Table of Contents

Class CfnPatchBaseline.RuleProperty

Namespace
Amazon.CDK.AWS.SSM
Assembly
Amazon.CDK.AWS.SSM.dll

The Rule property type specifies an approval rule for a Systems Manager patch baseline.

public class CfnPatchBaseline.RuleProperty : CfnPatchBaseline.IRuleProperty
Inheritance
CfnPatchBaseline.RuleProperty
Implements
Inherited Members

Examples

// The code below shows an example of how to instantiate this type.
             // The values are placeholders you should change.
             using Amazon.CDK.AWS.SSM;

             var ruleProperty = new RuleProperty {
                 ApproveAfterDays = 123,
                 ApproveUntilDate = "approveUntilDate",
                 ComplianceLevel = "complianceLevel",
                 EnableNonSecurity = false,
                 PatchFilterGroup = new PatchFilterGroupProperty {
                     PatchFilters = new [] { new PatchFilterProperty {
                         Key = "key",
                         Values = new [] { "values" }
                     } }
                 }
             };

Remarks

The PatchRules property of the RuleGroup property type contains a list of Rule property types.

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-rule.html

ExampleMetadata: fixture=_generated

Constructors

RuleProperty() 

public RuleProperty()

Properties

ApproveAfterDays

The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline.

public double? ApproveAfterDays { get; set; }

Property Value

double?

Remarks

For example, a value of 7 means that patches are approved seven days after they are released.

You must specify a value for ApproveAfterDays .

Exception: Not supported on Debian Server or Ubuntu Server.

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-rule.html#cfn-ssm-patchbaseline-rule-approveafterdays

ApproveUntilDate

The cutoff date for auto approval of released patches.

public string? ApproveUntilDate { get; set; }

Property Value

string

Remarks

Any patches released on or before this date are installed automatically. Not supported on Debian Server or Ubuntu Server.

Enter dates in the format YYYY-MM-DD . For example, 2021-12-31 .

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-rule.html#cfn-ssm-patchbaseline-rule-approveuntildate

ComplianceLevel

A compliance severity level for all approved patches in a patch baseline.

public string? ComplianceLevel { get; set; }

Property Value

string

Remarks

Valid compliance severity levels include the following: UNSPECIFIED , CRITICAL , HIGH , MEDIUM , LOW , and INFORMATIONAL .

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-rule.html#cfn-ssm-patchbaseline-rule-compliancelevel

EnableNonSecurity

For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository.

public object? EnableNonSecurity { get; set; }

Property Value

object

Remarks

The default value is false . Applies to Linux managed nodes only.

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-rule.html#cfn-ssm-patchbaseline-rule-enablenonsecurity

PatchFilterGroup

The patch filter group that defines the criteria for the rule.

public object? PatchFilterGroup { get; set; }

Property Value

object

Remarks

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-rule.html#cfn-ssm-patchbaseline-rule-patchfiltergroup