aws-native.ssm.getPatchBaseline

Explore with Pulumi AI

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.105.0 published on Thursday, May 2, 2024 by Pulumi

pulumi/pulumi-aws-native

Using getPatchBaseline

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getPatchBaseline(args: GetPatchBaselineArgs, opts?: InvokeOptions): Promise<GetPatchBaselineResult>
function getPatchBaselineOutput(args: GetPatchBaselineOutputArgs, opts?: InvokeOptions): Output<GetPatchBaselineResult>

def get_patch_baseline(id: Optional[str] = None,
                       opts: Optional[InvokeOptions] = None) -> GetPatchBaselineResult
def get_patch_baseline_output(id: Optional[pulumi.Input[str]] = None,
                       opts: Optional[InvokeOptions] = None) -> Output[GetPatchBaselineResult]

func LookupPatchBaseline(ctx *Context, args *LookupPatchBaselineArgs, opts ...InvokeOption) (*LookupPatchBaselineResult, error)
func LookupPatchBaselineOutput(ctx *Context, args *LookupPatchBaselineOutputArgs, opts ...InvokeOption) LookupPatchBaselineResultOutput

> Note: This function is named LookupPatchBaseline in the Go SDK.

public static class GetPatchBaseline 
{
    public static Task<GetPatchBaselineResult> InvokeAsync(GetPatchBaselineArgs args, InvokeOptions? opts = null)
    public static Output<GetPatchBaselineResult> Invoke(GetPatchBaselineInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetPatchBaselineResult> getPatchBaseline(GetPatchBaselineArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: aws-native:ssm:getPatchBaseline
  arguments:
    # arguments dictionary

The following arguments are supported:

Id string: The ID of the patch baseline.

Id string: The ID of the patch baseline.

id String: The ID of the patch baseline.

id string: The ID of the patch baseline.

id str: The ID of the patch baseline.

id String: The ID of the patch baseline.

getPatchBaseline Result

The following output properties are available:

ApprovalRules Pulumi.AwsNative.Ssm.Outputs.PatchBaselineRuleGroup
ApprovedPatches List<string>: A list of explicitly approved patches for the baseline.
ApprovedPatchesComplianceLevel Pulumi.AwsNative.Ssm.PatchBaselineApprovedPatchesComplianceLevel: Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. The default value is UNSPECIFIED.
ApprovedPatchesEnableNonSecurity bool: Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only.
DefaultBaseline bool: Set the baseline as default baseline. Only registering to default patch baseline is allowed.
Description string: The description of the patch baseline.
GlobalFilters Pulumi.AwsNative.Ssm.Outputs.PatchBaselinePatchFilterGroup: A set of global filters used to include patches in the baseline.
Id string: The ID of the patch baseline.
Name string: The name of the patch baseline.
PatchGroups List<string>: PatchGroups is used to associate instances with a specific patch baseline
RejectedPatches List<string>: A list of explicitly rejected patches for the baseline.
RejectedPatchesAction Pulumi.AwsNative.Ssm.PatchBaselineRejectedPatchesAction: The action for Patch Manager to take on patches included in the RejectedPackages list.
Sources List<Pulumi.AwsNative.Ssm.Outputs.PatchBaselinePatchSource>: Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only.
Tags List<Pulumi.AwsNative.Outputs.Tag>: Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways.

ApprovalRules PatchBaselineRuleGroup
ApprovedPatches []string: A list of explicitly approved patches for the baseline.
ApprovedPatchesComplianceLevel PatchBaselineApprovedPatchesComplianceLevel: Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. The default value is UNSPECIFIED.
ApprovedPatchesEnableNonSecurity bool: Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only.
DefaultBaseline bool: Set the baseline as default baseline. Only registering to default patch baseline is allowed.
Description string: The description of the patch baseline.
GlobalFilters PatchBaselinePatchFilterGroup: A set of global filters used to include patches in the baseline.
Id string: The ID of the patch baseline.
Name string: The name of the patch baseline.
PatchGroups []string: PatchGroups is used to associate instances with a specific patch baseline
RejectedPatches []string: A list of explicitly rejected patches for the baseline.
RejectedPatchesAction PatchBaselineRejectedPatchesAction: The action for Patch Manager to take on patches included in the RejectedPackages list.
Sources []PatchBaselinePatchSource: Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only.
Tags Tag: Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways.

approvalRules PatchBaselineRuleGroup
approvedPatches List<String>: A list of explicitly approved patches for the baseline.
approvedPatchesComplianceLevel PatchBaselineApprovedPatchesComplianceLevel: Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. The default value is UNSPECIFIED.
approvedPatchesEnableNonSecurity Boolean: Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only.
defaultBaseline Boolean: Set the baseline as default baseline. Only registering to default patch baseline is allowed.
description String: The description of the patch baseline.
globalFilters PatchBaselinePatchFilterGroup: A set of global filters used to include patches in the baseline.
id String: The ID of the patch baseline.
name String: The name of the patch baseline.
patchGroups List<String>: PatchGroups is used to associate instances with a specific patch baseline
rejectedPatches List<String>: A list of explicitly rejected patches for the baseline.
rejectedPatchesAction PatchBaselineRejectedPatchesAction: The action for Patch Manager to take on patches included in the RejectedPackages list.
sources List<PatchBaselinePatchSource>: Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only.
tags List<Tag>: Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways.

approvalRules PatchBaselineRuleGroup
approvedPatches string[]: A list of explicitly approved patches for the baseline.
approvedPatchesComplianceLevel PatchBaselineApprovedPatchesComplianceLevel: Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. The default value is UNSPECIFIED.
approvedPatchesEnableNonSecurity boolean: Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only.
defaultBaseline boolean: Set the baseline as default baseline. Only registering to default patch baseline is allowed.
description string: The description of the patch baseline.
globalFilters PatchBaselinePatchFilterGroup: A set of global filters used to include patches in the baseline.
id string: The ID of the patch baseline.
name string: The name of the patch baseline.
patchGroups string[]: PatchGroups is used to associate instances with a specific patch baseline
rejectedPatches string[]: A list of explicitly rejected patches for the baseline.
rejectedPatchesAction PatchBaselineRejectedPatchesAction: The action for Patch Manager to take on patches included in the RejectedPackages list.
sources PatchBaselinePatchSource[]: Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only.
tags Tag[]: Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways.

approval_rules PatchBaselineRuleGroup
approved_patches Sequence[str]: A list of explicitly approved patches for the baseline.
approved_patches_compliance_level PatchBaselineApprovedPatchesComplianceLevel: Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. The default value is UNSPECIFIED.
approved_patches_enable_non_security bool: Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only.
default_baseline bool: Set the baseline as default baseline. Only registering to default patch baseline is allowed.
description str: The description of the patch baseline.
global_filters PatchBaselinePatchFilterGroup: A set of global filters used to include patches in the baseline.
id str: The ID of the patch baseline.
name str: The name of the patch baseline.
patch_groups Sequence[str]: PatchGroups is used to associate instances with a specific patch baseline
rejected_patches Sequence[str]: A list of explicitly rejected patches for the baseline.
rejected_patches_action PatchBaselineRejectedPatchesAction: The action for Patch Manager to take on patches included in the RejectedPackages list.
sources Sequence[PatchBaselinePatchSource]: Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only.
tags Sequence[root_Tag]: Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways.

approvalRules Property Map
approvedPatches List<String>: A list of explicitly approved patches for the baseline.
approvedPatchesComplianceLevel "CRITICAL" | "HIGH" | "MEDIUM" | "LOW" | "INFORMATIONAL" | "UNSPECIFIED": Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. The default value is UNSPECIFIED.
approvedPatchesEnableNonSecurity Boolean: Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only.
defaultBaseline Boolean: Set the baseline as default baseline. Only registering to default patch baseline is allowed.
description String: The description of the patch baseline.
globalFilters Property Map: A set of global filters used to include patches in the baseline.
id String: The ID of the patch baseline.
name String: The name of the patch baseline.
patchGroups List<String>: PatchGroups is used to associate instances with a specific patch baseline
rejectedPatches List<String>: A list of explicitly rejected patches for the baseline.
rejectedPatchesAction "ALLOW_AS_DEPENDENCY" | "BLOCK": The action for Patch Manager to take on patches included in the RejectedPackages list.
sources List<Property Map>: Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only.
tags List<Property Map>: Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways.