PatchSummary
Provides an overview of the patch compliance status for an instance against a selected compliance standard.
Contents
- Id
-
The identifier of the compliance standard that was used to determine the patch compliance status.
Length Constraints: Minimum length of 1. Maximum length of 256.
Type: String
Pattern:
.*\S.*
Required: Yes
- FailedCount
-
The number of patches from the compliance standard that failed to install.
The value can be an integer from
0
to100000
.Type: Integer
Required: No
- InstalledCount
-
The number of patches from the compliance standard that were installed successfully.
The value can be an integer from
0
to100000
.Type: Integer
Required: No
- InstalledOtherCount
-
The number of installed patches that are not part of the compliance standard.
The value can be an integer from
0
to100000
.Type: Integer
Required: No
- InstalledPendingReboot
-
The number of patches that were applied, but that require the instance to be rebooted in order to be marked as installed.
The value can be an integer from
0
to100000
.Type: Integer
Required: No
- InstalledRejectedCount
-
The number of patches that are installed but are also on a list of patches that the customer rejected.
The value can be an integer from
0
to100000
.Type: Integer
Required: No
- MissingCount
-
The number of patches that are part of the compliance standard but are not installed. The count includes patches that failed to install.
The value can be an integer from
0
to100000
.Type: Integer
Required: No
- Operation
-
The type of patch operation performed. For Patch Manager, the values are
SCAN
andINSTALL
.Length Constraints: Minimum length of 1. Maximum length of 256.
Type: String
Pattern:
.*\S.*
Required: No
- OperationEndTime
-
Indicates when the operation completed.
This field accepts only the specified formats. Timestamps can end with
Z
or("+" / "-") time-hour [":" time-minute]
. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats that you can send to Security Hub:-
YYYY-MM-DDTHH:MM:SSZ
(for example,2019-01-31T23:00:00Z
) -
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ
(for example,2019-01-31T23:00:00.123456789Z
) -
YYYY-MM-DDTHH:MM:SS+HH:MM
(for example,2024-01-04T15:25:10+17:59
) -
YYYY-MM-DDTHH:MM:SS-HHMM
(for example,2024-01-04T15:25:10-1759
) -
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM
(for example,2024-01-04T15:25:10.123456789+17:59
)
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round
2024-10-31T23:00:00.123456789Z
to2024-10-31T23:00:00.123Z
.Type: String
Pattern:
.*\S.*
Required: No
-
- OperationStartTime
-
Indicates when the operation started.
This field accepts only the specified formats. Timestamps can end with
Z
or("+" / "-") time-hour [":" time-minute]
. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats that you can send to Security Hub:-
YYYY-MM-DDTHH:MM:SSZ
(for example,2019-01-31T23:00:00Z
) -
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ
(for example,2019-01-31T23:00:00.123456789Z
) -
YYYY-MM-DDTHH:MM:SS+HH:MM
(for example,2024-01-04T15:25:10+17:59
) -
YYYY-MM-DDTHH:MM:SS-HHMM
(for example,2024-01-04T15:25:10-1759
) -
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM
(for example,2024-01-04T15:25:10.123456789+17:59
)
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round
2024-10-31T23:00:00.123456789Z
to2024-10-31T23:00:00.123Z
.Type: String
Pattern:
.*\S.*
Required: No
-
- RebootOption
-
The reboot option specified for the instance.
Length Constraints: Minimum length of 1. Maximum length of 256.
Type: String
Pattern:
.*\S.*
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: