@pulumi/aws
Version:
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
273 lines • 9.59 kB
JavaScript
;
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.PatchBaseline = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
* Provides an SSM Patch Baseline resource.
*
* > **NOTE on Patch Baselines:** The `approvedPatches` and `approvalRule` are
* both marked as optional fields, but the Patch Baseline requires that at least one
* of them is specified.
*
* ## Example Usage
*
* ### Basic Usage
*
* Using `approvedPatches` only.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const production = new aws.ssm.PatchBaseline("production", {
* name: "patch-baseline",
* approvedPatches: ["KB123456"],
* });
* ```
*
* ### Advanced Usage, specifying patch filters
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const production = new aws.ssm.PatchBaseline("production", {
* name: "patch-baseline",
* description: "Patch Baseline Description",
* approvedPatches: [
* "KB123456",
* "KB456789",
* ],
* rejectedPatches: ["KB987654"],
* globalFilters: [
* {
* key: "PRODUCT",
* values: ["WindowsServer2008"],
* },
* {
* key: "CLASSIFICATION",
* values: ["ServicePacks"],
* },
* {
* key: "MSRC_SEVERITY",
* values: ["Low"],
* },
* ],
* approvalRules: [
* {
* approveAfterDays: 7,
* complianceLevel: "HIGH",
* patchFilters: [
* {
* key: "PRODUCT",
* values: ["WindowsServer2016"],
* },
* {
* key: "CLASSIFICATION",
* values: [
* "CriticalUpdates",
* "SecurityUpdates",
* "Updates",
* ],
* },
* {
* key: "MSRC_SEVERITY",
* values: [
* "Critical",
* "Important",
* "Moderate",
* ],
* },
* ],
* },
* {
* approveAfterDays: 7,
* patchFilters: [{
* key: "PRODUCT",
* values: ["WindowsServer2012"],
* }],
* },
* ],
* });
* ```
*
* ### Advanced usage, specifying Microsoft application and Windows patch rules
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const windowsOsApps = new aws.ssm.PatchBaseline("windows_os_apps", {
* name: "WindowsOSAndMicrosoftApps",
* description: "Patch both Windows and Microsoft apps",
* operatingSystem: "WINDOWS",
* approvalRules: [
* {
* approveAfterDays: 7,
* patchFilters: [
* {
* key: "CLASSIFICATION",
* values: [
* "CriticalUpdates",
* "SecurityUpdates",
* ],
* },
* {
* key: "MSRC_SEVERITY",
* values: [
* "Critical",
* "Important",
* ],
* },
* ],
* },
* {
* approveAfterDays: 7,
* patchFilters: [
* {
* key: "PATCH_SET",
* values: ["APPLICATION"],
* },
* {
* key: "PRODUCT",
* values: [
* "Office 2013",
* "Office 2016",
* ],
* },
* ],
* },
* ],
* });
* ```
*
* ### Advanced usage, specifying alternate patch source repository
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const al201709 = new aws.ssm.PatchBaseline("al_2017_09", {
* approvalRules: [{}],
* name: "Amazon-Linux-2017.09",
* description: "My patch repository for Amazon Linux 2017.09",
* operatingSystem: "AMAZON_LINUX",
* sources: [{
* name: "My-AL2017.09",
* products: ["AmazonLinux2017.09"],
* configuration: `[amzn-main]
* name=amzn-main-Base
* mirrorlist=http://repo./awsregion./awsdomain//releasever/main/mirror.list
* mirrorlist_expire=300
* metadata_expire=300
* priority=10
* failovermethod=priority
* fastestmirror_enabled=0
* gpgcheck=1
* gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-amazon-ga
* enabled=1
* retries=3
* timeout=5
* report_instanceid=yes
* `,
* }],
* });
* ```
*
* ## Import
*
* ### Identity Schema
*
* #### Required
*
* * `id` - (String) ID of the patch baseline.
*
* #### Optional
*
* * `account_id` (String) AWS Account where this resource is managed.
*
* * `region` (String) Region where this resource is managed.
*
* Using `pulumi import`, import SSM Patch Baselines using their baseline ID. For example:
*
* console
*
* % pulumi import aws_ssm_patch_baseline.example pb-12345678
*/
class PatchBaseline extends pulumi.CustomResource {
/**
* Get an existing PatchBaseline resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name, id, state, opts) {
return new PatchBaseline(name, state, { ...opts, id: id });
}
/**
* Returns true if the given object is an instance of PatchBaseline. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj) {
if (obj === undefined || obj === null) {
return false;
}
return obj['__pulumiType'] === PatchBaseline.__pulumiType;
}
constructor(name, argsOrState, opts) {
let resourceInputs = {};
opts = opts || {};
if (opts.id) {
const state = argsOrState;
resourceInputs["approvalRules"] = state?.approvalRules;
resourceInputs["approvedPatches"] = state?.approvedPatches;
resourceInputs["approvedPatchesComplianceLevel"] = state?.approvedPatchesComplianceLevel;
resourceInputs["approvedPatchesEnableNonSecurity"] = state?.approvedPatchesEnableNonSecurity;
resourceInputs["arn"] = state?.arn;
resourceInputs["availableSecurityUpdatesComplianceStatus"] = state?.availableSecurityUpdatesComplianceStatus;
resourceInputs["description"] = state?.description;
resourceInputs["globalFilters"] = state?.globalFilters;
resourceInputs["json"] = state?.json;
resourceInputs["name"] = state?.name;
resourceInputs["operatingSystem"] = state?.operatingSystem;
resourceInputs["region"] = state?.region;
resourceInputs["rejectedPatches"] = state?.rejectedPatches;
resourceInputs["rejectedPatchesAction"] = state?.rejectedPatchesAction;
resourceInputs["sources"] = state?.sources;
resourceInputs["tags"] = state?.tags;
resourceInputs["tagsAll"] = state?.tagsAll;
}
else {
const args = argsOrState;
resourceInputs["approvalRules"] = args?.approvalRules;
resourceInputs["approvedPatches"] = args?.approvedPatches;
resourceInputs["approvedPatchesComplianceLevel"] = args?.approvedPatchesComplianceLevel;
resourceInputs["approvedPatchesEnableNonSecurity"] = args?.approvedPatchesEnableNonSecurity;
resourceInputs["availableSecurityUpdatesComplianceStatus"] = args?.availableSecurityUpdatesComplianceStatus;
resourceInputs["description"] = args?.description;
resourceInputs["globalFilters"] = args?.globalFilters;
resourceInputs["name"] = args?.name;
resourceInputs["operatingSystem"] = args?.operatingSystem;
resourceInputs["region"] = args?.region;
resourceInputs["rejectedPatches"] = args?.rejectedPatches;
resourceInputs["rejectedPatchesAction"] = args?.rejectedPatchesAction;
resourceInputs["sources"] = args?.sources;
resourceInputs["tags"] = args?.tags;
resourceInputs["arn"] = undefined /*out*/;
resourceInputs["json"] = undefined /*out*/;
resourceInputs["tagsAll"] = undefined /*out*/;
}
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
super(PatchBaseline.__pulumiType, name, resourceInputs, opts);
}
}
exports.PatchBaseline = PatchBaseline;
/** @internal */
PatchBaseline.__pulumiType = 'aws:ssm/patchBaseline:PatchBaseline';
//# sourceMappingURL=patchBaseline.js.map