github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/website/source/docs/providers/aws/r/ssm_patch_baseline.html.markdown (about)

     1  ---
     2  layout: "aws"
     3  page_title: "AWS: aws_ssm_patch_baseline"
     4  sidebar_current: "docs-aws-resource-ssm-patch-baseline"
     5  description: |-
     6    Provides an SSM Patch Baseline resource
     7  ---
     8  
     9  # aws_ssm_patch_baseline
    10  
    11  Provides an SSM Patch Baseline resource
    12  
    13  ~> **NOTE on Patch Baselines:** The `approved_patches` and `approval_rule` are 
    14  both marked as optional fields, but the Patch Baseline requires that at least one
    15  of them is specified.
    16  
    17  ## Example Usage
    18  
    19  Basic usage using `approved_patches` only
    20  
    21  ```hcl
    22  resource "aws_ssm_patch_baseline" "production" {
    23    name  = "patch-baseline"
    24    approved_patches = ["KB123456"]
    25  }
    26  ```
    27  
    28  Advanced usage, specifying patch filters
    29  
    30  ```hcl
    31  resource "aws_ssm_patch_baseline" "production" {
    32    name  = "patch-baseline"
    33    description = "Patch Baseline Description"
    34    approved_patches = ["KB123456", "KB456789"]
    35    rejected_patches = ["KB987654"]
    36    global_filter {
    37      key = "PRODUCT"
    38      values = ["WindowsServer2008"]
    39    }
    40    global_filter {
    41      key = "CLASSIFICATION"
    42      values = ["ServicePacks"]
    43    }
    44    global_filter {
    45      key = "MSRC_SEVERITY"
    46      values = ["Low"]
    47    }
    48    approval_rule {
    49      approve_after_days = 7
    50      patch_filter {
    51        key = "PRODUCT"
    52        values = ["WindowsServer2016"]
    53      }
    54      patch_filter {
    55        key = "CLASSIFICATION"
    56        values = ["CriticalUpdates", "SecurityUpdates", "Updates"]
    57      }
    58      patch_filter {
    59        key = "MSRC_SEVERITY"
    60        values = ["Critical", "Important", "Moderate"]
    61      }
    62    }
    63    approval_rule {
    64      approve_after_days = 7
    65      patch_filter {
    66        key = "PRODUCT"
    67        values = ["WindowsServer2012"]
    68      }
    69    }
    70  }
    71  ```
    72  
    73  
    74  ## Argument Reference
    75  
    76  The following arguments are supported:
    77  
    78  * `name` - (Required) The name of the patch baseline.
    79  * `description` - (Optional) The description of the patch baseline.
    80  * `approved_patches` - (Optional) A list of explicitly approved patches for the baseline.
    81  * `rejected_patches` - (Optional) A list of rejected patches.
    82  * `global_filter` - (Optional) A set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT | CLASSIFICATION | MSRC_SEVERITY | PATCH_ID`.
    83  * `approval_rule` - (Optional) A set of rules used to include patches in the baseline. up to 10 approval rules can be specified. Each approval_rule block requires the fields documented below.
    84  
    85  The `approval_rule` block supports:
    86  
    87  * `approve_after_days` - (Required) The number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline. Valid Range: 0 to 100.
    88  * `patch_filter` - (Required) The patch filter group that defines the criteria for the rule. Up to 4 patch filters can be specified per approval rule using Key/Value pairs. Valid Keys are `PRODUCT | CLASSIFICATION | MSRC_SEVERITY | PATCH_ID`.
    89  
    90  
    91  ## Attributes Reference
    92  
    93  The following attributes are exported:
    94  
    95  * `id` - The ID of the patch baseline.