Class CfnPatchBaseline
A CloudFormation AWS::SSM::PatchBaseline.
public class CfnPatchBaseline : CfnResource, IInspectable- Inheritance
-
CfnPatchBaseline
- Implements
-
IInspectable
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.SSM;
var cfnPatchBaseline = new CfnPatchBaseline(this, "MyCfnPatchBaseline", new CfnPatchBaselineProps {
Name = "name",
// the properties below are optional
ApprovalRules = new RuleGroupProperty {
PatchRules = new [] { new RuleProperty {
ApproveAfterDays = 123,
ApproveUntilDate = "approveUntilDate",
ComplianceLevel = "complianceLevel",
EnableNonSecurity = false,
PatchFilterGroup = new PatchFilterGroupProperty {
PatchFilters = new [] { new PatchFilterProperty {
Key = "key",
Values = new [] { "values" }
} }
}
} }
},
ApprovedPatches = new [] { "approvedPatches" },
ApprovedPatchesComplianceLevel = "approvedPatchesComplianceLevel",
ApprovedPatchesEnableNonSecurity = false,
Description = "description",
GlobalFilters = new PatchFilterGroupProperty {
PatchFilters = new [] { new PatchFilterProperty {
Key = "key",
Values = new [] { "values" }
} }
},
OperatingSystem = "operatingSystem",
PatchGroups = new [] { "patchGroups" },
RejectedPatches = new [] { "rejectedPatches" },
RejectedPatchesAction = "rejectedPatchesAction",
Sources = new [] { new PatchSourceProperty {
Configuration = "configuration",
Name = "name",
Products = new [] { "products" }
} },
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} }
});Remarks
The AWS::SSM::PatchBaseline resource defines the basic information for an AWS Systems Manager patch baseline. A patch baseline defines which patches are approved for installation on your instances.
For more information, see CreatePatchBaseline in the AWS Systems Manager API Reference .
CloudformationResource: AWS::SSM::PatchBaseline
Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-patchbaseline.html
ExampleMetadata: fixture=_generated
Constructors
CfnPatchBaseline(Construct, string, ICfnPatchBaselineProps)
Create a new AWS::SSM::PatchBaseline.
public CfnPatchBaseline(Construct scope, string id, ICfnPatchBaselineProps props)Parameters
scopeConstruct- scope in which this resource is defined.
idstring- scoped id of the resource.
propsICfnPatchBaselineProps- resource properties.
Properties
ApprovalRules
A set of rules used to include patches in the baseline.
public virtual object? ApprovalRules { get; set; }Property Value
Remarks
ApprovedPatches
A list of explicitly approved patches for the baseline.
public virtual string[]? ApprovedPatches { get; set; }Property Value
- string[]
Remarks
For information about accepted formats for lists of approved patches and rejected patches, see About package name formats for approved and rejected patch lists in the AWS Systems Manager User Guide .
ApprovedPatchesComplianceLevel
Defines the compliance level for approved patches.
public virtual string? ApprovedPatchesComplianceLevel { get; set; }Property Value
Remarks
When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is UNSPECIFIED .
ApprovedPatchesEnableNonSecurity
Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes.
public virtual object? ApprovedPatchesEnableNonSecurity { get; set; }Property Value
Remarks
The default value is false . Applies to Linux managed nodes only.
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }Property Value
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }Property Value
Description
A description of the patch baseline.
public virtual string? Description { get; set; }Property Value
Remarks
GlobalFilters
A set of global filters used to include patches in the baseline.
public virtual object? GlobalFilters { get; set; }Property Value
Remarks
Name
The name of the patch baseline.
public virtual string Name { get; set; }Property Value
Remarks
OperatingSystem
Defines the operating system the patch baseline applies to.
public virtual string? OperatingSystem { get; set; }Property Value
Remarks
The default value is WINDOWS .
PatchGroups
The name of the patch group to be registered with the patch baseline.
public virtual string[]? PatchGroups { get; set; }Property Value
- string[]
Remarks
RejectedPatches
A list of explicitly rejected patches for the baseline.
public virtual string[]? RejectedPatches { get; set; }Property Value
- string[]
Remarks
For information about accepted formats for lists of approved patches and rejected patches, see About package name formats for approved and rejected patch lists in the AWS Systems Manager User Guide .
RejectedPatchesAction
The action for Patch Manager to take on patches included in the RejectedPackages list.
public virtual string? RejectedPatchesAction { get; set; }Property Value
Remarks
Sources
Information about the patches to use to update the managed nodes, including target operating systems and source repositories.
public virtual object? Sources { get; set; }Property Value
Remarks
Applies to Linux managed nodes only.
Tags
Optional metadata that you assign to a resource.
public virtual TagManager Tags { get; }Property Value
- TagManager
Remarks
Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a patch baseline to identify the severity level of patches it specifies and the operating system family it applies to.
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)Parameters
inspectorTreeInspector- tree inspector to collect and process attributes.
RenderProperties(IDictionary<string, object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)Parameters
propsIDictionary<string, object>