github.com/pulumi/pulumi-aws/sdk/v6@v6.32.0/go/aws/ssm/patchBaseline.go (about) 1 // Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. 2 // *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** 3 4 package ssm 5 6 import ( 7 "context" 8 "reflect" 9 10 "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/internal" 11 "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 12 ) 13 14 // Provides an SSM Patch Baseline resource. 15 // 16 // > **NOTE on Patch Baselines:** The `approvedPatches` and `approvalRule` are 17 // both marked as optional fields, but the Patch Baseline requires that at least one 18 // of them is specified. 19 // 20 // ## Example Usage 21 // 22 // ### Basic Usage 23 // 24 // Using `approvedPatches` only. 25 // 26 // <!--Start PulumiCodeChooser --> 27 // ```go 28 // package main 29 // 30 // import ( 31 // 32 // "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm" 33 // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 34 // 35 // ) 36 // 37 // func main() { 38 // pulumi.Run(func(ctx *pulumi.Context) error { 39 // _, err := ssm.NewPatchBaseline(ctx, "production", &ssm.PatchBaselineArgs{ 40 // Name: pulumi.String("patch-baseline"), 41 // ApprovedPatches: pulumi.StringArray{ 42 // pulumi.String("KB123456"), 43 // }, 44 // }) 45 // if err != nil { 46 // return err 47 // } 48 // return nil 49 // }) 50 // } 51 // 52 // ``` 53 // <!--End PulumiCodeChooser --> 54 // 55 // ### Advanced Usage, specifying patch filters 56 // 57 // <!--Start PulumiCodeChooser --> 58 // ```go 59 // package main 60 // 61 // import ( 62 // 63 // "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm" 64 // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 65 // 66 // ) 67 // 68 // func main() { 69 // pulumi.Run(func(ctx *pulumi.Context) error { 70 // _, err := ssm.NewPatchBaseline(ctx, "production", &ssm.PatchBaselineArgs{ 71 // Name: pulumi.String("patch-baseline"), 72 // Description: pulumi.String("Patch Baseline Description"), 73 // ApprovedPatches: pulumi.StringArray{ 74 // pulumi.String("KB123456"), 75 // pulumi.String("KB456789"), 76 // }, 77 // RejectedPatches: pulumi.StringArray{ 78 // pulumi.String("KB987654"), 79 // }, 80 // GlobalFilters: ssm.PatchBaselineGlobalFilterArray{ 81 // &ssm.PatchBaselineGlobalFilterArgs{ 82 // Key: pulumi.String("PRODUCT"), 83 // Values: pulumi.StringArray{ 84 // pulumi.String("WindowsServer2008"), 85 // }, 86 // }, 87 // &ssm.PatchBaselineGlobalFilterArgs{ 88 // Key: pulumi.String("CLASSIFICATION"), 89 // Values: pulumi.StringArray{ 90 // pulumi.String("ServicePacks"), 91 // }, 92 // }, 93 // &ssm.PatchBaselineGlobalFilterArgs{ 94 // Key: pulumi.String("MSRC_SEVERITY"), 95 // Values: pulumi.StringArray{ 96 // pulumi.String("Low"), 97 // }, 98 // }, 99 // }, 100 // ApprovalRules: ssm.PatchBaselineApprovalRuleArray{ 101 // &ssm.PatchBaselineApprovalRuleArgs{ 102 // ApproveAfterDays: pulumi.Int(7), 103 // ComplianceLevel: pulumi.String("HIGH"), 104 // PatchFilters: ssm.PatchBaselineApprovalRulePatchFilterArray{ 105 // &ssm.PatchBaselineApprovalRulePatchFilterArgs{ 106 // Key: pulumi.String("PRODUCT"), 107 // Values: pulumi.StringArray{ 108 // pulumi.String("WindowsServer2016"), 109 // }, 110 // }, 111 // &ssm.PatchBaselineApprovalRulePatchFilterArgs{ 112 // Key: pulumi.String("CLASSIFICATION"), 113 // Values: pulumi.StringArray{ 114 // pulumi.String("CriticalUpdates"), 115 // pulumi.String("SecurityUpdates"), 116 // pulumi.String("Updates"), 117 // }, 118 // }, 119 // &ssm.PatchBaselineApprovalRulePatchFilterArgs{ 120 // Key: pulumi.String("MSRC_SEVERITY"), 121 // Values: pulumi.StringArray{ 122 // pulumi.String("Critical"), 123 // pulumi.String("Important"), 124 // pulumi.String("Moderate"), 125 // }, 126 // }, 127 // }, 128 // }, 129 // &ssm.PatchBaselineApprovalRuleArgs{ 130 // ApproveAfterDays: pulumi.Int(7), 131 // PatchFilters: ssm.PatchBaselineApprovalRulePatchFilterArray{ 132 // &ssm.PatchBaselineApprovalRulePatchFilterArgs{ 133 // Key: pulumi.String("PRODUCT"), 134 // Values: pulumi.StringArray{ 135 // pulumi.String("WindowsServer2012"), 136 // }, 137 // }, 138 // }, 139 // }, 140 // }, 141 // }) 142 // if err != nil { 143 // return err 144 // } 145 // return nil 146 // }) 147 // } 148 // 149 // ``` 150 // <!--End PulumiCodeChooser --> 151 // 152 // ### Advanced usage, specifying Microsoft application and Windows patch rules 153 // 154 // <!--Start PulumiCodeChooser --> 155 // ```go 156 // package main 157 // 158 // import ( 159 // 160 // "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm" 161 // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 162 // 163 // ) 164 // 165 // func main() { 166 // pulumi.Run(func(ctx *pulumi.Context) error { 167 // _, err := ssm.NewPatchBaseline(ctx, "windows_os_apps", &ssm.PatchBaselineArgs{ 168 // Name: pulumi.String("WindowsOSAndMicrosoftApps"), 169 // Description: pulumi.String("Patch both Windows and Microsoft apps"), 170 // OperatingSystem: pulumi.String("WINDOWS"), 171 // ApprovalRules: ssm.PatchBaselineApprovalRuleArray{ 172 // &ssm.PatchBaselineApprovalRuleArgs{ 173 // ApproveAfterDays: pulumi.Int(7), 174 // PatchFilters: ssm.PatchBaselineApprovalRulePatchFilterArray{ 175 // &ssm.PatchBaselineApprovalRulePatchFilterArgs{ 176 // Key: pulumi.String("CLASSIFICATION"), 177 // Values: pulumi.StringArray{ 178 // pulumi.String("CriticalUpdates"), 179 // pulumi.String("SecurityUpdates"), 180 // }, 181 // }, 182 // &ssm.PatchBaselineApprovalRulePatchFilterArgs{ 183 // Key: pulumi.String("MSRC_SEVERITY"), 184 // Values: pulumi.StringArray{ 185 // pulumi.String("Critical"), 186 // pulumi.String("Important"), 187 // }, 188 // }, 189 // }, 190 // }, 191 // &ssm.PatchBaselineApprovalRuleArgs{ 192 // ApproveAfterDays: pulumi.Int(7), 193 // PatchFilters: ssm.PatchBaselineApprovalRulePatchFilterArray{ 194 // &ssm.PatchBaselineApprovalRulePatchFilterArgs{ 195 // Key: pulumi.String("PATCH_SET"), 196 // Values: pulumi.StringArray{ 197 // pulumi.String("APPLICATION"), 198 // }, 199 // }, 200 // &ssm.PatchBaselineApprovalRulePatchFilterArgs{ 201 // Key: pulumi.String("PRODUCT"), 202 // Values: pulumi.StringArray{ 203 // pulumi.String("Office 2013"), 204 // pulumi.String("Office 2016"), 205 // }, 206 // }, 207 // }, 208 // }, 209 // }, 210 // }) 211 // if err != nil { 212 // return err 213 // } 214 // return nil 215 // }) 216 // } 217 // 218 // ``` 219 // <!--End PulumiCodeChooser --> 220 // 221 // ### Advanced usage, specifying alternate patch source repository 222 // 223 // <!--Start PulumiCodeChooser --> 224 // ```go 225 // package main 226 // 227 // import ( 228 // 229 // "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm" 230 // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 231 // 232 // ) 233 // 234 // func main() { 235 // pulumi.Run(func(ctx *pulumi.Context) error { 236 // _, err := ssm.NewPatchBaseline(ctx, "al_2017_09", &ssm.PatchBaselineArgs{ 237 // ApprovalRules: ssm.PatchBaselineApprovalRuleArray{ 238 // nil, 239 // }, 240 // Name: pulumi.String("Amazon-Linux-2017.09"), 241 // Description: pulumi.String("My patch repository for Amazon Linux 2017.09"), 242 // OperatingSystem: pulumi.String("AMAZON_LINUX"), 243 // Sources: ssm.PatchBaselineSourceArray{ 244 // &ssm.PatchBaselineSourceArgs{ 245 // Name: pulumi.String("My-AL2017.09"), 246 // Products: pulumi.StringArray{ 247 // pulumi.String("AmazonLinux2017.09"), 248 // }, 249 // Configuration: pulumi.String(`[amzn-main] 250 // 251 // name=amzn-main-Base 252 // mirrorlist=http://repo./$awsregion./$awsdomain//$releasever/main/mirror.list 253 // mirrorlist_expire=300 254 // metadata_expire=300 255 // priority=10 256 // failovermethod=priority 257 // fastestmirror_enabled=0 258 // gpgcheck=1 259 // gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-amazon-ga 260 // enabled=1 261 // retries=3 262 // timeout=5 263 // report_instanceid=yes 264 // `), 265 // 266 // }, 267 // }, 268 // }) 269 // if err != nil { 270 // return err 271 // } 272 // return nil 273 // }) 274 // } 275 // 276 // ``` 277 // <!--End PulumiCodeChooser --> 278 // 279 // ## Import 280 // 281 // Using `pulumi import`, import SSM Patch Baselines using their baseline ID. For example: 282 // 283 // ```sh 284 // $ pulumi import aws:ssm/patchBaseline:PatchBaseline example pb-12345678 285 // ``` 286 type PatchBaseline struct { 287 pulumi.CustomResourceState 288 289 // Set of rules used to include patches in the baseline. Up to 10 approval rules can be specified. See `approvalRule` below. 290 ApprovalRules PatchBaselineApprovalRuleArrayOutput `pulumi:"approvalRules"` 291 // List of explicitly approved patches for the baseline. Cannot be specified with `approvalRule`. 292 ApprovedPatches pulumi.StringArrayOutput `pulumi:"approvedPatches"` 293 // Compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid values are `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`. 294 ApprovedPatchesComplianceLevel pulumi.StringPtrOutput `pulumi:"approvedPatchesComplianceLevel"` 295 // Whether the list of approved patches includes non-security updates that should be applied to the instances. Applies to Linux instances only. 296 ApprovedPatchesEnableNonSecurity pulumi.BoolPtrOutput `pulumi:"approvedPatchesEnableNonSecurity"` 297 // ARN of the baseline. 298 Arn pulumi.StringOutput `pulumi:"arn"` 299 // Description of the patch baseline. 300 Description pulumi.StringPtrOutput `pulumi:"description"` 301 // Set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT`, `CLASSIFICATION`, `MSRC_SEVERITY`, and `PATCH_ID`. 302 GlobalFilters PatchBaselineGlobalFilterArrayOutput `pulumi:"globalFilters"` 303 // JSON definition of the baseline. 304 Json pulumi.StringOutput `pulumi:"json"` 305 // Name of the patch baseline. 306 // 307 // The following arguments are optional: 308 Name pulumi.StringOutput `pulumi:"name"` 309 // Operating system the patch baseline applies to. Valid values are `ALMA_LINUX`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `AMAZON_LINUX_2022`, `AMAZON_LINUX_2023`, `CENTOS`, `DEBIAN`, `MACOS`, `ORACLE_LINUX`, `RASPBIAN`, `REDHAT_ENTERPRISE_LINUX`, `ROCKY_LINUX`, `SUSE`, `UBUNTU`, and `WINDOWS`. The default value is `WINDOWS`. 310 OperatingSystem pulumi.StringPtrOutput `pulumi:"operatingSystem"` 311 // List of rejected patches. 312 RejectedPatches pulumi.StringArrayOutput `pulumi:"rejectedPatches"` 313 // Action for Patch Manager to take on patches included in the `rejectedPatches` list. Valid values are `ALLOW_AS_DEPENDENCY` and `BLOCK`. 314 RejectedPatchesAction pulumi.StringOutput `pulumi:"rejectedPatchesAction"` 315 // Configuration block with alternate sources for patches. Applies to Linux instances only. See `source` below. 316 Sources PatchBaselineSourceArrayOutput `pulumi:"sources"` 317 // Map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 318 Tags pulumi.StringMapOutput `pulumi:"tags"` 319 // Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. 320 // 321 // Deprecated: Please use `tags` instead. 322 TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` 323 } 324 325 // NewPatchBaseline registers a new resource with the given unique name, arguments, and options. 326 func NewPatchBaseline(ctx *pulumi.Context, 327 name string, args *PatchBaselineArgs, opts ...pulumi.ResourceOption) (*PatchBaseline, error) { 328 if args == nil { 329 args = &PatchBaselineArgs{} 330 } 331 332 opts = internal.PkgResourceDefaultOpts(opts) 333 var resource PatchBaseline 334 err := ctx.RegisterResource("aws:ssm/patchBaseline:PatchBaseline", name, args, &resource, opts...) 335 if err != nil { 336 return nil, err 337 } 338 return &resource, nil 339 } 340 341 // GetPatchBaseline gets an existing PatchBaseline resource's state with the given name, ID, and optional 342 // state properties that are used to uniquely qualify the lookup (nil if not required). 343 func GetPatchBaseline(ctx *pulumi.Context, 344 name string, id pulumi.IDInput, state *PatchBaselineState, opts ...pulumi.ResourceOption) (*PatchBaseline, error) { 345 var resource PatchBaseline 346 err := ctx.ReadResource("aws:ssm/patchBaseline:PatchBaseline", name, id, state, &resource, opts...) 347 if err != nil { 348 return nil, err 349 } 350 return &resource, nil 351 } 352 353 // Input properties used for looking up and filtering PatchBaseline resources. 354 type patchBaselineState struct { 355 // Set of rules used to include patches in the baseline. Up to 10 approval rules can be specified. See `approvalRule` below. 356 ApprovalRules []PatchBaselineApprovalRule `pulumi:"approvalRules"` 357 // List of explicitly approved patches for the baseline. Cannot be specified with `approvalRule`. 358 ApprovedPatches []string `pulumi:"approvedPatches"` 359 // Compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid values are `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`. 360 ApprovedPatchesComplianceLevel *string `pulumi:"approvedPatchesComplianceLevel"` 361 // Whether the list of approved patches includes non-security updates that should be applied to the instances. Applies to Linux instances only. 362 ApprovedPatchesEnableNonSecurity *bool `pulumi:"approvedPatchesEnableNonSecurity"` 363 // ARN of the baseline. 364 Arn *string `pulumi:"arn"` 365 // Description of the patch baseline. 366 Description *string `pulumi:"description"` 367 // Set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT`, `CLASSIFICATION`, `MSRC_SEVERITY`, and `PATCH_ID`. 368 GlobalFilters []PatchBaselineGlobalFilter `pulumi:"globalFilters"` 369 // JSON definition of the baseline. 370 Json *string `pulumi:"json"` 371 // Name of the patch baseline. 372 // 373 // The following arguments are optional: 374 Name *string `pulumi:"name"` 375 // Operating system the patch baseline applies to. Valid values are `ALMA_LINUX`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `AMAZON_LINUX_2022`, `AMAZON_LINUX_2023`, `CENTOS`, `DEBIAN`, `MACOS`, `ORACLE_LINUX`, `RASPBIAN`, `REDHAT_ENTERPRISE_LINUX`, `ROCKY_LINUX`, `SUSE`, `UBUNTU`, and `WINDOWS`. The default value is `WINDOWS`. 376 OperatingSystem *string `pulumi:"operatingSystem"` 377 // List of rejected patches. 378 RejectedPatches []string `pulumi:"rejectedPatches"` 379 // Action for Patch Manager to take on patches included in the `rejectedPatches` list. Valid values are `ALLOW_AS_DEPENDENCY` and `BLOCK`. 380 RejectedPatchesAction *string `pulumi:"rejectedPatchesAction"` 381 // Configuration block with alternate sources for patches. Applies to Linux instances only. See `source` below. 382 Sources []PatchBaselineSource `pulumi:"sources"` 383 // Map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 384 Tags map[string]string `pulumi:"tags"` 385 // Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. 386 // 387 // Deprecated: Please use `tags` instead. 388 TagsAll map[string]string `pulumi:"tagsAll"` 389 } 390 391 type PatchBaselineState struct { 392 // Set of rules used to include patches in the baseline. Up to 10 approval rules can be specified. See `approvalRule` below. 393 ApprovalRules PatchBaselineApprovalRuleArrayInput 394 // List of explicitly approved patches for the baseline. Cannot be specified with `approvalRule`. 395 ApprovedPatches pulumi.StringArrayInput 396 // Compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid values are `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`. 397 ApprovedPatchesComplianceLevel pulumi.StringPtrInput 398 // Whether the list of approved patches includes non-security updates that should be applied to the instances. Applies to Linux instances only. 399 ApprovedPatchesEnableNonSecurity pulumi.BoolPtrInput 400 // ARN of the baseline. 401 Arn pulumi.StringPtrInput 402 // Description of the patch baseline. 403 Description pulumi.StringPtrInput 404 // Set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT`, `CLASSIFICATION`, `MSRC_SEVERITY`, and `PATCH_ID`. 405 GlobalFilters PatchBaselineGlobalFilterArrayInput 406 // JSON definition of the baseline. 407 Json pulumi.StringPtrInput 408 // Name of the patch baseline. 409 // 410 // The following arguments are optional: 411 Name pulumi.StringPtrInput 412 // Operating system the patch baseline applies to. Valid values are `ALMA_LINUX`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `AMAZON_LINUX_2022`, `AMAZON_LINUX_2023`, `CENTOS`, `DEBIAN`, `MACOS`, `ORACLE_LINUX`, `RASPBIAN`, `REDHAT_ENTERPRISE_LINUX`, `ROCKY_LINUX`, `SUSE`, `UBUNTU`, and `WINDOWS`. The default value is `WINDOWS`. 413 OperatingSystem pulumi.StringPtrInput 414 // List of rejected patches. 415 RejectedPatches pulumi.StringArrayInput 416 // Action for Patch Manager to take on patches included in the `rejectedPatches` list. Valid values are `ALLOW_AS_DEPENDENCY` and `BLOCK`. 417 RejectedPatchesAction pulumi.StringPtrInput 418 // Configuration block with alternate sources for patches. Applies to Linux instances only. See `source` below. 419 Sources PatchBaselineSourceArrayInput 420 // Map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 421 Tags pulumi.StringMapInput 422 // Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. 423 // 424 // Deprecated: Please use `tags` instead. 425 TagsAll pulumi.StringMapInput 426 } 427 428 func (PatchBaselineState) ElementType() reflect.Type { 429 return reflect.TypeOf((*patchBaselineState)(nil)).Elem() 430 } 431 432 type patchBaselineArgs struct { 433 // Set of rules used to include patches in the baseline. Up to 10 approval rules can be specified. See `approvalRule` below. 434 ApprovalRules []PatchBaselineApprovalRule `pulumi:"approvalRules"` 435 // List of explicitly approved patches for the baseline. Cannot be specified with `approvalRule`. 436 ApprovedPatches []string `pulumi:"approvedPatches"` 437 // Compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid values are `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`. 438 ApprovedPatchesComplianceLevel *string `pulumi:"approvedPatchesComplianceLevel"` 439 // Whether the list of approved patches includes non-security updates that should be applied to the instances. Applies to Linux instances only. 440 ApprovedPatchesEnableNonSecurity *bool `pulumi:"approvedPatchesEnableNonSecurity"` 441 // Description of the patch baseline. 442 Description *string `pulumi:"description"` 443 // Set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT`, `CLASSIFICATION`, `MSRC_SEVERITY`, and `PATCH_ID`. 444 GlobalFilters []PatchBaselineGlobalFilter `pulumi:"globalFilters"` 445 // Name of the patch baseline. 446 // 447 // The following arguments are optional: 448 Name *string `pulumi:"name"` 449 // Operating system the patch baseline applies to. Valid values are `ALMA_LINUX`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `AMAZON_LINUX_2022`, `AMAZON_LINUX_2023`, `CENTOS`, `DEBIAN`, `MACOS`, `ORACLE_LINUX`, `RASPBIAN`, `REDHAT_ENTERPRISE_LINUX`, `ROCKY_LINUX`, `SUSE`, `UBUNTU`, and `WINDOWS`. The default value is `WINDOWS`. 450 OperatingSystem *string `pulumi:"operatingSystem"` 451 // List of rejected patches. 452 RejectedPatches []string `pulumi:"rejectedPatches"` 453 // Action for Patch Manager to take on patches included in the `rejectedPatches` list. Valid values are `ALLOW_AS_DEPENDENCY` and `BLOCK`. 454 RejectedPatchesAction *string `pulumi:"rejectedPatchesAction"` 455 // Configuration block with alternate sources for patches. Applies to Linux instances only. See `source` below. 456 Sources []PatchBaselineSource `pulumi:"sources"` 457 // Map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 458 Tags map[string]string `pulumi:"tags"` 459 } 460 461 // The set of arguments for constructing a PatchBaseline resource. 462 type PatchBaselineArgs struct { 463 // Set of rules used to include patches in the baseline. Up to 10 approval rules can be specified. See `approvalRule` below. 464 ApprovalRules PatchBaselineApprovalRuleArrayInput 465 // List of explicitly approved patches for the baseline. Cannot be specified with `approvalRule`. 466 ApprovedPatches pulumi.StringArrayInput 467 // Compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid values are `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`. 468 ApprovedPatchesComplianceLevel pulumi.StringPtrInput 469 // Whether the list of approved patches includes non-security updates that should be applied to the instances. Applies to Linux instances only. 470 ApprovedPatchesEnableNonSecurity pulumi.BoolPtrInput 471 // Description of the patch baseline. 472 Description pulumi.StringPtrInput 473 // Set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT`, `CLASSIFICATION`, `MSRC_SEVERITY`, and `PATCH_ID`. 474 GlobalFilters PatchBaselineGlobalFilterArrayInput 475 // Name of the patch baseline. 476 // 477 // The following arguments are optional: 478 Name pulumi.StringPtrInput 479 // Operating system the patch baseline applies to. Valid values are `ALMA_LINUX`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `AMAZON_LINUX_2022`, `AMAZON_LINUX_2023`, `CENTOS`, `DEBIAN`, `MACOS`, `ORACLE_LINUX`, `RASPBIAN`, `REDHAT_ENTERPRISE_LINUX`, `ROCKY_LINUX`, `SUSE`, `UBUNTU`, and `WINDOWS`. The default value is `WINDOWS`. 480 OperatingSystem pulumi.StringPtrInput 481 // List of rejected patches. 482 RejectedPatches pulumi.StringArrayInput 483 // Action for Patch Manager to take on patches included in the `rejectedPatches` list. Valid values are `ALLOW_AS_DEPENDENCY` and `BLOCK`. 484 RejectedPatchesAction pulumi.StringPtrInput 485 // Configuration block with alternate sources for patches. Applies to Linux instances only. See `source` below. 486 Sources PatchBaselineSourceArrayInput 487 // Map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 488 Tags pulumi.StringMapInput 489 } 490 491 func (PatchBaselineArgs) ElementType() reflect.Type { 492 return reflect.TypeOf((*patchBaselineArgs)(nil)).Elem() 493 } 494 495 type PatchBaselineInput interface { 496 pulumi.Input 497 498 ToPatchBaselineOutput() PatchBaselineOutput 499 ToPatchBaselineOutputWithContext(ctx context.Context) PatchBaselineOutput 500 } 501 502 func (*PatchBaseline) ElementType() reflect.Type { 503 return reflect.TypeOf((**PatchBaseline)(nil)).Elem() 504 } 505 506 func (i *PatchBaseline) ToPatchBaselineOutput() PatchBaselineOutput { 507 return i.ToPatchBaselineOutputWithContext(context.Background()) 508 } 509 510 func (i *PatchBaseline) ToPatchBaselineOutputWithContext(ctx context.Context) PatchBaselineOutput { 511 return pulumi.ToOutputWithContext(ctx, i).(PatchBaselineOutput) 512 } 513 514 // PatchBaselineArrayInput is an input type that accepts PatchBaselineArray and PatchBaselineArrayOutput values. 515 // You can construct a concrete instance of `PatchBaselineArrayInput` via: 516 // 517 // PatchBaselineArray{ PatchBaselineArgs{...} } 518 type PatchBaselineArrayInput interface { 519 pulumi.Input 520 521 ToPatchBaselineArrayOutput() PatchBaselineArrayOutput 522 ToPatchBaselineArrayOutputWithContext(context.Context) PatchBaselineArrayOutput 523 } 524 525 type PatchBaselineArray []PatchBaselineInput 526 527 func (PatchBaselineArray) ElementType() reflect.Type { 528 return reflect.TypeOf((*[]*PatchBaseline)(nil)).Elem() 529 } 530 531 func (i PatchBaselineArray) ToPatchBaselineArrayOutput() PatchBaselineArrayOutput { 532 return i.ToPatchBaselineArrayOutputWithContext(context.Background()) 533 } 534 535 func (i PatchBaselineArray) ToPatchBaselineArrayOutputWithContext(ctx context.Context) PatchBaselineArrayOutput { 536 return pulumi.ToOutputWithContext(ctx, i).(PatchBaselineArrayOutput) 537 } 538 539 // PatchBaselineMapInput is an input type that accepts PatchBaselineMap and PatchBaselineMapOutput values. 540 // You can construct a concrete instance of `PatchBaselineMapInput` via: 541 // 542 // PatchBaselineMap{ "key": PatchBaselineArgs{...} } 543 type PatchBaselineMapInput interface { 544 pulumi.Input 545 546 ToPatchBaselineMapOutput() PatchBaselineMapOutput 547 ToPatchBaselineMapOutputWithContext(context.Context) PatchBaselineMapOutput 548 } 549 550 type PatchBaselineMap map[string]PatchBaselineInput 551 552 func (PatchBaselineMap) ElementType() reflect.Type { 553 return reflect.TypeOf((*map[string]*PatchBaseline)(nil)).Elem() 554 } 555 556 func (i PatchBaselineMap) ToPatchBaselineMapOutput() PatchBaselineMapOutput { 557 return i.ToPatchBaselineMapOutputWithContext(context.Background()) 558 } 559 560 func (i PatchBaselineMap) ToPatchBaselineMapOutputWithContext(ctx context.Context) PatchBaselineMapOutput { 561 return pulumi.ToOutputWithContext(ctx, i).(PatchBaselineMapOutput) 562 } 563 564 type PatchBaselineOutput struct{ *pulumi.OutputState } 565 566 func (PatchBaselineOutput) ElementType() reflect.Type { 567 return reflect.TypeOf((**PatchBaseline)(nil)).Elem() 568 } 569 570 func (o PatchBaselineOutput) ToPatchBaselineOutput() PatchBaselineOutput { 571 return o 572 } 573 574 func (o PatchBaselineOutput) ToPatchBaselineOutputWithContext(ctx context.Context) PatchBaselineOutput { 575 return o 576 } 577 578 // Set of rules used to include patches in the baseline. Up to 10 approval rules can be specified. See `approvalRule` below. 579 func (o PatchBaselineOutput) ApprovalRules() PatchBaselineApprovalRuleArrayOutput { 580 return o.ApplyT(func(v *PatchBaseline) PatchBaselineApprovalRuleArrayOutput { return v.ApprovalRules }).(PatchBaselineApprovalRuleArrayOutput) 581 } 582 583 // List of explicitly approved patches for the baseline. Cannot be specified with `approvalRule`. 584 func (o PatchBaselineOutput) ApprovedPatches() pulumi.StringArrayOutput { 585 return o.ApplyT(func(v *PatchBaseline) pulumi.StringArrayOutput { return v.ApprovedPatches }).(pulumi.StringArrayOutput) 586 } 587 588 // Compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid values are `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`. 589 func (o PatchBaselineOutput) ApprovedPatchesComplianceLevel() pulumi.StringPtrOutput { 590 return o.ApplyT(func(v *PatchBaseline) pulumi.StringPtrOutput { return v.ApprovedPatchesComplianceLevel }).(pulumi.StringPtrOutput) 591 } 592 593 // Whether the list of approved patches includes non-security updates that should be applied to the instances. Applies to Linux instances only. 594 func (o PatchBaselineOutput) ApprovedPatchesEnableNonSecurity() pulumi.BoolPtrOutput { 595 return o.ApplyT(func(v *PatchBaseline) pulumi.BoolPtrOutput { return v.ApprovedPatchesEnableNonSecurity }).(pulumi.BoolPtrOutput) 596 } 597 598 // ARN of the baseline. 599 func (o PatchBaselineOutput) Arn() pulumi.StringOutput { 600 return o.ApplyT(func(v *PatchBaseline) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) 601 } 602 603 // Description of the patch baseline. 604 func (o PatchBaselineOutput) Description() pulumi.StringPtrOutput { 605 return o.ApplyT(func(v *PatchBaseline) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) 606 } 607 608 // Set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT`, `CLASSIFICATION`, `MSRC_SEVERITY`, and `PATCH_ID`. 609 func (o PatchBaselineOutput) GlobalFilters() PatchBaselineGlobalFilterArrayOutput { 610 return o.ApplyT(func(v *PatchBaseline) PatchBaselineGlobalFilterArrayOutput { return v.GlobalFilters }).(PatchBaselineGlobalFilterArrayOutput) 611 } 612 613 // JSON definition of the baseline. 614 func (o PatchBaselineOutput) Json() pulumi.StringOutput { 615 return o.ApplyT(func(v *PatchBaseline) pulumi.StringOutput { return v.Json }).(pulumi.StringOutput) 616 } 617 618 // Name of the patch baseline. 619 // 620 // The following arguments are optional: 621 func (o PatchBaselineOutput) Name() pulumi.StringOutput { 622 return o.ApplyT(func(v *PatchBaseline) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) 623 } 624 625 // Operating system the patch baseline applies to. Valid values are `ALMA_LINUX`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `AMAZON_LINUX_2022`, `AMAZON_LINUX_2023`, `CENTOS`, `DEBIAN`, `MACOS`, `ORACLE_LINUX`, `RASPBIAN`, `REDHAT_ENTERPRISE_LINUX`, `ROCKY_LINUX`, `SUSE`, `UBUNTU`, and `WINDOWS`. The default value is `WINDOWS`. 626 func (o PatchBaselineOutput) OperatingSystem() pulumi.StringPtrOutput { 627 return o.ApplyT(func(v *PatchBaseline) pulumi.StringPtrOutput { return v.OperatingSystem }).(pulumi.StringPtrOutput) 628 } 629 630 // List of rejected patches. 631 func (o PatchBaselineOutput) RejectedPatches() pulumi.StringArrayOutput { 632 return o.ApplyT(func(v *PatchBaseline) pulumi.StringArrayOutput { return v.RejectedPatches }).(pulumi.StringArrayOutput) 633 } 634 635 // Action for Patch Manager to take on patches included in the `rejectedPatches` list. Valid values are `ALLOW_AS_DEPENDENCY` and `BLOCK`. 636 func (o PatchBaselineOutput) RejectedPatchesAction() pulumi.StringOutput { 637 return o.ApplyT(func(v *PatchBaseline) pulumi.StringOutput { return v.RejectedPatchesAction }).(pulumi.StringOutput) 638 } 639 640 // Configuration block with alternate sources for patches. Applies to Linux instances only. See `source` below. 641 func (o PatchBaselineOutput) Sources() PatchBaselineSourceArrayOutput { 642 return o.ApplyT(func(v *PatchBaseline) PatchBaselineSourceArrayOutput { return v.Sources }).(PatchBaselineSourceArrayOutput) 643 } 644 645 // Map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 646 func (o PatchBaselineOutput) Tags() pulumi.StringMapOutput { 647 return o.ApplyT(func(v *PatchBaseline) pulumi.StringMapOutput { return v.Tags }).(pulumi.StringMapOutput) 648 } 649 650 // Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. 651 // 652 // Deprecated: Please use `tags` instead. 653 func (o PatchBaselineOutput) TagsAll() pulumi.StringMapOutput { 654 return o.ApplyT(func(v *PatchBaseline) pulumi.StringMapOutput { return v.TagsAll }).(pulumi.StringMapOutput) 655 } 656 657 type PatchBaselineArrayOutput struct{ *pulumi.OutputState } 658 659 func (PatchBaselineArrayOutput) ElementType() reflect.Type { 660 return reflect.TypeOf((*[]*PatchBaseline)(nil)).Elem() 661 } 662 663 func (o PatchBaselineArrayOutput) ToPatchBaselineArrayOutput() PatchBaselineArrayOutput { 664 return o 665 } 666 667 func (o PatchBaselineArrayOutput) ToPatchBaselineArrayOutputWithContext(ctx context.Context) PatchBaselineArrayOutput { 668 return o 669 } 670 671 func (o PatchBaselineArrayOutput) Index(i pulumi.IntInput) PatchBaselineOutput { 672 return pulumi.All(o, i).ApplyT(func(vs []interface{}) *PatchBaseline { 673 return vs[0].([]*PatchBaseline)[vs[1].(int)] 674 }).(PatchBaselineOutput) 675 } 676 677 type PatchBaselineMapOutput struct{ *pulumi.OutputState } 678 679 func (PatchBaselineMapOutput) ElementType() reflect.Type { 680 return reflect.TypeOf((*map[string]*PatchBaseline)(nil)).Elem() 681 } 682 683 func (o PatchBaselineMapOutput) ToPatchBaselineMapOutput() PatchBaselineMapOutput { 684 return o 685 } 686 687 func (o PatchBaselineMapOutput) ToPatchBaselineMapOutputWithContext(ctx context.Context) PatchBaselineMapOutput { 688 return o 689 } 690 691 func (o PatchBaselineMapOutput) MapIndex(k pulumi.StringInput) PatchBaselineOutput { 692 return pulumi.All(o, k).ApplyT(func(vs []interface{}) *PatchBaseline { 693 return vs[0].(map[string]*PatchBaseline)[vs[1].(string)] 694 }).(PatchBaselineOutput) 695 } 696 697 func init() { 698 pulumi.RegisterInputType(reflect.TypeOf((*PatchBaselineInput)(nil)).Elem(), &PatchBaseline{}) 699 pulumi.RegisterInputType(reflect.TypeOf((*PatchBaselineArrayInput)(nil)).Elem(), PatchBaselineArray{}) 700 pulumi.RegisterInputType(reflect.TypeOf((*PatchBaselineMapInput)(nil)).Elem(), PatchBaselineMap{}) 701 pulumi.RegisterOutputType(PatchBaselineOutput{}) 702 pulumi.RegisterOutputType(PatchBaselineArrayOutput{}) 703 pulumi.RegisterOutputType(PatchBaselineMapOutput{}) 704 }