2016/12/15 - Amazon Simple Systems Manager (SSM) - 18 new api methods
Changes Add support for Patch Baseline and Patch Compliance APIs
Retrieves the high-level patch state for the instances in the specified patch group.
See also: AWS API Documentation
Request Syntax
client.describe_instance_patch_states_for_patch_group(
PatchGroup='string',
Filters=[
{
'Key': 'string',
'Values': [
'string',
],
'Type': 'Equal'|'NotEqual'|'LessThan'|'GreaterThan'
},
],
NextToken='string',
MaxResults=123
)
string
[REQUIRED]
The name of the patch group for which the patch state information should be retrieved.
list
Each entry in the array is a structure containing:
Key (string 1 ≤ length ≤ 200)
Values (array containing a single string)
Type (string “Equal”, “NotEqual”, “LessThan”, “GreaterThan”)
(dict) --
Defines a filter used in DescribeInstancePatchStatesForPatchGroup used to scope down the information returned by the API.
Key (string) -- [REQUIRED]
The key for the filter. Supported values are FailedCount, InstalledCount, InstalledOtherCount, MissingCount and NotApplicableCount.
Values (list) -- [REQUIRED]
The value for the filter, must be an integer greater than or equal to 0.
(string) --
Type (string) -- [REQUIRED]
The type of comparison that should be performed for the value: Equal, NotEqual, LessThan or GreaterThan.
string
The token for the next set of items to return. (You received this token from a previous call.)
integer
The maximum number of patches to return (per page).
dict
Response Syntax
{
'InstancePatchStates': [
{
'InstanceId': 'string',
'PatchGroup': 'string',
'BaselineId': 'string',
'SnapshotId': 'string',
'OwnerInformation': 'string',
'InstalledCount': 123,
'InstalledOtherCount': 123,
'MissingCount': 123,
'FailedCount': 123,
'NotApplicableCount': 123,
'OperationStartTime': datetime(2015, 1, 1),
'OperationEndTime': datetime(2015, 1, 1),
'Operation': 'Scan'|'Install'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
InstancePatchStates (list) --
The high-level patch state for the requested instances.
(dict) --
Defines the high-level patch compliance state for a managed instance, providing information about the number of installed, missing, not applicable, and failed patches along with metadata about the operation when this information was gathered for the instance.
InstanceId (string) --
The ID of the managed instance the high-level patch compliance information was collected for.
PatchGroup (string) --
The name of the patch group the managed instance belongs to.
BaselineId (string) --
The ID of the patch baseline used to patch the instance.
SnapshotId (string) --
The ID of the patch baseline snapshot used during the patching operation when this compliance data was collected.
OwnerInformation (string) --
Placeholder information, this field will always be empty in the current release of the service.
InstalledCount (integer) --
The number of patches from the patch baseline that are installed on the instance.
InstalledOtherCount (integer) --
The number of patches not specified in the patch baseline that are installed on the instance.
MissingCount (integer) --
The number of patches from the patch baseline that are applicable for the instance but aren’t currently installed.
FailedCount (integer) --
The number of patches from the patch baseline that were attempted to be installed during the last patching operation, but failed to install.
NotApplicableCount (integer) --
The number of patches from the patch baseline that aren’t applicable for the instance and hence aren’t installed on the instance.
OperationStartTime (datetime) --
The time the most recent patching operation was started on the instance.
OperationEndTime (datetime) --
The time the most recent patching operation completed on the instance.
Operation (string) --
The type of patching operation that was performed: SCAN (assess patch compliance state) or INSTALL (install missing patches).
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
Retrieves the default patch baseline.
See also: AWS API Documentation
Request Syntax
client.get_default_patch_baseline()
dict
Response Syntax
{
'BaselineId': 'string'
}
Response Structure
(dict) --
BaselineId (string) --
The ID of the default patch baseline.
Retrieves the current snapshot for the patch baseline the instance uses. This API is primarily used by the AWS-ApplyPatchBaseline Systems Manager document.
See also: AWS API Documentation
Request Syntax
client.get_deployable_patch_snapshot_for_instance(
InstanceId='string',
SnapshotId='string'
)
string
[REQUIRED]
The ID of the instance for which the appropriate patch snapshot should be retrieved.
string
[REQUIRED]
The user-defined snapshot ID.
dict
Response Syntax
{
'InstanceId': 'string',
'SnapshotId': 'string',
'SnapshotDownloadUrl': 'string'
}
Response Structure
(dict) --
InstanceId (string) --
The ID of the instance.
SnapshotId (string) --
The user-defined snapshot ID.
SnapshotDownloadUrl (string) --
A pre-signed Amazon S3 URL that can be used to download the patch snapshot.
Retrieves the patch baseline that should be used for the specified patch group.
See also: AWS API Documentation
Request Syntax
client.get_patch_baseline_for_patch_group(
PatchGroup='string'
)
string
[REQUIRED]
The name of the patch group whose patch baseline should be retrieved.
dict
Response Syntax
{
'BaselineId': 'string',
'PatchGroup': 'string'
}
Response Structure
(dict) --
BaselineId (string) --
The ID of the patch baseline that should be used for the patch group.
PatchGroup (string) --
The name of the patch group.
Removes a patch group from a patch baseline.
See also: AWS API Documentation
Request Syntax
client.deregister_patch_baseline_for_patch_group(
BaselineId='string',
PatchGroup='string'
)
string
[REQUIRED]
The ID of the patch baseline to deregister the patch group from.
string
[REQUIRED]
The name of the patch group that should be deregistered from the patch baseline.
dict
Response Syntax
{
'BaselineId': 'string',
'PatchGroup': 'string'
}
Response Structure
(dict) --
BaselineId (string) --
The ID of the patch baseline the patch group was deregistered from.
PatchGroup (string) --
The name of the patch group deregistered from the patch baseline.
Lists all patches that could possibly be included in a patch baseline.
See also: AWS API Documentation
Request Syntax
client.describe_available_patches(
Filters=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
MaxResults=123,
NextToken='string'
)
list
Filters used to scope down the returned patches.
(dict) --
Defines a filter used in Patch Manager APIs.
Key (string) --
The key for the filter.
Values (list) --
The value for the filter.
(string) --
integer
The maximum number of patches to return (per page).
string
The token for the next set of items to return. (You received this token from a previous call.)
dict
Response Syntax
{
'Patches': [
{
'Id': 'string',
'ReleaseDate': datetime(2015, 1, 1),
'Title': 'string',
'Description': 'string',
'ContentUrl': 'string',
'Vendor': 'string',
'ProductFamily': 'string',
'Product': 'string',
'Classification': 'string',
'MsrcSeverity': 'string',
'KbNumber': 'string',
'MsrcNumber': 'string',
'Language': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Patches (list) --
An array of patches. Each entry in the array is a patch structure.
(dict) --
Represents metadata about a patch.
Id (string) --
The ID of the patch (this is different than the Microsoft Knowledge Base ID).
ReleaseDate (datetime) --
The date the patch was released.
Title (string) --
The title of the patch.
Description (string) --
The description of the patch.
ContentUrl (string) --
The URL where more information can be obtained about the patch.
Vendor (string) --
The name of the vendor providing the patch.
ProductFamily (string) --
The product family the patch is applicable for (for example, Windows).
Product (string) --
The specific product the patch is applicable for (for example, WindowsServer2016).
Classification (string) --
The classification of the patch (for example, SecurityUpdates, Updates, CriticalUpdates).
MsrcSeverity (string) --
The severity of the patch (for example Critical, Important, Moderate).
KbNumber (string) --
The Microsoft Knowledge Base ID of the patch.
MsrcNumber (string) --
The ID of the MSRC bulletin the patch is related to.
Language (string) --
The language of the patch if it’s language-specific.
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
Retrieves the current effective patches (the patch and the approval state) for the specified patch baseline.
See also: AWS API Documentation
Request Syntax
client.describe_effective_patches_for_patch_baseline(
BaselineId='string',
MaxResults=123,
NextToken='string'
)
string
[REQUIRED]
The ID of the patch baseline to retrieve the effective patches for.
integer
The maximum number of patches to return (per page).
string
The token for the next set of items to return. (You received this token from a previous call.)
dict
Response Syntax
{
'EffectivePatches': [
{
'Patch': {
'Id': 'string',
'ReleaseDate': datetime(2015, 1, 1),
'Title': 'string',
'Description': 'string',
'ContentUrl': 'string',
'Vendor': 'string',
'ProductFamily': 'string',
'Product': 'string',
'Classification': 'string',
'MsrcSeverity': 'string',
'KbNumber': 'string',
'MsrcNumber': 'string',
'Language': 'string'
},
'PatchStatus': {
'DeploymentStatus': 'APPROVED'|'PENDING_APPROVAL'|'EXPLICIT_APPROVED'|'EXPLICIT_REJECTED',
'ApprovalDate': datetime(2015, 1, 1)
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
EffectivePatches (list) --
An array of patches and patch status.
(dict) --
The EffectivePatch structure defines metadata about a patch along with the approval state of the patch in a particular patch baseline. The approval state includes information about whether the patch is currently approved, due to be approved by a rule, explicitly approved, or explicitly rejected and the date the patch was or will be approved.
Patch (dict) --
Provides metadata for a patch, including information such as the KB ID, severity, classification and a URL for where more information can be obtained about the patch.
Id (string) --
The ID of the patch (this is different than the Microsoft Knowledge Base ID).
ReleaseDate (datetime) --
The date the patch was released.
Title (string) --
The title of the patch.
Description (string) --
The description of the patch.
ContentUrl (string) --
The URL where more information can be obtained about the patch.
Vendor (string) --
The name of the vendor providing the patch.
ProductFamily (string) --
The product family the patch is applicable for (for example, Windows).
Product (string) --
The specific product the patch is applicable for (for example, WindowsServer2016).
Classification (string) --
The classification of the patch (for example, SecurityUpdates, Updates, CriticalUpdates).
MsrcSeverity (string) --
The severity of the patch (for example Critical, Important, Moderate).
KbNumber (string) --
The Microsoft Knowledge Base ID of the patch.
MsrcNumber (string) --
The ID of the MSRC bulletin the patch is related to.
Language (string) --
The language of the patch if it’s language-specific.
PatchStatus (dict) --
The status of the patch in a patch baseline. This includes information about whether the patch is currently approved, due to be approved by a rule, explicitly approved, or explicitly rejected and the date the patch was or will be approved.
DeploymentStatus (string) --
The approval status of a patch (APPROVED, PENDING_APPROVAL, EXPLICIT_APPROVED, EXPLICIT_REJECTED).
ApprovalDate (datetime) --
The date the patch was approved (or will be approved if the status is PENDING_APPROVAL).
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
Lists the patch baselines in your AWS account.
See also: AWS API Documentation
Request Syntax
client.describe_patch_baselines(
Filters=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
MaxResults=123,
NextToken='string'
)
list
Each element in the array is a structure containing:
Key: (string, “NAME_PREFIX” or “OWNER”)
Value: (array of strings, exactly 1 entry, 1 ≤ length ≤ 255)
(dict) --
Defines a filter used in Patch Manager APIs.
Key (string) --
The key for the filter.
Values (list) --
The value for the filter.
(string) --
integer
The maximum number of patch baselines to return (per page).
string
The token for the next set of items to return. (You received this token from a previous call.)
dict
Response Syntax
{
'BaselineIdentities': [
{
'BaselineId': 'string',
'BaselineName': 'string',
'BaselineDescription': 'string',
'DefaultBaseline': True|False
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
BaselineIdentities (list) --
An array of PatchBaselineIdentity elements.
(dict) --
Defines the basic information about a patch baseline.
BaselineId (string) --
The ID of the patch baseline.
BaselineName (string) --
The name of the patch baseline.
BaselineDescription (string) --
The description of the patch baseline.
DefaultBaseline (boolean) --
Whether this is the default baseline.
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
Retrieves information about a patch baseline.
See also: AWS API Documentation
Request Syntax
client.get_patch_baseline(
BaselineId='string'
)
string
[REQUIRED]
The ID of the patch baseline to retrieve.
dict
Response Syntax
{
'BaselineId': 'string',
'Name': 'string',
'GlobalFilters': {
'PatchFilters': [
{
'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID',
'Values': [
'string',
]
},
]
},
'ApprovalRules': {
'PatchRules': [
{
'PatchFilterGroup': {
'PatchFilters': [
{
'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID',
'Values': [
'string',
]
},
]
},
'ApproveAfterDays': 123
},
]
},
'ApprovedPatches': [
'string',
],
'RejectedPatches': [
'string',
],
'PatchGroups': [
'string',
],
'CreatedDate': datetime(2015, 1, 1),
'ModifiedDate': datetime(2015, 1, 1),
'Description': 'string'
}
Response Structure
(dict) --
BaselineId (string) --
The ID of the retrieved patch baseline.
Name (string) --
The name of the patch baseline.
GlobalFilters (dict) --
A set of global filters used to exclude patches from the baseline.
PatchFilters (list) --
The set of patch filters that make up the group.
(dict) --
Defines a patch filter.
Key (string) --
The key for the filter (PRODUCT, CLASSIFICATION, MSRC_SEVERITY, PATCH_ID)
Values (list) --
The value for the filter key.
(string) --
ApprovalRules (dict) --
A set of rules used to include patches in the baseline.
PatchRules (list) --
The rules that make up the rule group.
(dict) --
Defines an approval rule for a patch baseline.
PatchFilterGroup (dict) --
The patch filter group that defines the criteria for the rule.
PatchFilters (list) --
The set of patch filters that make up the group.
(dict) --
Defines a patch filter.
Key (string) --
The key for the filter (PRODUCT, CLASSIFICATION, MSRC_SEVERITY, PATCH_ID)
Values (list) --
The value for the filter key.
(string) --
ApproveAfterDays (integer) --
The number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline.
ApprovedPatches (list) --
A list of explicitly approved patches for the baseline.
(string) --
RejectedPatches (list) --
A list of explicitly rejected patches for the baseline.
(string) --
PatchGroups (list) --
Patch groups included in the patch baseline.
(string) --
CreatedDate (datetime) --
The date the patch baseline was created.
ModifiedDate (datetime) --
The date the patch baseline was last modified.
Description (string) --
A description of the patch baseline.
Retrieves information about the patches on the specified instance and their state relative to the patch baseline being used for the instance.
See also: AWS API Documentation
Request Syntax
client.describe_instance_patches(
InstanceId='string',
Filters=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
NextToken='string',
MaxResults=123
)
string
[REQUIRED]
The ID of the instance whose patch state information should be retrieved.
list
Each entry in the array is a structure containing:
Key (string, 1 ≤ length ≤ 128)
Values (array of strings 1 ≤ length ≤ 256)
(dict) --
Defines a filter used in Patch Manager APIs.
Key (string) --
The key for the filter.
Values (list) --
The value for the filter.
(string) --
string
The token for the next set of items to return. (You received this token from a previous call.)
integer
The maximum number of patches to return (per page).
dict
Response Syntax
{
'Patches': [
{
'Title': 'string',
'KBId': 'string',
'Classification': 'string',
'Severity': 'string',
'State': 'INSTALLED'|'INSTALLED_OTHER'|'MISSING'|'NOT_APPLICABLE'|'FAILED',
'InstalledTime': datetime(2015, 1, 1)
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Patches (list) --
Each entry in the array is a structure containing:
Title (string)
KBId (string)
Classification (string)
Severity (string)
State (string – “INSTALLED”, “INSTALLED_OTHER”, “MISSING”, “NOT_APPLICABLE”, “FAILED”)
InstalledTime (DateTime)
InstalledBy (string)
(dict) --
Information about the state of a patch on a particular instance as it relates to the patch baseline used to patch the instance.
Title (string) --
The title of the patch.
KBId (string) --
The Microsoft Knowledge Base ID of the patch.
Classification (string) --
The classification of the patch (for example, SecurityUpdates, Updates, CriticalUpdates).
Severity (string) --
The severity of the patch (for example, Critical, Important, Moderate).
State (string) --
The state of the patch on the instance (INSTALLED, INSTALLED_OTHER, MISSING, NOT_APPLICABLE or FAILED).
InstalledTime (datetime) --
The date/time the patch was installed on the instance.
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
Creates a patch baseline.
See also: AWS API Documentation
Request Syntax
client.create_patch_baseline(
Name='string',
GlobalFilters={
'PatchFilters': [
{
'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID',
'Values': [
'string',
]
},
]
},
ApprovalRules={
'PatchRules': [
{
'PatchFilterGroup': {
'PatchFilters': [
{
'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID',
'Values': [
'string',
]
},
]
},
'ApproveAfterDays': 123
},
]
},
ApprovedPatches=[
'string',
],
RejectedPatches=[
'string',
],
Description='string',
ClientToken='string'
)
string
[REQUIRED]
The name of the patch baseline.
dict
A set of global filters used to exclude patches from the baseline.
PatchFilters (list) -- [REQUIRED]
The set of patch filters that make up the group.
(dict) --
Defines a patch filter.
Key (string) -- [REQUIRED]
The key for the filter (PRODUCT, CLASSIFICATION, MSRC_SEVERITY, PATCH_ID)
Values (list) -- [REQUIRED]
The value for the filter key.
(string) --
dict
A set of rules used to include patches in the baseline.
PatchRules (list) -- [REQUIRED]
The rules that make up the rule group.
(dict) --
Defines an approval rule for a patch baseline.
PatchFilterGroup (dict) -- [REQUIRED]
The patch filter group that defines the criteria for the rule.
PatchFilters (list) -- [REQUIRED]
The set of patch filters that make up the group.
(dict) --
Defines a patch filter.
Key (string) -- [REQUIRED]
The key for the filter (PRODUCT, CLASSIFICATION, MSRC_SEVERITY, PATCH_ID)
Values (list) -- [REQUIRED]
The value for the filter key.
(string) --
ApproveAfterDays (integer) -- [REQUIRED]
The number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline.
list
A list of explicitly approved patches for the baseline.
(string) --
list
A list of explicitly rejected patches for the baseline.
(string) --
string
A description of the patch baseline.
string
Caller-provided idempotency token.
This field is autopopulated if not provided.
dict
Response Syntax
{
'BaselineId': 'string'
}
Response Structure
(dict) --
BaselineId (string) --
The ID of the created patch baseline.
Modifies an existing patch baseline. Fields not specified in the request are left unchanged.
See also: AWS API Documentation
Request Syntax
client.update_patch_baseline(
BaselineId='string',
Name='string',
GlobalFilters={
'PatchFilters': [
{
'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID',
'Values': [
'string',
]
},
]
},
ApprovalRules={
'PatchRules': [
{
'PatchFilterGroup': {
'PatchFilters': [
{
'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID',
'Values': [
'string',
]
},
]
},
'ApproveAfterDays': 123
},
]
},
ApprovedPatches=[
'string',
],
RejectedPatches=[
'string',
],
Description='string'
)
string
[REQUIRED]
The ID of the patch baseline to update.
string
The name of the patch baseline.
dict
A set of global filters used to exclude patches from the baseline.
PatchFilters (list) -- [REQUIRED]
The set of patch filters that make up the group.
(dict) --
Defines a patch filter.
Key (string) -- [REQUIRED]
The key for the filter (PRODUCT, CLASSIFICATION, MSRC_SEVERITY, PATCH_ID)
Values (list) -- [REQUIRED]
The value for the filter key.
(string) --
dict
A set of rules used to include patches in the baseline.
PatchRules (list) -- [REQUIRED]
The rules that make up the rule group.
(dict) --
Defines an approval rule for a patch baseline.
PatchFilterGroup (dict) -- [REQUIRED]
The patch filter group that defines the criteria for the rule.
PatchFilters (list) -- [REQUIRED]
The set of patch filters that make up the group.
(dict) --
Defines a patch filter.
Key (string) -- [REQUIRED]
The key for the filter (PRODUCT, CLASSIFICATION, MSRC_SEVERITY, PATCH_ID)
Values (list) -- [REQUIRED]
The value for the filter key.
(string) --
ApproveAfterDays (integer) -- [REQUIRED]
The number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline.
list
A list of explicitly approved patches for the baseline.
(string) --
list
A list of explicitly rejected patches for the baseline.
(string) --
string
A description of the patch baseline.
dict
Response Syntax
{
'BaselineId': 'string',
'Name': 'string',
'GlobalFilters': {
'PatchFilters': [
{
'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID',
'Values': [
'string',
]
},
]
},
'ApprovalRules': {
'PatchRules': [
{
'PatchFilterGroup': {
'PatchFilters': [
{
'Key': 'PRODUCT'|'CLASSIFICATION'|'MSRC_SEVERITY'|'PATCH_ID',
'Values': [
'string',
]
},
]
},
'ApproveAfterDays': 123
},
]
},
'ApprovedPatches': [
'string',
],
'RejectedPatches': [
'string',
],
'CreatedDate': datetime(2015, 1, 1),
'ModifiedDate': datetime(2015, 1, 1),
'Description': 'string'
}
Response Structure
(dict) --
BaselineId (string) --
The ID of the deleted patch baseline.
Name (string) --
The name of the patch baseline.
GlobalFilters (dict) --
A set of global filters used to exclude patches from the baseline.
PatchFilters (list) --
The set of patch filters that make up the group.
(dict) --
Defines a patch filter.
Key (string) --
The key for the filter (PRODUCT, CLASSIFICATION, MSRC_SEVERITY, PATCH_ID)
Values (list) --
The value for the filter key.
(string) --
ApprovalRules (dict) --
A set of rules used to include patches in the baseline.
PatchRules (list) --
The rules that make up the rule group.
(dict) --
Defines an approval rule for a patch baseline.
PatchFilterGroup (dict) --
The patch filter group that defines the criteria for the rule.
PatchFilters (list) --
The set of patch filters that make up the group.
(dict) --
Defines a patch filter.
Key (string) --
The key for the filter (PRODUCT, CLASSIFICATION, MSRC_SEVERITY, PATCH_ID)
Values (list) --
The value for the filter key.
(string) --
ApproveAfterDays (integer) --
The number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline.
ApprovedPatches (list) --
A list of explicitly approved patches for the baseline.
(string) --
RejectedPatches (list) --
A list of explicitly rejected patches for the baseline.
(string) --
CreatedDate (datetime) --
The date when the patch baseline was created.
ModifiedDate (datetime) --
The date when the patch baseline was last modified.
Description (string) --
A description of the Patch Baseline.
Deletes a patch baseline.
See also: AWS API Documentation
Request Syntax
client.delete_patch_baseline(
BaselineId='string'
)
string
[REQUIRED]
The ID of the patch baseline to delete.
dict
Response Syntax
{
'BaselineId': 'string'
}
Response Structure
(dict) --
BaselineId (string) --
The ID of the deleted patch baseline.
Registers a patch baseline for a patch group.
See also: AWS API Documentation
Request Syntax
client.register_patch_baseline_for_patch_group(
BaselineId='string',
PatchGroup='string'
)
string
[REQUIRED]
The ID of the patch baseline to register the patch group with.
string
[REQUIRED]
The name of the patch group that should be registered with the patch baseline.
dict
Response Syntax
{
'BaselineId': 'string',
'PatchGroup': 'string'
}
Response Structure
(dict) --
BaselineId (string) --
The ID of the patch baseline the patch group was registered with.
PatchGroup (string) --
The name of the patch group registered with the patch baseline.
Defines the default patch baseline.
See also: AWS API Documentation
Request Syntax
client.register_default_patch_baseline(
BaselineId='string'
)
string
[REQUIRED]
The ID of the patch baseline that should be the default patch baseline.
dict
Response Syntax
{
'BaselineId': 'string'
}
Response Structure
(dict) --
BaselineId (string) --
The ID of the default patch baseline.
Returns high-level aggregated patch compliance state for a patch group.
See also: AWS API Documentation
Request Syntax
client.describe_patch_group_state(
PatchGroup='string'
)
string
[REQUIRED]
The name of the patch group whose patch snapshot should be retrieved.
dict
Response Syntax
{
'Instances': 123,
'InstancesWithInstalledPatches': 123,
'InstancesWithInstalledOtherPatches': 123,
'InstancesWithMissingPatches': 123,
'InstancesWithFailedPatches': 123,
'InstancesWithNotApplicablePatches': 123
}
Response Structure
(dict) --
Instances (integer) --
The number of instances in the patch group.
InstancesWithInstalledPatches (integer) --
The number of instances with installed patches.
InstancesWithInstalledOtherPatches (integer) --
The number of instances with patches installed that aren’t defined in the patch baseline.
InstancesWithMissingPatches (integer) --
The number of instances with missing patches from the patch baseline.
InstancesWithFailedPatches (integer) --
The number of instances with patches from the patch baseline that failed to install.
InstancesWithNotApplicablePatches (integer) --
The number of instances with patches that aren’t applicable.
Lists all patch groups that have been registered with patch baselines.
See also: AWS API Documentation
Request Syntax
client.describe_patch_groups(
MaxResults=123,
NextToken='string'
)
integer
The maximum number of patch groups to return (per page).
string
The token for the next set of items to return. (You received this token from a previous call.)
dict
Response Syntax
{
'Mappings': [
{
'PatchGroup': 'string',
'BaselineIdentity': {
'BaselineId': 'string',
'BaselineName': 'string',
'BaselineDescription': 'string',
'DefaultBaseline': True|False
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Mappings (list) --
Each entry in the array contains:
PatchGroup: string (1 ≤ length ≤ 256, Regex: ^([p{L}p{Z}p{N}_.:/=+-@]*)$)
PatchBaselineIdentity: A PatchBaselineIdentity element.
(dict) --
The mapping between a patch group and the patch baseline the patch group is registered with.
PatchGroup (string) --
The name of the patch group registered with the patch baseline.
BaselineIdentity (dict) --
The patch baseline the patch group is registered with.
BaselineId (string) --
The ID of the patch baseline.
BaselineName (string) --
The name of the patch baseline.
BaselineDescription (string) --
The description of the patch baseline.
DefaultBaseline (boolean) --
Whether this is the default baseline.
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
Retrieves the high-level patch state of one or more instances.
See also: AWS API Documentation
Request Syntax
client.describe_instance_patch_states(
InstanceIds=[
'string',
],
NextToken='string',
MaxResults=123
)
list
[REQUIRED]
The ID of the instance whose patch state information should be retrieved.
(string) --
string
The token for the next set of items to return. (You received this token from a previous call.)
integer
The maximum number of instances to return (per page).
dict
Response Syntax
{
'InstancePatchStates': [
{
'InstanceId': 'string',
'PatchGroup': 'string',
'BaselineId': 'string',
'SnapshotId': 'string',
'OwnerInformation': 'string',
'InstalledCount': 123,
'InstalledOtherCount': 123,
'MissingCount': 123,
'FailedCount': 123,
'NotApplicableCount': 123,
'OperationStartTime': datetime(2015, 1, 1),
'OperationEndTime': datetime(2015, 1, 1),
'Operation': 'Scan'|'Install'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
InstancePatchStates (list) --
The high-level patch state for the requested instances.
(dict) --
Defines the high-level patch compliance state for a managed instance, providing information about the number of installed, missing, not applicable, and failed patches along with metadata about the operation when this information was gathered for the instance.
InstanceId (string) --
The ID of the managed instance the high-level patch compliance information was collected for.
PatchGroup (string) --
The name of the patch group the managed instance belongs to.
BaselineId (string) --
The ID of the patch baseline used to patch the instance.
SnapshotId (string) --
The ID of the patch baseline snapshot used during the patching operation when this compliance data was collected.
OwnerInformation (string) --
Placeholder information, this field will always be empty in the current release of the service.
InstalledCount (integer) --
The number of patches from the patch baseline that are installed on the instance.
InstalledOtherCount (integer) --
The number of patches not specified in the patch baseline that are installed on the instance.
MissingCount (integer) --
The number of patches from the patch baseline that are applicable for the instance but aren’t currently installed.
FailedCount (integer) --
The number of patches from the patch baseline that were attempted to be installed during the last patching operation, but failed to install.
NotApplicableCount (integer) --
The number of patches from the patch baseline that aren’t applicable for the instance and hence aren’t installed on the instance.
OperationStartTime (datetime) --
The time the most recent patching operation was started on the instance.
OperationEndTime (datetime) --
The time the most recent patching operation completed on the instance.
Operation (string) --
The type of patching operation that was performed: SCAN (assess patch compliance state) or INSTALL (install missing patches).
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.