interface RuleProperty
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.SSM.CfnPatchBaseline.RuleProperty |
 Java | software.amazon.awscdk.services.ssm.CfnPatchBaseline.RuleProperty |
 Python | aws_cdk.aws_ssm.CfnPatchBaseline.RuleProperty |
 TypeScript | @aws-cdk/aws-ssm » CfnPatchBaseline » RuleProperty |
The Rule property type specifies an approval rule for a Systems Manager patch baseline.
The PatchRules property of the RuleGroup property type contains a list of Rule property types.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import * as ssm from '@aws-cdk/aws-ssm';
const ruleProperty: ssm.CfnPatchBaseline.RuleProperty = {
approveAfterDays: 123,
approveUntilDate: 'approveUntilDate',
complianceLevel: 'complianceLevel',
enableNonSecurity: false,
patchFilterGroup: {
patchFilters: [{
key: 'key',
values: ['values'],
}],
},
};
Properties
| Name | Type | Description |
|---|---|---|
| approve | number | The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. |
| approve | string | The cutoff date for auto approval of released patches. |
| compliance | string | A compliance severity level for all approved patches in a patch baseline. |
| enable | boolean | IResolvable | For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. |
| patch | IResolvable | Patch | The patch filter group that defines the criteria for the rule. |
approveAfterDays?
Type:
number
(optional)
The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline.
For example, a value of 7 means that patches are approved seven days after they are released.
You must specify a value for ApproveAfterDays .
Exception: Not supported on Debian Server or Ubuntu Server.
approveUntilDate?
Type:
string
(optional)
The cutoff date for auto approval of released patches.
Any patches released on or before this date are installed automatically. Not supported on Debian Server or Ubuntu Server.
Enter dates in the format YYYY-MM-DD . For example, 2021-12-31 .
complianceLevel?
Type:
string
(optional)
A compliance severity level for all approved patches in a patch baseline.
Valid compliance severity levels include the following: UNSPECIFIED , CRITICAL , HIGH , MEDIUM , LOW , and INFORMATIONAL .
enableNonSecurity?
Type:
boolean | IResolvable
(optional)
For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository.
The default value is false . Applies to Linux managed nodes only.
patchFilterGroup?
Type:
IResolvable | Patch
(optional)
The patch filter group that defines the criteria for the rule.