            • Suse12.1

            • Suse12.2

            • Suse12.3

            • Suse12.4

            • Suse12.5

            • Suse12.6

            • Suse12.7

            • Suse12.8

            • Suse12.9

            Supported key: CLASSIFICATION

            Supported values:

            • Security

            • Recommended

            • Optional

            • Feature

            • Document

            • Yast

            Supported key: SEVERITY

            Supported values:

            • Critical

            • Important

            • Moderate

            • Low

            • Key (string) -- [REQUIRED]

              The key for the filter.

              See PatchFilter for lists of valid keys for each operating system type.

            • Values (list) -- [REQUIRED]

              The value for the filter key.

              See PatchFilter for lists of valid values for each key based on operating system type.

              • (string) --

      • ComplianceLevel (string) --

        A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: Unspecified, Critical, High, Medium, Low, and Informational.

      • ApproveAfterDays (integer) -- [REQUIRED]

        The number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline.

      • EnableNonSecurity (boolean) --

        For instances identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is 'false'. Applies to Linux instances only.

type ApprovedPatches

list

param ApprovedPatches

A list of explicitly approved patches for the baseline.

  • (string) --

type ApprovedPatchesComplianceLevel

string

param ApprovedPatchesComplianceLevel

Assigns a new compliance severity level to an existing patch baseline.

type ApprovedPatchesEnableNonSecurity

boolean

param ApprovedPatchesEnableNonSecurity

Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only.

type RejectedPatches

list

param RejectedPatches

A list of explicitly rejected patches for the baseline.

  • (string) --

type Description

string

param Description

A description of the patch baseline.

type Sources

list

param Sources

Information about the patches to use to update the instances, including target operating systems and source repositories. Applies to Linux instances only.

  • (dict) --

    Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only.

    • Name (string) -- [REQUIRED]

      The name specified to identify the patch source.

    • Products (list) -- [REQUIRED]

      The specific operating system versions a patch repository applies to, such as "Ubuntu16.04", "AmazonLinux2016.09", "RedhatEnterpriseLinux7.2" or "Suse12.7". For lists of supported product values, see PatchFilter .

      • (string) --

    • Configuration (string) -- [REQUIRED]

      The value of the yum repo configuration. For example:

      cachedir=/var/cache/yum/$basesearch

      $releasever

      keepcache=0

      debualevel=2

type Replace

boolean

param Replace

If True, then all fields that are required by the CreatePatchBaseline action are also required for this API request. Optional fields that are not specified are set to null.

rtype

dict

returns

Response Syntax

{
    'BaselineId': 'string',
    'Name': 'string',
    'OperatingSystem': 'WINDOWS'|'AMAZON_LINUX'|'UBUNTU'|'REDHAT_ENTERPRISE_LINUX'|'SUSE',
    'GlobalFilters': {
        'PatchFilters': [
            {
                'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID'|'SECTION'|'PRIORITY'|'SEVERITY',
                'Values': [
                    'string',
                ]
            },
        ]
    },
    'ApprovalRules': {
        'PatchRules': [
            {
                'PatchFilterGroup': {
                    'PatchFilters': [
                        {
                            'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID'|'SECTION'|'PRIORITY'|'SEVERITY',
                            'Values': [
                                'string',
                            ]
                        },
                    ]
                },
                'ComplianceLevel': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
                'ApproveAfterDays': 123,
                'EnableNonSecurity': True|False
            },
        ]
    },
    'ApprovedPatches': [
        'string',
    ],
    'ApprovedPatchesComplianceLevel': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
    'ApprovedPatchesEnableNonSecurity': True|False,
    'RejectedPatches': [
        'string',
    ],
    'CreatedDate': datetime(2015, 1, 1),
    'ModifiedDate': datetime(2015, 1, 1),
    'Description': 'string',
    'Sources': [
        {
            'Name': 'string',
            'Products': [
                'string',
            ],
            'Configuration': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • BaselineId (string) --

      The ID of the deleted patch baseline.

    • Name (string) --

      The name of the patch baseline.

    • OperatingSystem (string) --

      The operating system rule used by the updated patch baseline.

    • GlobalFilters (dict) --

      A set of global filters used to exclude patches from the baseline.

      • PatchFilters (list) --

        The set of patch filters that make up the group.

        • (dict) --

          Defines a patch filter.

          A patch filter consists of key/value pairs, but not all keys are valid for all operating system types. For example, the key PRODUCT is valid for all supported operating system types. The key MSRC_SEVERITY , however, is valid only for Windows operating systems, and the key SECTION is valid only for Ubuntu operating systems.

          Refer to the following sections for information about which keys may be used with each major operating system, and which values are valid for each key.

          Windows Operating Systems

          The supported keys for Windows operating systems are PRODUCT , CLASSIFICATION , and MSRC_SEVERITY . See the following lists for valid values for each of these keys.

          Supported key: PRODUCT

          Supported values:

          • Windows7

          • Windows8

          • Windows8.1

          • Windows8Embedded

          • Windows10

          • Windows10LTSB

          • WindowsServer2008

          • WindowsServer2008R2

          • WindowsServer2012

          • WindowsServer2012R2

          • WindowsServer2016

          Supported key: CLASSIFICATION

          Supported values:

          • CriticalUpdates

          • DefinitionUpdates

          • Drivers

          • FeaturePacks

          • SecurityUpdates

          • ServicePacks

          • Tools

          • UpdateRollups

          • Updates

          • Upgrades

          Supported key: MSRC_SEVERITY

          Supported values:

          • Critical

          • Important

          • Moderate

          • Low

          • Unspecified

          Ubuntu Operating Systems

          The supported keys for Ubuntu operating systems are PRODUCT , PRIORITY , and SECTION . See the following lists for valid values for each of these keys.

          Supported key: PRODUCT

          Supported values:

          • Ubuntu14.04

          • Ubuntu16.04

          Supported key: PRIORITY

          Supported values:

          • Required

          • Important

          • Standard

          • Optional

          • Extra

          Supported key: SECTION

          Only the length of the key value is validated. Minimum length is 1. Maximum length is 64.

          Amazon Linux Operating Systems

          The supported keys for Amazon Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

          Supported key: PRODUCT

          Supported values:

          • AmazonLinux2012.03

          • AmazonLinux2012.09

          • AmazonLinux2013.03

          • AmazonLinux2013.09

          • AmazonLinux2014.03

          • AmazonLinux2014.09

          • AmazonLinux2015.03

          • AmazonLinux2015.09

          • AmazonLinux2016.03

          • AmazonLinux2016.09

          • AmazonLinux2017.03

          • AmazonLinux2017.09

          Supported key: CLASSIFICATION

          Supported values:

          • Security

          • Bugfix

          • Enhancement

          • Recommended

          • Newpackage

          Supported key: SEVERITY

          Supported values:

          • Critical

          • Important

          • Medium

          • Low

          RedHat Enterprise Linux (RHEL) Operating Systems

          The supported keys for RedHat Enterprise Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

          Supported key: PRODUCT

          Supported values:

          • RedhatEnterpriseLinux6.5

          • RedhatEnterpriseLinux6.6

          • RedhatEnterpriseLinux6.7

          • RedhatEnterpriseLinux6.8

          • RedhatEnterpriseLinux6.9

          • RedhatEnterpriseLinux7.0

          • RedhatEnterpriseLinux7.1

          • RedhatEnterpriseLinux7.2

          • RedhatEnterpriseLinux7.3

          • RedhatEnterpriseLinux7.4

          Supported key: CLASSIFICATION

          Supported values:

          • Security

          • Bugfix

          • Enhancement

          • Recommended

          • Newpackage

          Supported key: SEVERITY

          Supported values:

          • Critical

          • Important

          • Medium

          • Low

          SUSE Linux Enterprise Server (SUSE) Operating Systems

          The supported keys for SUSE operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

          Supported key: PRODUCT

          Supported values:

          • Suse12.0

          • Suse12.1

          • Suse12.2

          • Suse12.3

          • Suse12.4

          • Suse12.5

          • Suse12.6

          • Suse12.7

          • Suse12.8

          • Suse12.9

          Supported key: CLASSIFICATION

          Supported values:

          • Security

          • Recommended

          • Optional

          • Feature

          • Document

          • Yast

          Supported key: SEVERITY

          Supported values:

          • Critical

          • Important

          • Moderate

          • Low

          • Key (string) --

            The key for the filter.

            See PatchFilter for lists of valid keys for each operating system type.

          • Values (list) --

            The value for the filter key.

            See PatchFilter for lists of valid values for each key based on operating system type.

            • (string) --

    • ApprovalRules (dict) --

      A set of rules used to include patches in the baseline.

      • PatchRules (list) --

        The rules that make up the rule group.

        • (dict) --

          Defines an approval rule for a patch baseline.

          • PatchFilterGroup (dict) --

            The patch filter group that defines the criteria for the rule.

            • PatchFilters (list) --

              The set of patch filters that make up the group.

              • (dict) --

                Defines a patch filter.

                A patch filter consists of key/value pairs, but not all keys are valid for all operating system types. For example, the key PRODUCT is valid for all supported operating system types. The key MSRC_SEVERITY , however, is valid only for Windows operating systems, and the key SECTION is valid only for Ubuntu operating systems.

                Refer to the following sections for information about which keys may be used with each major operating system, and which values are valid for each key.

                Windows Operating Systems

                The supported keys for Windows operating systems are PRODUCT , CLASSIFICATION , and MSRC_SEVERITY . See the following lists for valid values for each of these keys.

                Supported key: PRODUCT

                Supported values:

                • Windows7

                • Windows8

                • Windows8.1

                • Windows8Embedded

                • Windows10

                • Windows10LTSB

                • WindowsServer2008

                • WindowsServer2008R2

                • WindowsServer2012

                • WindowsServer2012R2

                • WindowsServer2016

                Supported key: CLASSIFICATION

                Supported values:

                • CriticalUpdates

                • DefinitionUpdates

                • Drivers

                • FeaturePacks

                • SecurityUpdates

                • ServicePacks

                • Tools

                • UpdateRollups

                • Updates

                • Upgrades

                Supported key: MSRC_SEVERITY

                Supported values:

                • Critical

                • Important

                • Moderate

                • Low

                • Unspecified

                Ubuntu Operating Systems

                The supported keys for Ubuntu operating systems are PRODUCT , PRIORITY , and SECTION . See the following lists for valid values for each of these keys.

                Supported key: PRODUCT

                Supported values:

                • Ubuntu14.04

                • Ubuntu16.04

                Supported key: PRIORITY

                Supported values:

                • Required

                • Important

                • Standard

                • Optional

                • Extra

                Supported key: SECTION

                Only the length of the key value is validated. Minimum length is 1. Maximum length is 64.

                Amazon Linux Operating Systems

                The supported keys for Amazon Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

                Supported key: PRODUCT

                Supported values:

                • AmazonLinux2012.03

                • AmazonLinux2012.09

                • AmazonLinux2013.03

                • AmazonLinux2013.09

                • AmazonLinux2014.03

                • AmazonLinux2014.09

                • AmazonLinux2015.03

                • AmazonLinux2015.09

                • AmazonLinux2016.03

                • AmazonLinux2016.09

                • AmazonLinux2017.03

                • AmazonLinux2017.09

                Supported key: CLASSIFICATION

                Supported values:

                • Security

                • Bugfix

                • Enhancement

                • Recommended

                • Newpackage

                Supported key: SEVERITY

                Supported values:

                • Critical

                • Important

                • Medium

                • Low

                RedHat Enterprise Linux (RHEL) Operating Systems

                The supported keys for RedHat Enterprise Linux operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

                Supported key: PRODUCT

                Supported values:

                • RedhatEnterpriseLinux6.5

                • RedhatEnterpriseLinux6.6

                • RedhatEnterpriseLinux6.7

                • RedhatEnterpriseLinux6.8

                • RedhatEnterpriseLinux6.9

                • RedhatEnterpriseLinux7.0

                • RedhatEnterpriseLinux7.1

                • RedhatEnterpriseLinux7.2

                • RedhatEnterpriseLinux7.3

                • RedhatEnterpriseLinux7.4

                Supported key: CLASSIFICATION

                Supported values:

                • Security

                • Bugfix

                • Enhancement

                • Recommended

                • Newpackage

                Supported key: SEVERITY

                Supported values:

                • Critical

                • Important

                • Medium

                • Low

                SUSE Linux Enterprise Server (SUSE) Operating Systems

                The supported keys for SUSE operating systems are PRODUCT , CLASSIFICATION , and SEVERITY . See the following lists for valid values for each of these keys.

                Supported key: PRODUCT

                Supported values:

                • Suse12.0

                • Suse12.1

                • Suse12.2

                • Suse12.3

                • Suse12.4

                • Suse12.5

                • Suse12.6

                • Suse12.7

                • Suse12.8

                • Suse12.9

                Supported key: CLASSIFICATION

                Supported values:

                • Security

                • Recommended

                • Optional

                • Feature

                • Document

                • Yast

                Supported key: SEVERITY

                Supported values:

                • Critical

                • Important

                • Moderate

                • Low

                • Key (string) --

                  The key for the filter.

                  See PatchFilter for lists of valid keys for each operating system type.

                • Values (list) --

                  The value for the filter key.

                  See PatchFilter for lists of valid values for each key based on operating system type.

                  • (string) --

          • ComplianceLevel (string) --

            A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: Unspecified, Critical, High, Medium, Low, and Informational.

          • ApproveAfterDays (integer) --

            The number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline.

          • EnableNonSecurity (boolean) --

            For instances identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is 'false'. Applies to Linux instances only.

    • ApprovedPatches (list) --

      A list of explicitly approved patches for the baseline.

      • (string) --

    • ApprovedPatchesComplianceLevel (string) --

      The compliance severity level assigned to the patch baseline after the update completed.

    • ApprovedPatchesEnableNonSecurity (boolean) --

      Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only.

    • RejectedPatches (list) --

      A list of explicitly rejected patches for the baseline.

      • (string) --

    • CreatedDate (datetime) --

      The date when the patch baseline was created.

    • ModifiedDate (datetime) --

      The date when the patch baseline was last modified.

    • Description (string) --

      A description of the Patch Baseline.

    • Sources (list) --

      Information about the patches to use to update the instances, including target operating systems and source repositories. Applies to Linux instances only.

      • (dict) --

        Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only.

        • Name (string) --

          The name specified to identify the patch source.

        • Products (list) --

          The specific operating system versions a patch repository applies to, such as "Ubuntu16.04", "AmazonLinux2016.09", "RedhatEnterpriseLinux7.2" or "Suse12.7". For lists of supported product values, see PatchFilter .

          • (string) --

        • Configuration (string) --

          The value of the yum repo configuration. For example:

          cachedir=/var/cache/yum/$basesearch

          $releasever

          keepcache=0

          debualevel=2