2017/08/14 - Amazon Simple Systems Manager (SSM) - 8 new 14 updated api methods
Changes Systems Manager Maintenance Windows include the following changes or enhancements: New task options using Systems Manager Automation, AWS Lambda, and AWS Step Functions; enhanced ability to edit the targets of a Maintenance Window, including specifying a target name and description, and ability to edit the owner field; enhanced ability to edits tasks; enhanced support for Run Command parameters; and you can now use a --safe flag when attempting to deregister a target. If this flag is enabled when you attempt to deregister a target, the system returns an error if the target is referenced by any task. Also, Systems Manager now includes Configuration Compliance to scan your fleet of managed instances for patch compliance and configuration inconsistencies. You can collect and aggregate data from multiple AWS accounts and Regions, and then drill down into specific resources that aren't compliant.
Modifies a task assigned to a Maintenance Window. You can't change the task type, but you can change the following:
The Task Arn. For example, you can change a RUN_COMMAND task from AWS-RunPowerShellScript to AWS-RunShellScript.
The service role ARN.
The task parameters.
The task priority.
The task MaxConcurrency and MaxErrors.
The log location.
If a parameter is null, then the corresponding field is not modified. Also, if you set Replace to true, then all fields required by the RegisterTaskWithMaintenanceWindow operation are required for this request. Optional fields that aren't specified are be set to null.
See also: AWS API Documentation
Request Syntax
client.update_maintenance_window_task(
WindowId='string',
WindowTaskId='string',
Targets=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
TaskArn='string',
ServiceRoleArn='string',
TaskParameters={
'string': {
'Values': [
'string',
]
}
},
TaskInvocationParameters={
'RunCommand': {
'Comment': 'string',
'DocumentHash': 'string',
'DocumentHashType': 'Sha256'|'Sha1',
'NotificationConfig': {
'NotificationArn': 'string',
'NotificationEvents': [
'All'|'InProgress'|'Success'|'TimedOut'|'Cancelled'|'Failed',
],
'NotificationType': 'Command'|'Invocation'
},
'OutputS3BucketName': 'string',
'OutputS3KeyPrefix': 'string',
'Parameters': {
'string': [
'string',
]
},
'ServiceRoleArn': 'string',
'TimeoutSeconds': 123
},
'Automation': {
'DocumentVersion': 'string',
'Parameters': {
'string': [
'string',
]
}
},
'StepFunctions': {
'Input': 'string',
'Name': 'string'
},
'Lambda': {
'ClientContext': 'string',
'Qualifier': 'string',
'Payload': b'bytes'
}
},
Priority=123,
MaxConcurrency='string',
MaxErrors='string',
LoggingInfo={
'S3BucketName': 'string',
'S3KeyPrefix': 'string',
'S3Region': 'string'
},
Name='string',
Description='string',
Replace=True|False
)
string
[REQUIRED]
The Maintenance Window ID that contains the task that you want to modify.
string
[REQUIRED]
The task ID that you want to modify.
list
The targets (either instances or tags) that you want to modify. Instances are specified using Key=instanceids,Values=instanceID_1,instanceID_2. Tags are specified using Key=tag_name,Values=tag_value.
(dict) --
An array of search criteria that targets instances using a Key,Value combination that you specify. Targets is required if you don't provide one or more instance IDs in the call.
Key (string) --
User-defined criteria for sending commands that target instances that meet the criteria. Key can be tag:<Amazon EC2 tag> or InstanceIds. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
Values (list) --
User-defined criteria that maps to Key. For example, if you specified tag:ServerRole, you could specify value:WebServer to execute a command on instances that include Amazon EC2 tags of ServerRole,WebServer. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
(string) --
string
The task ARN that you want to modify.
string
The IAM service role ARN that you want to modify. The system assumes this role during task exectuion.
dict
The parameters that you want to modify. The map has the following format:
Key: string, between 1 and 255 characters
Value: an array of strings, each string is between 1 and 255 characters
(string) --
(dict) --
Defines the values for a task parameter.
Values (list) --
This field contains an array of 0 or more strings, each 1 to 255 characters in length.
(string) --
dict
Parameters the task should use during execution. Populate only the fields that match the task type. All other fields should be empty.
RunCommand (dict) --
Parameters for a RUN_COMMAND task type.
Comment (string) --
Information about the command(s) to execute.
DocumentHash (string) --
The Sha256 or Sha1 hash created by the system when the document was created. Sha1 hashes have been deprecated.
DocumentHashType (string) --
Sha256 or Sha1. Sha1 hashes have been deprecated.
NotificationConfig (dict) --
Configurations for sending notifications about command status changes on a per instance basis.
NotificationArn (string) --
An Amazon Resource Name (ARN) for a Simple Notification Service (SNS) topic. Run Command pushes notifications about command status changes to this topic.
NotificationEvents (list) --
The different events for which you can receive notifications. These events include the following: All (events), InProgress, Success, TimedOut, Cancelled, Failed. To learn more about these events, see Setting Up Events and Notifications in the Amazon EC2 Systems Manager User Guide .
(string) --
NotificationType (string) --
Command: Receive notification when the status of a command changes. Invocation: For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.
OutputS3BucketName (string) --
The name of the Amazon S3 bucket.
OutputS3KeyPrefix (string) --
The Amazon S3 bucket subfolder.
Parameters (dict) --
Parameters for the RUN_COMMAND task execution.
(string) --
(list) --
(string) --
ServiceRoleArn (string) --
The IAM service role that to assume during task execution.
TimeoutSeconds (integer) --
If this time is reached and the command has not already started executing, it will not execute.
Automation (dict) --
Parameters for a AUTOMATION task type.
DocumentVersion (string) --
The version of an SSM Automation document to use during task execution.
Parameters (dict) --
Parameters for the AUTOMATION task.
(string) --
(list) --
(string) --
StepFunctions (dict) --
Parameters for a STEP_FUNCTION task type.
Input (string) --
The inputs for the STEP_FUNCTION task.
Name (string) --
The name of the STEP_FUNCTION task.
Lambda (dict) --
Parameters for a LAMBDA task type.
ClientContext (string) --
Using the ClientContext you can pass client-specific information to the Lambda function you are invoking. You can then process the client information in your Lambda function as you choose through the context variable.
Qualifier (string) --
You can use this optional parameter to specify a Lambda function version or alias name. If you specify a function version, the API uses the qualified function ARN to invoke a specific Lambda function. If you specify an alias name, the API uses the alias ARN to invoke the Lambda function version to which the alias points.
Payload (bytes) --
JSON that you want to provide to your Lambda function as input.
integer
The new task priority that you want to specify. The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel.
string
The new MaxConcurrency value you want to specify. MaxConcurrency is the number of targets that are allowed to run this task in parallel.
string
The new MaxErrors value you want to specify. MaxErrors is the maximum number of errors that are allowed before the task stops being scheduled.
dict
The new logging location in Amazon S3 that you want to specify.
S3BucketName (string) -- [REQUIRED]
The name of an Amazon S3 bucket where execution logs are stored .
S3KeyPrefix (string) --
(Optional) The Amazon S3 bucket subfolder.
S3Region (string) -- [REQUIRED]
The region where the Amazon S3 bucket is located.
string
The new task name that you want to specify.
string
The new task description that you want to specify.
boolean
If you specify True, then all fields that are required by the RegisterTaskWithMaintenanceWndow API are also required for this API request. Optional fields that are not specified will be set to null.
dict
Response Syntax
{
'WindowId': 'string',
'WindowTaskId': 'string',
'Targets': [
{
'Key': 'string',
'Values': [
'string',
]
},
],
'TaskArn': 'string',
'ServiceRoleArn': 'string',
'TaskParameters': {
'string': {
'Values': [
'string',
]
}
},
'TaskInvocationParameters': {
'RunCommand': {
'Comment': 'string',
'DocumentHash': 'string',
'DocumentHashType': 'Sha256'|'Sha1',
'NotificationConfig': {
'NotificationArn': 'string',
'NotificationEvents': [
'All'|'InProgress'|'Success'|'TimedOut'|'Cancelled'|'Failed',
],
'NotificationType': 'Command'|'Invocation'
},
'OutputS3BucketName': 'string',
'OutputS3KeyPrefix': 'string',
'Parameters': {
'string': [
'string',
]
},
'ServiceRoleArn': 'string',
'TimeoutSeconds': 123
},
'Automation': {
'DocumentVersion': 'string',
'Parameters': {
'string': [
'string',
]
}
},
'StepFunctions': {
'Input': 'string',
'Name': 'string'
},
'Lambda': {
'ClientContext': 'string',
'Qualifier': 'string',
'Payload': b'bytes'
}
},
'Priority': 123,
'MaxConcurrency': 'string',
'MaxErrors': 'string',
'LoggingInfo': {
'S3BucketName': 'string',
'S3KeyPrefix': 'string',
'S3Region': 'string'
},
'Name': 'string',
'Description': 'string'
}
Response Structure
(dict) --
WindowId (string) --
The Maintenance Window ID that was updated.
WindowTaskId (string) --
The Maintenance Window task ID that was updated.
Targets (list) --
The updated target values.
(dict) --
An array of search criteria that targets instances using a Key,Value combination that you specify. Targets is required if you don't provide one or more instance IDs in the call.
Key (string) --
User-defined criteria for sending commands that target instances that meet the criteria. Key can be tag:<Amazon EC2 tag> or InstanceIds. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
Values (list) --
User-defined criteria that maps to Key. For example, if you specified tag:ServerRole, you could specify value:WebServer to execute a command on instances that include Amazon EC2 tags of ServerRole,WebServer. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
(string) --
TaskArn (string) --
The updated task ARN value.
ServiceRoleArn (string) --
The updated service role ARN value.
TaskParameters (dict) --
The updated parameter values.
(string) --
(dict) --
Defines the values for a task parameter.
Values (list) --
This field contains an array of 0 or more strings, each 1 to 255 characters in length.
(string) --
TaskInvocationParameters (dict) --
The updated parameter values.
RunCommand (dict) --
Parameters for a RUN_COMMAND task type.
Comment (string) --
Information about the command(s) to execute.
DocumentHash (string) --
The Sha256 or Sha1 hash created by the system when the document was created. Sha1 hashes have been deprecated.
DocumentHashType (string) --
Sha256 or Sha1. Sha1 hashes have been deprecated.
NotificationConfig (dict) --
Configurations for sending notifications about command status changes on a per instance basis.
NotificationArn (string) --
An Amazon Resource Name (ARN) for a Simple Notification Service (SNS) topic. Run Command pushes notifications about command status changes to this topic.
NotificationEvents (list) --
The different events for which you can receive notifications. These events include the following: All (events), InProgress, Success, TimedOut, Cancelled, Failed. To learn more about these events, see Setting Up Events and Notifications in the Amazon EC2 Systems Manager User Guide .
(string) --
NotificationType (string) --
Command: Receive notification when the status of a command changes. Invocation: For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.
OutputS3BucketName (string) --
The name of the Amazon S3 bucket.
OutputS3KeyPrefix (string) --
The Amazon S3 bucket subfolder.
Parameters (dict) --
Parameters for the RUN_COMMAND task execution.
(string) --
(list) --
(string) --
ServiceRoleArn (string) --
The IAM service role that to assume during task execution.
TimeoutSeconds (integer) --
If this time is reached and the command has not already started executing, it will not execute.
Automation (dict) --
Parameters for a AUTOMATION task type.
DocumentVersion (string) --
The version of an SSM Automation document to use during task execution.
Parameters (dict) --
Parameters for the AUTOMATION task.
(string) --
(list) --
(string) --
StepFunctions (dict) --
Parameters for a STEP_FUNCTION task type.
Input (string) --
The inputs for the STEP_FUNCTION task.
Name (string) --
The name of the STEP_FUNCTION task.
Lambda (dict) --
Parameters for a LAMBDA task type.
ClientContext (string) --
Using the ClientContext you can pass client-specific information to the Lambda function you are invoking. You can then process the client information in your Lambda function as you choose through the context variable.
Qualifier (string) --
You can use this optional parameter to specify a Lambda function version or alias name. If you specify a function version, the API uses the qualified function ARN to invoke a specific Lambda function. If you specify an alias name, the API uses the alias ARN to invoke the Lambda function version to which the alias points.
Payload (bytes) --
JSON that you want to provide to your Lambda function as input.
Priority (integer) --
The updated priority value.
MaxConcurrency (string) --
The updated MaxConcurrency value.
MaxErrors (string) --
The updated MaxErrors value.
LoggingInfo (dict) --
The updated logging information in Amazon S3.
S3BucketName (string) --
The name of an Amazon S3 bucket where execution logs are stored .
S3KeyPrefix (string) --
(Optional) The Amazon S3 bucket subfolder.
S3Region (string) --
The region where the Amazon S3 bucket is located.
Name (string) --
The updated task name.
Description (string) --
The updated task description.
For a specified resource ID, this API returns a list of compliance statuses for different resource types. Currently, you can only specify one resource ID per call. List results depend on the criteria specified in the filter.
See also: AWS API Documentation
Request Syntax
client.list_compliance_items(
Filters=[
{
'Key': 'string',
'Values': [
'string',
],
'Type': 'EQUAL'|'NOT_EQUAL'|'BEGIN_WITH'|'LESS_THAN'|'GREATER_THAN'
},
],
ResourceIds=[
'string',
],
ResourceTypes=[
'string',
],
NextToken='string',
MaxResults=123
)
list
One or more compliance filters. Use a filter to return a more specific list of results.
(dict) --
One or more filters. Use a filter to return a more specific list of results.
Key (string) --
The name of the filter.
Values (list) --
The value you want to search for.
(string) --
Type (string) --
The type of comparison that should be performed for the value: Equal, NotEqual, BeginWith, LessThan, or GreaterThan.
list
The ID for the resources from which you want to get compliance information. Currently, you can only specify one resource ID.
(string) --
list
The type of resource from which you want to get compliance information. Currently, the only supported resource type is ManagedInstance .
(string) --
string
A token to start the list. Use this token to get the next set of results.
integer
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
dict
Response Syntax
{
'ComplianceItems': [
{
'ComplianceType': 'string',
'ResourceType': 'string',
'ResourceId': 'string',
'Id': 'string',
'Title': 'string',
'Status': 'COMPLIANT'|'NON_COMPLIANT',
'Severity': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
'ExecutionSummary': {
'ExecutionTime': datetime(2015, 1, 1),
'ExecutionId': 'string',
'ExecutionType': 'string'
},
'Details': {
'string': 'string'
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
ComplianceItems (list) --
A list of compliance information for the specified resource ID.
(dict) --
Information about the compliance as defined by the resource type. For example, for a patch resource type, Items includes information about the PatchSeverity, Classification, etc.
ComplianceType (string) --
The compliance type. For example, Association (for a State Manager association), Patch, or Custom: string are all valide compliance types.
ResourceType (string) --
The type of resource. ManagedInstance is currently the only supported resource type.
ResourceId (string) --
An ID for the resource. For a managed instance, this is the instance ID.
Id (string) --
An ID for the compliance item. For example, if the compliance item is a Windows patch, the ID could be the number of the KB article. Here's an example: KB4010320.
Title (string) --
A title for the compliance item. For example, if the compliance item is a Windows patch, the title could be the title of the KB article for the patch. Here's an example: Security Update for Active Directory Federation Services.
Status (string) --
The status of the compliance item. An item is either COMPLIANT or NON_COMPLIANT.
Severity (string) --
The severity of the compliance status. Severity can be one of the following: Critical, HIGH, Medium, Low, Informational, Unspecified.
ExecutionSummary (dict) --
A summary for the compliance item. The summary includes an execution ID, the execution type (for example, command), and the execution time.
ExecutionTime (datetime) --
The time the execution ran as a datetime object that is saved in the following format: yyyy-MM-dd'T'HH:mm:ss'Z'.
ExecutionId (string) --
An ID created by the system when PutComplianceItems was called. For example, CommandID is a valid execution ID. You can use this ID in subsequent calls.
ExecutionType (string) --
The type of execution. For example, Command is a valid execution type.
Details (dict) --
A "Key": "Value" tag combination for the compliance item.
(string) --
(string) --
NextToken (string) --
The token for the next set of items to return. Use this token to get the next set of results.
Returns a resource-level summary count. The summary includes information about compliant and non-compliant statuses and detailed compliance-item severity counts, according to the filter criteria you specify.
See also: AWS API Documentation
Request Syntax
client.list_resource_compliance_summaries(
Filters=[
{
'Key': 'string',
'Values': [
'string',
],
'Type': 'EQUAL'|'NOT_EQUAL'|'BEGIN_WITH'|'LESS_THAN'|'GREATER_THAN'
},
],
NextToken='string',
MaxResults=123
)
list
One or more filters. Use a filter to return a more specific list of results.
(dict) --
One or more filters. Use a filter to return a more specific list of results.
Key (string) --
The name of the filter.
Values (list) --
The value you want to search for.
(string) --
Type (string) --
The type of comparison that should be performed for the value: Equal, NotEqual, BeginWith, LessThan, or GreaterThan.
string
A token to start the list. Use this token to get the next set of results.
integer
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
dict
Response Syntax
{
'ResourceComplianceSummaryItems': [
{
'ComplianceType': 'string',
'ResourceType': 'string',
'ResourceId': 'string',
'Status': 'COMPLIANT'|'NON_COMPLIANT',
'OverallSeverity': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
'ExecutionSummary': {
'ExecutionTime': datetime(2015, 1, 1),
'ExecutionId': 'string',
'ExecutionType': 'string'
},
'CompliantSummary': {
'CompliantCount': 123,
'SeveritySummary': {
'CriticalCount': 123,
'HighCount': 123,
'MediumCount': 123,
'LowCount': 123,
'InformationalCount': 123,
'UnspecifiedCount': 123
}
},
'NonCompliantSummary': {
'NonCompliantCount': 123,
'SeveritySummary': {
'CriticalCount': 123,
'HighCount': 123,
'MediumCount': 123,
'LowCount': 123,
'InformationalCount': 123,
'UnspecifiedCount': 123
}
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
ResourceComplianceSummaryItems (list) --
A summary count for specified or targeted managed instances. Summary count includes information about compliant and non-compliant State Manager associations, patch statuses, or custom items according to the filter criteria you specify.
(dict) --
Compliance summary information for a specific resource.
ComplianceType (string) --
The compliance type.
ResourceType (string) --
The resource type.
ResourceId (string) --
The resource ID.
Status (string) --
The compliance status for the resource.
OverallSeverity (string) --
The highest severity item found for the resource. The resource is compliant for this item.
ExecutionSummary (dict) --
Information about the execution.
ExecutionTime (datetime) --
The time the execution ran as a datetime object that is saved in the following format: yyyy-MM-dd'T'HH:mm:ss'Z'.
ExecutionId (string) --
An ID created by the system when PutComplianceItems was called. For example, CommandID is a valid execution ID. You can use this ID in subsequent calls.
ExecutionType (string) --
The type of execution. For example, Command is a valid execution type.
CompliantSummary (dict) --
A list of items that are compliant for the resource.
CompliantCount (integer) --
The total number of resources that are compliant.
SeveritySummary (dict) --
A summary of the compliance severity by compliance type.
CriticalCount (integer) --
The total number of resources or compliance items that have a severity level of critical. Critical severity is determined by the organization that published the compliance items.
HighCount (integer) --
The total number of resources or compliance items that have a severity level of high. High severity is determined by the organization that published the compliance items.
MediumCount (integer) --
The total number of resources or compliance items that have a severity level of medium. Medium severity is determined by the organization that published the compliance items.
LowCount (integer) --
The total number of resources or compliance items that have a severity level of low. Low severity is determined by the organization that published the compliance items.
InformationalCount (integer) --
The total number of resources or compliance items that have a severity level of informational. Informational severity is determined by the organization that published the compliance items.
UnspecifiedCount (integer) --
The total number of resources or compliance items that have a severity level of unspecified. Unspecified severity is determined by the organization that published the compliance items.
NonCompliantSummary (dict) --
A list of items that aren't compliant for the resource.
NonCompliantCount (integer) --
The total number of compliance items that are not compliant.
SeveritySummary (dict) --
A summary of the non-compliance severity by compliance type
CriticalCount (integer) --
The total number of resources or compliance items that have a severity level of critical. Critical severity is determined by the organization that published the compliance items.
HighCount (integer) --
The total number of resources or compliance items that have a severity level of high. High severity is determined by the organization that published the compliance items.
MediumCount (integer) --
The total number of resources or compliance items that have a severity level of medium. Medium severity is determined by the organization that published the compliance items.
LowCount (integer) --
The total number of resources or compliance items that have a severity level of low. Low severity is determined by the organization that published the compliance items.
InformationalCount (integer) --
The total number of resources or compliance items that have a severity level of informational. Informational severity is determined by the organization that published the compliance items.
UnspecifiedCount (integer) --
The total number of resources or compliance items that have a severity level of unspecified. Unspecified severity is determined by the organization that published the compliance items.
NextToken (string) --
The token for the next set of items to return. Use this token to get the next set of results.
Modifies the target of an existing Maintenance Window. You can't change the target type, but you can change the following:
The target from being an ID target to a Tag target, or a Tag target to an ID target.
The IDs of an ID target.
The tags of a Tag target.
The Owner.
The Name.
The Description.
Also note that if a parameter is null, then the corresponding field is not modified.
See also: AWS API Documentation
Request Syntax
client.update_maintenance_window_target(
WindowId='string',
WindowTargetId='string',
Targets=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
OwnerInformation='string',
Name='string',
Description='string',
Replace=True|False
)
string
[REQUIRED]
The Maintenance Window ID for which you want to modify the target.
string
[REQUIRED]
The target ID that you want to modify.
list
The targets that you want to add or replace.
(dict) --
An array of search criteria that targets instances using a Key,Value combination that you specify. Targets is required if you don't provide one or more instance IDs in the call.
Key (string) --
User-defined criteria for sending commands that target instances that meet the criteria. Key can be tag:<Amazon EC2 tag> or InstanceIds. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
Values (list) --
User-defined criteria that maps to Key. For example, if you specified tag:ServerRole, you could specify value:WebServer to execute a command on instances that include Amazon EC2 tags of ServerRole,WebServer. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
(string) --
string
User-provided value that will be included in any CloudWatch events raised while running tasks for these targets in this Maintenance Window.
string
A name for the update.
string
An optional description for the update.
boolean
If you specify True, then all fields that are required by the RegisterTargetWithMaintenanceWindow API are also required for this API request. Optional fields that are not specified will be set to null.
dict
Response Syntax
{
'WindowId': 'string',
'WindowTargetId': 'string',
'Targets': [
{
'Key': 'string',
'Values': [
'string',
]
},
],
'OwnerInformation': 'string',
'Name': 'string',
'Description': 'string'
}
Response Structure
(dict) --
WindowId (string) --
The Maintenance Window ID specified in the update request.
WindowTargetId (string) --
The target ID specified in the update request.
Targets (list) --
The updated targets.
(dict) --
An array of search criteria that targets instances using a Key,Value combination that you specify. Targets is required if you don't provide one or more instance IDs in the call.
Key (string) --
User-defined criteria for sending commands that target instances that meet the criteria. Key can be tag:<Amazon EC2 tag> or InstanceIds. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
Values (list) --
User-defined criteria that maps to Key. For example, if you specified tag:ServerRole, you could specify value:WebServer to execute a command on instances that include Amazon EC2 tags of ServerRole,WebServer. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
(string) --
OwnerInformation (string) --
The updated owner.
Name (string) --
The updated name.
Description (string) --
The updated description.
Retrieves a task invocation. A task invocation is a specific task executing on a specific target. Maintenance Windows report status for all invocations.
See also: AWS API Documentation
Request Syntax
client.get_maintenance_window_execution_task_invocation(
WindowExecutionId='string',
TaskId='string',
InvocationId='string'
)
string
[REQUIRED]
The ID of the Maintenance Window execution the task is part of.
string
[REQUIRED]
The ID of the specific task in the Maintenance Window task that should be retrieved.
string
[REQUIRED]
The invocation ID to retrieve.
dict
Response Syntax
{
'WindowExecutionId': 'string',
'TaskExecutionId': 'string',
'InvocationId': 'string',
'ExecutionId': 'string',
'TaskType': 'RUN_COMMAND'|'AUTOMATION'|'STEP_FUNCTIONS'|'LAMBDA',
'Parameters': 'string',
'Status': 'PENDING'|'IN_PROGRESS'|'SUCCESS'|'FAILED'|'TIMED_OUT'|'CANCELLING'|'CANCELLED'|'SKIPPED_OVERLAPPING',
'StatusDetails': 'string',
'StartTime': datetime(2015, 1, 1),
'EndTime': datetime(2015, 1, 1),
'OwnerInformation': 'string',
'WindowTargetId': 'string'
}
Response Structure
(dict) --
WindowExecutionId (string) --
The Maintenance Window execution ID.
TaskExecutionId (string) --
The task execution ID.
InvocationId (string) --
The invocation ID.
ExecutionId (string) --
The execution ID.
TaskType (string) --
Retrieves the task type for a Maintenance Window. Task types include the following: LAMBDA, STEP_FUNCTION, AUTOMATION, RUN_COMMAND.
Parameters (string) --
The parameters used at the time the task executed.
Status (string) --
The task status for an invocation.
StatusDetails (string) --
The details explaining the status. Details are only available for certain status values.
StartTime (datetime) --
The time the task started executing on the target.
EndTime (datetime) --
The time the task finished executing on the target.
OwnerInformation (string) --
User-provided value that will be included in any CloudWatch events raised while running tasks for these targets in this Maintenance Window.
WindowTargetId (string) --
The Maintenance Window target ID.
Lists the tasks in a Maintenance Window.
See also: AWS API Documentation
Request Syntax
client.get_maintenance_window_task(
WindowId='string',
WindowTaskId='string'
)
string
[REQUIRED]
The Maintenance Window ID that includes the task to retrieve.
string
[REQUIRED]
The Maintenance Window task ID to retrieve.
dict
Response Syntax
{
'WindowId': 'string',
'WindowTaskId': 'string',
'Targets': [
{
'Key': 'string',
'Values': [
'string',
]
},
],
'TaskArn': 'string',
'ServiceRoleArn': 'string',
'TaskType': 'RUN_COMMAND'|'AUTOMATION'|'STEP_FUNCTIONS'|'LAMBDA',
'TaskParameters': {
'string': {
'Values': [
'string',
]
}
},
'TaskInvocationParameters': {
'RunCommand': {
'Comment': 'string',
'DocumentHash': 'string',
'DocumentHashType': 'Sha256'|'Sha1',
'NotificationConfig': {
'NotificationArn': 'string',
'NotificationEvents': [
'All'|'InProgress'|'Success'|'TimedOut'|'Cancelled'|'Failed',
],
'NotificationType': 'Command'|'Invocation'
},
'OutputS3BucketName': 'string',
'OutputS3KeyPrefix': 'string',
'Parameters': {
'string': [
'string',
]
},
'ServiceRoleArn': 'string',
'TimeoutSeconds': 123
},
'Automation': {
'DocumentVersion': 'string',
'Parameters': {
'string': [
'string',
]
}
},
'StepFunctions': {
'Input': 'string',
'Name': 'string'
},
'Lambda': {
'ClientContext': 'string',
'Qualifier': 'string',
'Payload': b'bytes'
}
},
'Priority': 123,
'MaxConcurrency': 'string',
'MaxErrors': 'string',
'LoggingInfo': {
'S3BucketName': 'string',
'S3KeyPrefix': 'string',
'S3Region': 'string'
},
'Name': 'string',
'Description': 'string'
}
Response Structure
(dict) --
WindowId (string) --
The retrieved Maintenance Window ID.
WindowTaskId (string) --
The retrieved Maintenance Window task ID.
Targets (list) --
The targets where the task should execute.
(dict) --
An array of search criteria that targets instances using a Key,Value combination that you specify. Targets is required if you don't provide one or more instance IDs in the call.
Key (string) --
User-defined criteria for sending commands that target instances that meet the criteria. Key can be tag:<Amazon EC2 tag> or InstanceIds. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
Values (list) --
User-defined criteria that maps to Key. For example, if you specified tag:ServerRole, you could specify value:WebServer to execute a command on instances that include Amazon EC2 tags of ServerRole,WebServer. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
(string) --
TaskArn (string) --
TaskArn is the resource that the task used during execution. For RUN_COMMAND and AUTOMATION task types, the TaskArn is the SSM Document Name/ARN. For LAMBDA tasks, TaskArn is the Function Name/ARN. For STEP_FUNCTION tasks, the TaskArn is the State Machine ARN.
ServiceRoleArn (string) --
The IAM service role to assume during task execution.
TaskType (string) --
The type of task to execute.
TaskParameters (dict) --
The parameters to pass to the task when it executes.
(string) --
(dict) --
Defines the values for a task parameter.
Values (list) --
This field contains an array of 0 or more strings, each 1 to 255 characters in length.
(string) --
TaskInvocationParameters (dict) --
The parameters to pass to the task when it executes.
RunCommand (dict) --
Parameters for a RUN_COMMAND task type.
Comment (string) --
Information about the command(s) to execute.
DocumentHash (string) --
The Sha256 or Sha1 hash created by the system when the document was created. Sha1 hashes have been deprecated.
DocumentHashType (string) --
Sha256 or Sha1. Sha1 hashes have been deprecated.
NotificationConfig (dict) --
Configurations for sending notifications about command status changes on a per instance basis.
NotificationArn (string) --
An Amazon Resource Name (ARN) for a Simple Notification Service (SNS) topic. Run Command pushes notifications about command status changes to this topic.
NotificationEvents (list) --
The different events for which you can receive notifications. These events include the following: All (events), InProgress, Success, TimedOut, Cancelled, Failed. To learn more about these events, see Setting Up Events and Notifications in the Amazon EC2 Systems Manager User Guide .
(string) --
NotificationType (string) --
Command: Receive notification when the status of a command changes. Invocation: For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.
OutputS3BucketName (string) --
The name of the Amazon S3 bucket.
OutputS3KeyPrefix (string) --
The Amazon S3 bucket subfolder.
Parameters (dict) --
Parameters for the RUN_COMMAND task execution.
(string) --
(list) --
(string) --
ServiceRoleArn (string) --
The IAM service role that to assume during task execution.
TimeoutSeconds (integer) --
If this time is reached and the command has not already started executing, it will not execute.
Automation (dict) --
Parameters for a AUTOMATION task type.
DocumentVersion (string) --
The version of an SSM Automation document to use during task execution.
Parameters (dict) --
Parameters for the AUTOMATION task.
(string) --
(list) --
(string) --
StepFunctions (dict) --
Parameters for a STEP_FUNCTION task type.
Input (string) --
The inputs for the STEP_FUNCTION task.
Name (string) --
The name of the STEP_FUNCTION task.
Lambda (dict) --
Parameters for a LAMBDA task type.
ClientContext (string) --
Using the ClientContext you can pass client-specific information to the Lambda function you are invoking. You can then process the client information in your Lambda function as you choose through the context variable.
Qualifier (string) --
You can use this optional parameter to specify a Lambda function version or alias name. If you specify a function version, the API uses the qualified function ARN to invoke a specific Lambda function. If you specify an alias name, the API uses the alias ARN to invoke the Lambda function version to which the alias points.
Payload (bytes) --
JSON that you want to provide to your Lambda function as input.
Priority (integer) --
The priority of the task when it executes. The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel.
MaxConcurrency (string) --
The maximum number of targets allowed to run this task in parallel.
MaxErrors (string) --
The maximum number of errors allowed before the task stops being scheduled.
LoggingInfo (dict) --
The location in Amazon S3 where the task results will be logged.
S3BucketName (string) --
The name of an Amazon S3 bucket where execution logs are stored .
S3KeyPrefix (string) --
(Optional) The Amazon S3 bucket subfolder.
S3Region (string) --
The region where the Amazon S3 bucket is located.
Name (string) --
The retrieved task name.
Description (string) --
The retrieved task description.
Returns a summary count of compliant and non-compliant resources for a compliance type. For example, this call can return State Manager associations, patches, or custom compliance types according to the filter criteria you specify.
See also: AWS API Documentation
Request Syntax
client.list_compliance_summaries(
Filters=[
{
'Key': 'string',
'Values': [
'string',
],
'Type': 'EQUAL'|'NOT_EQUAL'|'BEGIN_WITH'|'LESS_THAN'|'GREATER_THAN'
},
],
NextToken='string',
MaxResults=123
)
list
One or more compliance or inventory filters. Use a filter to return a more specific list of results.
(dict) --
One or more filters. Use a filter to return a more specific list of results.
Key (string) --
The name of the filter.
Values (list) --
The value you want to search for.
(string) --
Type (string) --
The type of comparison that should be performed for the value: Equal, NotEqual, BeginWith, LessThan, or GreaterThan.
string
A token to start the list. Use this token to get the next set of results.
integer
The maximum number of items to return for this call. Currently, you can specify null or 50. The call also returns a token that you can specify in a subsequent call to get the next set of results.
dict
Response Syntax
{
'ComplianceSummaryItems': [
{
'ComplianceType': 'string',
'CompliantSummary': {
'CompliantCount': 123,
'SeveritySummary': {
'CriticalCount': 123,
'HighCount': 123,
'MediumCount': 123,
'LowCount': 123,
'InformationalCount': 123,
'UnspecifiedCount': 123
}
},
'NonCompliantSummary': {
'NonCompliantCount': 123,
'SeveritySummary': {
'CriticalCount': 123,
'HighCount': 123,
'MediumCount': 123,
'LowCount': 123,
'InformationalCount': 123,
'UnspecifiedCount': 123
}
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
ComplianceSummaryItems (list) --
A list of compliant and non-compliant summary counts based on compliance types. For example, this call returns State Manager associations, patches, or custom compliance types according to the filter criteria you specified.
(dict) --
A summary of compliance information by compliance type.
ComplianceType (string) --
The type of compliance item. For example, the compliance type can be Association, Patch, or Custom:string.
CompliantSummary (dict) --
A list of COMPLIANT items for the specified compliance type.
CompliantCount (integer) --
The total number of resources that are compliant.
SeveritySummary (dict) --
A summary of the compliance severity by compliance type.
CriticalCount (integer) --
The total number of resources or compliance items that have a severity level of critical. Critical severity is determined by the organization that published the compliance items.
HighCount (integer) --
The total number of resources or compliance items that have a severity level of high. High severity is determined by the organization that published the compliance items.
MediumCount (integer) --
The total number of resources or compliance items that have a severity level of medium. Medium severity is determined by the organization that published the compliance items.
LowCount (integer) --
The total number of resources or compliance items that have a severity level of low. Low severity is determined by the organization that published the compliance items.
InformationalCount (integer) --
The total number of resources or compliance items that have a severity level of informational. Informational severity is determined by the organization that published the compliance items.
UnspecifiedCount (integer) --
The total number of resources or compliance items that have a severity level of unspecified. Unspecified severity is determined by the organization that published the compliance items.
NonCompliantSummary (dict) --
A list of NON_COMPLIANT items for the specified compliance type.
NonCompliantCount (integer) --
The total number of compliance items that are not compliant.
SeveritySummary (dict) --
A summary of the non-compliance severity by compliance type
CriticalCount (integer) --
The total number of resources or compliance items that have a severity level of critical. Critical severity is determined by the organization that published the compliance items.
HighCount (integer) --
The total number of resources or compliance items that have a severity level of high. High severity is determined by the organization that published the compliance items.
MediumCount (integer) --
The total number of resources or compliance items that have a severity level of medium. Medium severity is determined by the organization that published the compliance items.
LowCount (integer) --
The total number of resources or compliance items that have a severity level of low. Low severity is determined by the organization that published the compliance items.
InformationalCount (integer) --
The total number of resources or compliance items that have a severity level of informational. Informational severity is determined by the organization that published the compliance items.
UnspecifiedCount (integer) --
The total number of resources or compliance items that have a severity level of unspecified. Unspecified severity is determined by the organization that published the compliance items.
NextToken (string) --
The token for the next set of items to return. Use this token to get the next set of results.
Registers a compliance type and other compliance details on a designated resource. This API lets you register custom compliance details with a resource. This call overwrites existing compliance information on the resource, so you must provide a full list of compliance items each time you send the request.
See also: AWS API Documentation
Request Syntax
client.put_compliance_items(
ResourceId='string',
ResourceType='string',
ComplianceType='string',
ExecutionSummary={
'ExecutionTime': datetime(2015, 1, 1),
'ExecutionId': 'string',
'ExecutionType': 'string'
},
Items=[
{
'Id': 'string',
'Title': 'string',
'Severity': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
'Status': 'COMPLIANT'|'NON_COMPLIANT',
'Details': {
'string': 'string'
}
},
],
ItemContentHash='string'
)
string
[REQUIRED]
Specify an ID for this resource. For a managed instance, this is the instance ID.
string
[REQUIRED]
Specify the type of resource. ManagedInstance is currently the only supported resource type.
string
[REQUIRED]
Specify the compliance type. For example, specify Association (for a State Manager association), Patch, or Custom: string .
dict
[REQUIRED]
A summary of the call execution that includes an execution ID, the type of execution (for example, Command ), and the date/time of the execution using a datetime object that is saved in the following format: yyyy-MM-dd'T'HH:mm:ss'Z'.
ExecutionTime (datetime) -- [REQUIRED]
The time the execution ran as a datetime object that is saved in the following format: yyyy-MM-dd'T'HH:mm:ss'Z'.
ExecutionId (string) --
An ID created by the system when PutComplianceItems was called. For example, CommandID is a valid execution ID. You can use this ID in subsequent calls.
ExecutionType (string) --
The type of execution. For example, Command is a valid execution type.
list
[REQUIRED]
Information about the compliance as defined by the resource type. For example, for a patch compliance type, Items includes information about the PatchSeverity, Classification, etc.
(dict) --
Information about a compliance item.
Id (string) --
The compliance item ID. For example, if the compliance item is a Windows patch, the ID could be the number of the KB article.
Title (string) --
The title of the compliance item. For example, if the compliance item is a Windows patch, the title could be the title of the KB article for the patch. Here's an example: Security Update for Active Directory Federation Services.
Severity (string) -- [REQUIRED]
The severity of the compliance status. Severity can be one of the following: Critical, High, Medium, Low, Informational, Unspecified.
Status (string) -- [REQUIRED]
The status of the compliance item. An item is either COMPLIANT or NON_COMPLIANT.
Details (dict) --
A "Key": "Value" tag combination for the compliance item.
(string) --
(string) --
string
MD5 or Sha256 content hash. The content hash is used to determine if existing information should be overwritten or ignored. If the content hashes match, ,the request to put compliance information is ignored.
dict
Response Syntax
{}
Response Structure
(dict) --
{'Description': 'string'}
Creates a new Maintenance Window.
See also: AWS API Documentation
Request Syntax
client.create_maintenance_window(
Name='string',
Description='string',
Schedule='string',
Duration=123,
Cutoff=123,
AllowUnassociatedTargets=True|False,
ClientToken='string'
)
string
[REQUIRED]
The name of the Maintenance Window.
string
An optional description for the Maintenance Window. We recommend specifying a description to help your organize your Maintenance Windows.
string
[REQUIRED]
The schedule of the Maintenance Window in the form of a cron or rate expression.
integer
[REQUIRED]
The duration of the Maintenance Window in hours.
integer
[REQUIRED]
The number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.
boolean
[REQUIRED]
Whether targets must be registered with the Maintenance Window before tasks can be defined for those targets.
string
User-provided idempotency token.
This field is autopopulated if not provided.
dict
Response Syntax
{
'WindowId': 'string'
}
Response Structure
(dict) --
WindowId (string) --
The ID of the created Maintenance Window.
{'Safe': 'boolean'}
Removes a target from a Maintenance Window.
See also: AWS API Documentation
Request Syntax
client.deregister_target_from_maintenance_window(
WindowId='string',
WindowTargetId='string',
Safe=True|False
)
string
[REQUIRED]
The ID of the Maintenance Window the target should be removed from.
string
[REQUIRED]
The ID of the target definition to remove.
boolean
The system checks if the target is being referenced by a task. If the target is being referenced, the system returns and error and does not deregister the target from the Maintenance Window.
dict
Response Syntax
{
'WindowId': 'string',
'WindowTargetId': 'string'
}
Response Structure
(dict) --
WindowId (string) --
The ID of the Maintenance Window the target was removed from.
WindowTargetId (string) --
The ID of the removed target definition.
{'WindowExecutionTaskInvocationIdentities': {'TaskType': 'RUN_COMMAND | '
'AUTOMATION | '
'STEP_FUNCTIONS | '
'LAMBDA'}}
Retrieves the individual task executions (one per target) for a particular task executed as part of a Maintenance Window execution.
See also: AWS API Documentation
Request Syntax
client.describe_maintenance_window_execution_task_invocations(
WindowExecutionId='string',
TaskId='string',
Filters=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
MaxResults=123,
NextToken='string'
)
string
[REQUIRED]
The ID of the Maintenance Window execution the task is part of.
string
[REQUIRED]
The ID of the specific task in the Maintenance Window task that should be retrieved.
list
Optional filters used to scope down the returned task invocations. The supported filter key is STATUS with the corresponding values PENDING, IN_PROGRESS, SUCCESS, FAILED, TIMED_OUT, CANCELLING, and CANCELLED.
(dict) --
Filter used in the request.
Key (string) --
The name of the filter.
Values (list) --
The filter values.
(string) --
integer
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
string
The token for the next set of items to return. (You received this token from a previous call.)
dict
Response Syntax
{
'WindowExecutionTaskInvocationIdentities': [
{
'WindowExecutionId': 'string',
'TaskExecutionId': 'string',
'InvocationId': 'string',
'ExecutionId': 'string',
'TaskType': 'RUN_COMMAND'|'AUTOMATION'|'STEP_FUNCTIONS'|'LAMBDA',
'Parameters': 'string',
'Status': 'PENDING'|'IN_PROGRESS'|'SUCCESS'|'FAILED'|'TIMED_OUT'|'CANCELLING'|'CANCELLED'|'SKIPPED_OVERLAPPING',
'StatusDetails': 'string',
'StartTime': datetime(2015, 1, 1),
'EndTime': datetime(2015, 1, 1),
'OwnerInformation': 'string',
'WindowTargetId': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
WindowExecutionTaskInvocationIdentities (list) --
Information about the task invocation results per invocation.
(dict) --
Describes the information about a task invocation for a particular target as part of a task execution performed as part of a Maintenance Window execution.
WindowExecutionId (string) --
The ID of the Maintenance Window execution that ran the task.
TaskExecutionId (string) --
The ID of the specific task execution in the Maintenance Window execution.
InvocationId (string) --
The ID of the task invocation.
ExecutionId (string) --
The ID of the action performed in the service that actually handled the task invocation. If the task type is RUN_COMMAND, this value is the command ID.
TaskType (string) --
The task type.
Parameters (string) --
The parameters that were provided for the invocation when it was executed.
Status (string) --
The status of the task invocation.
StatusDetails (string) --
The details explaining the status of the task invocation. Only available for certain Status values.
StartTime (datetime) --
The time the invocation started.
EndTime (datetime) --
The time the invocation finished.
OwnerInformation (string) --
User-provided value that was specified when the target was registered with the Maintenance Window. This was also included in any CloudWatch events raised during the task invocation.
WindowTargetId (string) --
The ID of the target definition in this Maintenance Window the invocation was performed for.
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
{'WindowExecutionTaskIdentities': {'TaskType': {'AUTOMATION',
'LAMBDA',
'STEP_FUNCTIONS'}}}
For a given Maintenance Window execution, lists the tasks that were executed.
See also: AWS API Documentation
Request Syntax
client.describe_maintenance_window_execution_tasks(
WindowExecutionId='string',
Filters=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
MaxResults=123,
NextToken='string'
)
string
[REQUIRED]
The ID of the Maintenance Window execution whose task executions should be retrieved.
list
Optional filters used to scope down the returned tasks. The supported filter key is STATUS with the corresponding values PENDING, IN_PROGRESS, SUCCESS, FAILED, TIMED_OUT, CANCELLING, and CANCELLED.
(dict) --
Filter used in the request.
Key (string) --
The name of the filter.
Values (list) --
The filter values.
(string) --
integer
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
string
The token for the next set of items to return. (You received this token from a previous call.)
dict
Response Syntax
{
'WindowExecutionTaskIdentities': [
{
'WindowExecutionId': 'string',
'TaskExecutionId': 'string',
'Status': 'PENDING'|'IN_PROGRESS'|'SUCCESS'|'FAILED'|'TIMED_OUT'|'CANCELLING'|'CANCELLED'|'SKIPPED_OVERLAPPING',
'StatusDetails': 'string',
'StartTime': datetime(2015, 1, 1),
'EndTime': datetime(2015, 1, 1),
'TaskArn': 'string',
'TaskType': 'RUN_COMMAND'|'AUTOMATION'|'STEP_FUNCTIONS'|'LAMBDA'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
WindowExecutionTaskIdentities (list) --
Information about the task executions.
(dict) --
Information about a task execution performed as part of a Maintenance Window execution.
WindowExecutionId (string) --
The ID of the Maintenance Window execution that ran the task.
TaskExecutionId (string) --
The ID of the specific task execution in the Maintenance Window execution.
Status (string) --
The status of the task execution.
StatusDetails (string) --
The details explaining the status of the task execution. Only available for certain status values.
StartTime (datetime) --
The time the task execution started.
EndTime (datetime) --
The time the task execution finished.
TaskArn (string) --
The ARN of the executed task.
TaskType (string) --
The type of executed task.
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
{'Targets': {'Description': 'string', 'Name': 'string'}}
Lists the targets registered with the Maintenance Window.
See also: AWS API Documentation
Request Syntax
client.describe_maintenance_window_targets(
WindowId='string',
Filters=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
MaxResults=123,
NextToken='string'
)
string
[REQUIRED]
The ID of the Maintenance Window whose targets should be retrieved.
list
Optional filters that can be used to narrow down the scope of the returned window targets. The supported filter keys are Type, WindowTargetId and OwnerInformation.
(dict) --
Filter used in the request.
Key (string) --
The name of the filter.
Values (list) --
The filter values.
(string) --
integer
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
string
The token for the next set of items to return. (You received this token from a previous call.)
dict
Response Syntax
{
'Targets': [
{
'WindowId': 'string',
'WindowTargetId': 'string',
'ResourceType': 'INSTANCE',
'Targets': [
{
'Key': 'string',
'Values': [
'string',
]
},
],
'OwnerInformation': 'string',
'Name': 'string',
'Description': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Targets (list) --
Information about the targets in the Maintenance Window.
(dict) --
The target registered with the Maintenance Window.
WindowId (string) --
The Maintenance Window ID where the target is registered.
WindowTargetId (string) --
The ID of the target.
ResourceType (string) --
The type of target.
Targets (list) --
The targets (either instances or tags). Instances are specified using Key=instanceids,Values=<instanceid1>,<instanceid2>. Tags are specified using Key=<tag name>,Values=<tag value>.
(dict) --
An array of search criteria that targets instances using a Key,Value combination that you specify. Targets is required if you don't provide one or more instance IDs in the call.
Key (string) --
User-defined criteria for sending commands that target instances that meet the criteria. Key can be tag:<Amazon EC2 tag> or InstanceIds. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
Values (list) --
User-defined criteria that maps to Key. For example, if you specified tag:ServerRole, you could specify value:WebServer to execute a command on instances that include Amazon EC2 tags of ServerRole,WebServer. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
(string) --
OwnerInformation (string) --
User-provided value that will be included in any CloudWatch events raised while running tasks for these targets in this Maintenance Window.
Name (string) --
The target name.
Description (string) --
A description of the target.
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
{'Tasks': {'Description': 'string',
'Name': 'string',
'Type': {'LAMBDA', 'AUTOMATION', 'STEP_FUNCTIONS'}}}
Lists the tasks in a Maintenance Window.
See also: AWS API Documentation
Request Syntax
client.describe_maintenance_window_tasks(
WindowId='string',
Filters=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
MaxResults=123,
NextToken='string'
)
string
[REQUIRED]
The ID of the Maintenance Window whose tasks should be retrieved.
list
Optional filters used to narrow down the scope of the returned tasks. The supported filter keys are WindowTaskId, TaskArn, Priority, and TaskType.
(dict) --
Filter used in the request.
Key (string) --
The name of the filter.
Values (list) --
The filter values.
(string) --
integer
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
string
The token for the next set of items to return. (You received this token from a previous call.)
dict
Response Syntax
{
'Tasks': [
{
'WindowId': 'string',
'WindowTaskId': 'string',
'TaskArn': 'string',
'Type': 'RUN_COMMAND'|'AUTOMATION'|'STEP_FUNCTIONS'|'LAMBDA',
'Targets': [
{
'Key': 'string',
'Values': [
'string',
]
},
],
'TaskParameters': {
'string': {
'Values': [
'string',
]
}
},
'Priority': 123,
'LoggingInfo': {
'S3BucketName': 'string',
'S3KeyPrefix': 'string',
'S3Region': 'string'
},
'ServiceRoleArn': 'string',
'MaxConcurrency': 'string',
'MaxErrors': 'string',
'Name': 'string',
'Description': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Tasks (list) --
Information about the tasks in the Maintenance Window.
(dict) --
Information about a task defined for a Maintenance Window.
WindowId (string) --
The Maintenance Window ID where the task is registered.
WindowTaskId (string) --
The task ID.
TaskArn (string) --
TaskArn is the resource that the task uses during execution. For RUN_COMMAND and AUTOMATION task types, the TaskArn is the SSM Document Name/ARN. For LAMBDA tasks, it's the Function Name/ARN. For STEP_FUNCTION tasks, it's the State Machine ARN.
Type (string) --
The type of task. The type can be one of the following: RUN_COMMAND, AUTOMATION, LAMBDA, or STEP_FUNCTION.
Targets (list) --
The targets (either instances or tags). Instances are specified using Key=instanceids,Values=<instanceid1>,<instanceid2>. Tags are specified using Key=<tag name>,Values=<tag value>.
(dict) --
An array of search criteria that targets instances using a Key,Value combination that you specify. Targets is required if you don't provide one or more instance IDs in the call.
Key (string) --
User-defined criteria for sending commands that target instances that meet the criteria. Key can be tag:<Amazon EC2 tag> or InstanceIds. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
Values (list) --
User-defined criteria that maps to Key. For example, if you specified tag:ServerRole, you could specify value:WebServer to execute a command on instances that include Amazon EC2 tags of ServerRole,WebServer. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
(string) --
TaskParameters (dict) --
The parameters that should be passed to the task when it is executed.
(string) --
(dict) --
Defines the values for a task parameter.
Values (list) --
This field contains an array of 0 or more strings, each 1 to 255 characters in length.
(string) --
Priority (integer) --
The priority of the task in the Maintenance Window. The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel.
LoggingInfo (dict) --
Information about an Amazon S3 bucket to write task-level logs to.
S3BucketName (string) --
The name of an Amazon S3 bucket where execution logs are stored .
S3KeyPrefix (string) --
(Optional) The Amazon S3 bucket subfolder.
S3Region (string) --
The region where the Amazon S3 bucket is located.
ServiceRoleArn (string) --
The role that should be assumed when executing the task
MaxConcurrency (string) --
The maximum number of targets this task can be run for in parallel.
MaxErrors (string) --
The maximum number of errors allowed before this task stops being scheduled.
Name (string) --
The task name.
Description (string) --
A description of the task.
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
{'WindowIdentities': {'Description': 'string'}}
Retrieves the Maintenance Windows in an AWS account.
See also: AWS API Documentation
Request Syntax
client.describe_maintenance_windows(
Filters=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
MaxResults=123,
NextToken='string'
)
list
Optional filters used to narrow down the scope of the returned Maintenance Windows. Supported filter keys are Name and Enabled.
(dict) --
Filter used in the request.
Key (string) --
The name of the filter.
Values (list) --
The filter values.
(string) --
integer
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
string
The token for the next set of items to return. (You received this token from a previous call.)
dict
Response Syntax
{
'WindowIdentities': [
{
'WindowId': 'string',
'Name': 'string',
'Description': 'string',
'Enabled': True|False,
'Duration': 123,
'Cutoff': 123
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
WindowIdentities (list) --
Information about the Maintenance Windows.
(dict) --
Information about the Maintenance Window.
WindowId (string) --
The ID of the Maintenance Window.
Name (string) --
The name of the Maintenance Window.
Description (string) --
A description of the Maintenance Window.
Enabled (boolean) --
Whether the Maintenance Window is enabled.
Duration (integer) --
The duration of the Maintenance Window in hours.
Cutoff (integer) --
The number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
{'SubType': 'boolean'}
Return a list of inventory type names for the account, or return a list of attribute names for a specific Inventory item type.
See also: AWS API Documentation
Request Syntax
client.get_inventory_schema(
TypeName='string',
NextToken='string',
MaxResults=123,
SubType=True|False
)
string
The type of inventory item to return.
string
The token for the next set of items to return. (You received this token from a previous call.)
integer
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
boolean
Returns the sub-type schema for a specified inventory type.
dict
Response Syntax
{
'Schemas': [
{
'TypeName': 'string',
'Version': 'string',
'Attributes': [
{
'Name': 'string',
'DataType': 'string'|'number'
},
]
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Schemas (list) --
Inventory schemas returned by the request.
(dict) --
The inventory item schema definition. Users can use this to compose inventory query filters.
TypeName (string) --
The name of the inventory type. Default inventory item type names start with AWS. Custom inventory type names will start with Custom. Default inventory item types include the following: AWS:AWSComponent, AWS:Application, AWS:InstanceInformation, AWS:Network, and AWS:WindowsUpdate.
Version (string) --
The schema version for the inventory item.
Attributes (list) --
The schema attributes for inventory. This contains data type and attribute name.
(dict) --
Attributes are the entries within the inventory item content. It contains name and value.
Name (string) --
Name of the inventory item attribute.
DataType (string) --
The data type of the inventory item attribute.
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
{'Description': 'string'}
Retrieves a Maintenance Window.
See also: AWS API Documentation
Request Syntax
client.get_maintenance_window(
WindowId='string'
)
string
[REQUIRED]
The ID of the desired Maintenance Window.
dict
Response Syntax
{
'WindowId': 'string',
'Name': 'string',
'Description': 'string',
'Schedule': 'string',
'Duration': 123,
'Cutoff': 123,
'AllowUnassociatedTargets': True|False,
'Enabled': True|False,
'CreatedDate': datetime(2015, 1, 1),
'ModifiedDate': datetime(2015, 1, 1)
}
Response Structure
(dict) --
WindowId (string) --
The ID of the created Maintenance Window.
Name (string) --
The name of the Maintenance Window.
Description (string) --
The description of the Maintenance Window.
Schedule (string) --
The schedule of the Maintenance Window in the form of a cron or rate expression.
Duration (integer) --
The duration of the Maintenance Window in hours.
Cutoff (integer) --
The number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.
AllowUnassociatedTargets (boolean) --
Whether targets must be registered with the Maintenance Window before tasks can be defined for those targets.
Enabled (boolean) --
Whether the Maintenance Windows is enabled.
CreatedDate (datetime) --
The date the Maintenance Window was created.
ModifiedDate (datetime) --
The date the Maintenance Window was last modified.
{'Type': {'LAMBDA', 'AUTOMATION', 'STEP_FUNCTIONS'}}
Retrieves the details about a specific task executed as part of a Maintenance Window execution.
See also: AWS API Documentation
Request Syntax
client.get_maintenance_window_execution_task(
WindowExecutionId='string',
TaskId='string'
)
string
[REQUIRED]
The ID of the Maintenance Window execution that includes the task.
string
[REQUIRED]
The ID of the specific task execution in the Maintenance Window task that should be retrieved.
dict
Response Syntax
{
'WindowExecutionId': 'string',
'TaskExecutionId': 'string',
'TaskArn': 'string',
'ServiceRole': 'string',
'Type': 'RUN_COMMAND'|'AUTOMATION'|'STEP_FUNCTIONS'|'LAMBDA',
'TaskParameters': [
{
'string': {
'Values': [
'string',
]
}
},
],
'Priority': 123,
'MaxConcurrency': 'string',
'MaxErrors': 'string',
'Status': 'PENDING'|'IN_PROGRESS'|'SUCCESS'|'FAILED'|'TIMED_OUT'|'CANCELLING'|'CANCELLED'|'SKIPPED_OVERLAPPING',
'StatusDetails': 'string',
'StartTime': datetime(2015, 1, 1),
'EndTime': datetime(2015, 1, 1)
}
Response Structure
(dict) --
WindowExecutionId (string) --
The ID of the Maintenance Window execution that includes the task.
TaskExecutionId (string) --
The ID of the specific task execution in the Maintenance Window task that was retrieved.
TaskArn (string) --
The ARN of the executed task.
ServiceRole (string) --
The role that was assumed when executing the task.
Type (string) --
The type of task executed.
TaskParameters (list) --
The parameters passed to the task when it was executed. The map has the following format:
Key: string, between 1 and 255 characters
Value: an array of strings, each string is between 1 and 255 characters
(dict) --
(string) --
(dict) --
Defines the values for a task parameter.
Values (list) --
This field contains an array of 0 or more strings, each 1 to 255 characters in length.
(string) --
Priority (integer) --
The priority of the task.
MaxConcurrency (string) --
The defined maximum number of task executions that could be run in parallel.
MaxErrors (string) --
The defined maximum number of task execution errors allowed before scheduling of the task execution would have been stopped.
Status (string) --
The status of the task.
StatusDetails (string) --
The details explaining the Status. Only available for certain status values.
StartTime (datetime) --
The time the task execution started.
EndTime (datetime) --
The time the task execution completed.
{'Items': {'Context': {'string': 'string'}}}
Bulk update custom inventory items on one more instance. The request adds an inventory item, if it doesn't already exist, or updates an inventory item, if it does exist.
See also: AWS API Documentation
Request Syntax
client.put_inventory(
InstanceId='string',
Items=[
{
'TypeName': 'string',
'SchemaVersion': 'string',
'CaptureTime': 'string',
'ContentHash': 'string',
'Content': [
{
'string': 'string'
},
],
'Context': {
'string': 'string'
}
},
]
)
string
[REQUIRED]
One or more instance IDs where you want to add or update inventory items.
list
[REQUIRED]
The inventory items that you want to add or update on instances.
(dict) --
Information collected from managed instances based on your inventory policy document
TypeName (string) -- [REQUIRED]
The name of the inventory type. Default inventory item type names start with AWS. Custom inventory type names will start with Custom. Default inventory item types include the following: AWS:AWSComponent, AWS:Application, AWS:InstanceInformation, AWS:Network, and AWS:WindowsUpdate.
SchemaVersion (string) -- [REQUIRED]
The schema version for the inventory item.
CaptureTime (string) -- [REQUIRED]
The time the inventory information was collected.
ContentHash (string) --
MD5 hash of the inventory item type contents. The content hash is used to determine whether to update inventory information. The PutInventory API does not update the inventory item type contents if the MD5 hash has not changed since last update.
Content (list) --
The inventory data of the inventory type.
(dict) --
(string) --
(string) --
Context (dict) --
A map of associated properties for a specified inventory type. For example, with this attribute, you can specify the ExecutionId , ExecutionType , ComplianceType properties of the AWS:ComplianceItem type.
(string) --
(string) --
dict
Response Syntax
{}
Response Structure
(dict) --
{'Description': 'string', 'Name': 'string'}
Registers a target with a Maintenance Window.
See also: AWS API Documentation
Request Syntax
client.register_target_with_maintenance_window(
WindowId='string',
ResourceType='INSTANCE',
Targets=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
OwnerInformation='string',
Name='string',
Description='string',
ClientToken='string'
)
string
[REQUIRED]
The ID of the Maintenance Window the target should be registered with.
string
[REQUIRED]
The type of target being registered with the Maintenance Window.
list
[REQUIRED]
The targets (either instances or tags). Instances are specified using Key=instanceids,Values=<instanceid1>,<instanceid2>. Tags are specified using Key=<tag name>,Values=<tag value>.
(dict) --
An array of search criteria that targets instances using a Key,Value combination that you specify. Targets is required if you don't provide one or more instance IDs in the call.
Key (string) --
User-defined criteria for sending commands that target instances that meet the criteria. Key can be tag:<Amazon EC2 tag> or InstanceIds. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
Values (list) --
User-defined criteria that maps to Key. For example, if you specified tag:ServerRole, you could specify value:WebServer to execute a command on instances that include Amazon EC2 tags of ServerRole,WebServer. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
(string) --
string
User-provided value that will be included in any CloudWatch events raised while running tasks for these targets in this Maintenance Window.
string
An optional name for the target.
string
An optional description for the target.
string
User-provided idempotency token.
This field is autopopulated if not provided.
dict
Response Syntax
{
'WindowTargetId': 'string'
}
Response Structure
(dict) --
WindowTargetId (string) --
The ID of the target definition in this Maintenance Window.
{'Description': 'string',
'Name': 'string',
'TaskInvocationParameters': {'Automation': {'DocumentVersion': 'string',
'Parameters': {'string': ['string']}},
'Lambda': {'ClientContext': 'string',
'Payload': 'blob',
'Qualifier': 'string'},
'RunCommand': {'Comment': 'string',
'DocumentHash': 'string',
'DocumentHashType': 'Sha256 | '
'Sha1',
'NotificationConfig': {'NotificationArn': 'string',
'NotificationEvents': ['All '
'| '
'InProgress '
'| '
'Success '
'| '
'TimedOut '
'| '
'Cancelled '
'| '
'Failed'],
'NotificationType': 'Command '
'| '
'Invocation'},
'OutputS3BucketName': 'string',
'OutputS3KeyPrefix': 'string',
'Parameters': {'string': ['string']},
'ServiceRoleArn': 'string',
'TimeoutSeconds': 'integer'},
'StepFunctions': {'Input': 'string',
'Name': 'string'}},
'TaskType': {'LAMBDA', 'AUTOMATION', 'STEP_FUNCTIONS'}}
Adds a new task to a Maintenance Window.
See also: AWS API Documentation
Request Syntax
client.register_task_with_maintenance_window(
WindowId='string',
Targets=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
TaskArn='string',
ServiceRoleArn='string',
TaskType='RUN_COMMAND'|'AUTOMATION'|'STEP_FUNCTIONS'|'LAMBDA',
TaskParameters={
'string': {
'Values': [
'string',
]
}
},
TaskInvocationParameters={
'RunCommand': {
'Comment': 'string',
'DocumentHash': 'string',
'DocumentHashType': 'Sha256'|'Sha1',
'NotificationConfig': {
'NotificationArn': 'string',
'NotificationEvents': [
'All'|'InProgress'|'Success'|'TimedOut'|'Cancelled'|'Failed',
],
'NotificationType': 'Command'|'Invocation'
},
'OutputS3BucketName': 'string',
'OutputS3KeyPrefix': 'string',
'Parameters': {
'string': [
'string',
]
},
'ServiceRoleArn': 'string',
'TimeoutSeconds': 123
},
'Automation': {
'DocumentVersion': 'string',
'Parameters': {
'string': [
'string',
]
}
},
'StepFunctions': {
'Input': 'string',
'Name': 'string'
},
'Lambda': {
'ClientContext': 'string',
'Qualifier': 'string',
'Payload': b'bytes'
}
},
Priority=123,
MaxConcurrency='string',
MaxErrors='string',
LoggingInfo={
'S3BucketName': 'string',
'S3KeyPrefix': 'string',
'S3Region': 'string'
},
Name='string',
Description='string',
ClientToken='string'
)
string
[REQUIRED]
The id of the Maintenance Window the task should be added to.
list
[REQUIRED]
The targets (either instances or tags). Instances are specified using Key=instanceids,Values=<instanceid1>,<instanceid2>. Tags are specified using Key=<tag name>,Values=<tag value>.
(dict) --
An array of search criteria that targets instances using a Key,Value combination that you specify. Targets is required if you don't provide one or more instance IDs in the call.
Key (string) --
User-defined criteria for sending commands that target instances that meet the criteria. Key can be tag:<Amazon EC2 tag> or InstanceIds. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
Values (list) --
User-defined criteria that maps to Key. For example, if you specified tag:ServerRole, you could specify value:WebServer to execute a command on instances that include Amazon EC2 tags of ServerRole,WebServer. For more information about how to send commands that target instances using Key,Value parameters, see Executing a Command Using Systems Manager Run Command.
(string) --
string
[REQUIRED]
The ARN of the task to execute
string
[REQUIRED]
The role that should be assumed when executing the task.
string
[REQUIRED]
The type of task being registered.
dict
The parameters that should be passed to the task when it is executed.
(string) --
(dict) --
Defines the values for a task parameter.
Values (list) --
This field contains an array of 0 or more strings, each 1 to 255 characters in length.
(string) --
dict
Parameters the task should use during execution. Populate only the fields that match the task type. All other fields should be empty.
RunCommand (dict) --
Parameters for a RUN_COMMAND task type.
Comment (string) --
Information about the command(s) to execute.
DocumentHash (string) --
The Sha256 or Sha1 hash created by the system when the document was created. Sha1 hashes have been deprecated.
DocumentHashType (string) --
Sha256 or Sha1. Sha1 hashes have been deprecated.
NotificationConfig (dict) --
Configurations for sending notifications about command status changes on a per instance basis.
NotificationArn (string) --
An Amazon Resource Name (ARN) for a Simple Notification Service (SNS) topic. Run Command pushes notifications about command status changes to this topic.
NotificationEvents (list) --
The different events for which you can receive notifications. These events include the following: All (events), InProgress, Success, TimedOut, Cancelled, Failed. To learn more about these events, see Setting Up Events and Notifications in the Amazon EC2 Systems Manager User Guide .
(string) --
NotificationType (string) --
Command: Receive notification when the status of a command changes. Invocation: For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.
OutputS3BucketName (string) --
The name of the Amazon S3 bucket.
OutputS3KeyPrefix (string) --
The Amazon S3 bucket subfolder.
Parameters (dict) --
Parameters for the RUN_COMMAND task execution.
(string) --
(list) --
(string) --
ServiceRoleArn (string) --
The IAM service role that to assume during task execution.
TimeoutSeconds (integer) --
If this time is reached and the command has not already started executing, it will not execute.
Automation (dict) --
Parameters for a AUTOMATION task type.
DocumentVersion (string) --
The version of an SSM Automation document to use during task execution.
Parameters (dict) --
Parameters for the AUTOMATION task.
(string) --
(list) --
(string) --
StepFunctions (dict) --
Parameters for a STEP_FUNCTION task type.
Input (string) --
The inputs for the STEP_FUNCTION task.
Name (string) --
The name of the STEP_FUNCTION task.
Lambda (dict) --
Parameters for a LAMBDA task type.
ClientContext (string) --
Using the ClientContext you can pass client-specific information to the Lambda function you are invoking. You can then process the client information in your Lambda function as you choose through the context variable.
Qualifier (string) --
You can use this optional parameter to specify a Lambda function version or alias name. If you specify a function version, the API uses the qualified function ARN to invoke a specific Lambda function. If you specify an alias name, the API uses the alias ARN to invoke the Lambda function version to which the alias points.
Payload (bytes) --
JSON that you want to provide to your Lambda function as input.
integer
The priority of the task in the Maintenance Window, the lower the number the higher the priority. Tasks in a Maintenance Window are scheduled in priority order with tasks that have the same priority scheduled in parallel.
string
[REQUIRED]
The maximum number of targets this task can be run for in parallel.
string
[REQUIRED]
The maximum number of errors allowed before this task stops being scheduled.
dict
A structure containing information about an Amazon S3 bucket to write instance-level logs to.
S3BucketName (string) -- [REQUIRED]
The name of an Amazon S3 bucket where execution logs are stored .
S3KeyPrefix (string) --
(Optional) The Amazon S3 bucket subfolder.
S3Region (string) -- [REQUIRED]
The region where the Amazon S3 bucket is located.
string
An optional name for the task.
string
An optional description for the task.
string
User-provided idempotency token.
This field is autopopulated if not provided.
dict
Response Syntax
{
'WindowTaskId': 'string'
}
Response Structure
(dict) --
WindowTaskId (string) --
The id of the task in the Maintenance Window.
{'Description': 'string', 'Replace': 'boolean'}
Response {'Description': 'string'}
Updates an existing Maintenance Window. Only specified parameters are modified.
See also: AWS API Documentation
Request Syntax
client.update_maintenance_window(
WindowId='string',
Name='string',
Description='string',
Schedule='string',
Duration=123,
Cutoff=123,
AllowUnassociatedTargets=True|False,
Enabled=True|False,
Replace=True|False
)
string
[REQUIRED]
The ID of the Maintenance Window to update.
string
The name of the Maintenance Window.
string
An optional description for the update request.
string
The schedule of the Maintenance Window in the form of a cron or rate expression.
integer
The duration of the Maintenance Window in hours.
integer
The number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.
boolean
Whether targets must be registered with the Maintenance Window before tasks can be defined for those targets.
boolean
Whether the Maintenance Window is enabled.
boolean
If you specify True, then all fields that are required by the CreateMaintenanceWindow API are also required for this API request. Optional fields that are not specified will be set to null.
dict
Response Syntax
{
'WindowId': 'string',
'Name': 'string',
'Description': 'string',
'Schedule': 'string',
'Duration': 123,
'Cutoff': 123,
'AllowUnassociatedTargets': True|False,
'Enabled': True|False
}
Response Structure
(dict) --
WindowId (string) --
The ID of the created Maintenance Window.
Name (string) --
The name of the Maintenance Window.
Description (string) --
An optional description of the update.
Schedule (string) --
The schedule of the Maintenance Window in the form of a cron or rate expression.
Duration (integer) --
The duration of the Maintenance Window in hours.
Cutoff (integer) --
The number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.
AllowUnassociatedTargets (boolean) --
Whether targets must be registered with the Maintenance Window before tasks can be defined for those targets.
Enabled (boolean) --
Whether the Maintenance Window is enabled.