As of January 1, 2020 this library no longer supports Python 2 on the latest released version. Library versions released prior to that date will continue to be available. For more information please visit Python 2 support on Google Cloud.

Types for Google Cloud Osconfig v1 API

class google.cloud.osconfig_v1.types.AptSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Apt patching is completed by executing apt-get update && apt-get upgrade. Additional options can be set to control how this is executed.

type_

By changing the type to DIST, the patching is performed using apt-get dist-upgrade instead.

Type

google.cloud.osconfig_v1.types.AptSettings.Type

excludes

List of packages to exclude from update. These packages will be excluded

Type

Sequence[str]

exclusive_packages

An exclusive list of packages to be updated. These are the only packages that will be updated. If these packages are not installed, they will be ignored. This field cannot be specified with any other patch configuration fields.

Type

Sequence[str]

class Type(value)[source]

Bases: proto.enums.Enum

Apt patch type.

DIST = 1
TYPE_UNSPECIFIED = 0
UPGRADE = 2
class google.cloud.osconfig_v1.types.CVSSv3(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Common Vulnerability Scoring System version 3. For details, see https://www.first.org/cvss/specification- document

base_score

The base score is a function of the base metric scores. https://www.first.org/cvss/specification- document#Base-Metrics

Type

float

exploitability_score

The Exploitability sub-score equation is derived from the Base Exploitability metrics. https://www.first.org/cvss/specification- document#2-1-Exploitability-Metrics

Type

float

impact_score

The Impact sub-score equation is derived from the Base Impact metrics.

Type

float

attack_vector

This metric reflects the context by which vulnerability exploitation is possible.

Type

google.cloud.osconfig_v1.types.CVSSv3.AttackVector

attack_complexity

This metric describes the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability.

Type

google.cloud.osconfig_v1.types.CVSSv3.AttackComplexity

privileges_required

This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.

Type

google.cloud.osconfig_v1.types.CVSSv3.PrivilegesRequired

user_interaction

This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.

Type

google.cloud.osconfig_v1.types.CVSSv3.UserInteraction

scope

The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.

Type

google.cloud.osconfig_v1.types.CVSSv3.Scope

confidentiality_impact

This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.

Type

google.cloud.osconfig_v1.types.CVSSv3.Impact

integrity_impact

This metric measures the impact to integrity of a successfully exploited vulnerability.

Type

google.cloud.osconfig_v1.types.CVSSv3.Impact

availability_impact

This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability.

Type

google.cloud.osconfig_v1.types.CVSSv3.Impact

class AttackComplexity(value)[source]

Bases: proto.enums.Enum

This metric describes the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability.

ATTACK_COMPLEXITY_HIGH = 2
ATTACK_COMPLEXITY_LOW = 1
ATTACK_COMPLEXITY_UNSPECIFIED = 0
class AttackVector(value)[source]

Bases: proto.enums.Enum

This metric reflects the context by which vulnerability exploitation is possible.

ATTACK_VECTOR_ADJACENT = 2
ATTACK_VECTOR_LOCAL = 3
ATTACK_VECTOR_NETWORK = 1
ATTACK_VECTOR_PHYSICAL = 4
ATTACK_VECTOR_UNSPECIFIED = 0
class Impact(value)[source]

Bases: proto.enums.Enum

The Impact metrics capture the effects of a successfully exploited vulnerability on the component that suffers the worst outcome that is most directly and predictably associated with the attack.

IMPACT_HIGH = 1
IMPACT_LOW = 2
IMPACT_NONE = 3
IMPACT_UNSPECIFIED = 0
class PrivilegesRequired(value)[source]

Bases: proto.enums.Enum

This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.

PRIVILEGES_REQUIRED_HIGH = 3
PRIVILEGES_REQUIRED_LOW = 2
PRIVILEGES_REQUIRED_NONE = 1
PRIVILEGES_REQUIRED_UNSPECIFIED = 0
class Scope(value)[source]

Bases: proto.enums.Enum

The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.

SCOPE_CHANGED = 2
SCOPE_UNCHANGED = 1
SCOPE_UNSPECIFIED = 0
class UserInteraction(value)[source]

Bases: proto.enums.Enum

This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.

USER_INTERACTION_NONE = 1
USER_INTERACTION_REQUIRED = 2
USER_INTERACTION_UNSPECIFIED = 0
class google.cloud.osconfig_v1.types.CancelPatchJobRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Message for canceling a patch job.

name

Required. Name of the patch in the form projects/*/patchJobs/*

Type

str

class google.cloud.osconfig_v1.types.CreatePatchDeploymentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A request message for creating a patch deployment.

parent

Required. The project to apply this patch deployment to in the form projects/*.

Type

str

patch_deployment_id

Required. A name for the patch deployment in the project. When creating a name the following rules apply:

  • Must contain only lowercase letters, numbers, and hyphens.

  • Must start with a letter.

  • Must be between 1-63 characters.

  • Must end with a number or a letter.

  • Must be unique within the project.

Type

str

patch_deployment

Required. The patch deployment to create.

Type

google.cloud.osconfig_v1.types.PatchDeployment

class google.cloud.osconfig_v1.types.DeletePatchDeploymentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A request message for deleting a patch deployment.

name

Required. The resource name of the patch deployment in the form projects/*/patchDeployments/*.

Type

str

class google.cloud.osconfig_v1.types.ExecStep(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A step that runs an executable for a PatchJob.

linux_exec_step_config

The ExecStepConfig for all Linux VMs targeted by the PatchJob.

Type

google.cloud.osconfig_v1.types.ExecStepConfig

windows_exec_step_config

The ExecStepConfig for all Windows VMs targeted by the PatchJob.

Type

google.cloud.osconfig_v1.types.ExecStepConfig

class google.cloud.osconfig_v1.types.ExecStepConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Common configurations for an ExecStep.

local_path

An absolute path to the executable on the VM.

Type

str

gcs_object

A Cloud Storage object containing the executable.

Type

google.cloud.osconfig_v1.types.GcsObject

allowed_success_codes

Defaults to [0]. A list of possible return values that the execution can return to indicate a success.

Type

Sequence[int]

interpreter

The script interpreter to use to run the script. If no interpreter is specified the script will be executed directly, which will likely only succeed for scripts with [shebang lines] (https://en.wikipedia.org/wiki/Shebang_(Unix)).

Type

google.cloud.osconfig_v1.types.ExecStepConfig.Interpreter

class Interpreter(value)[source]

Bases: proto.enums.Enum

The interpreter used to execute the a file.

INTERPRETER_UNSPECIFIED = 0
POWERSHELL = 2
SHELL = 1
class google.cloud.osconfig_v1.types.ExecutePatchJobRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A request message to initiate patching across Compute Engine instances.

parent

Required. The project in which to run this patch in the form projects/*

Type

str

description

Description of the patch job. Length of the description is limited to 1024 characters.

Type

str

instance_filter

Required. Instances to patch, either explicitly or filtered by some criteria such as zone or labels.

Type

google.cloud.osconfig_v1.types.PatchInstanceFilter

patch_config

Patch configuration being applied. If omitted, instances are patched using the default configurations.

Type

google.cloud.osconfig_v1.types.PatchConfig

duration

Duration of the patch job. After the duration ends, the patch job times out.

Type

google.protobuf.duration_pb2.Duration

dry_run

If this patch is a dry-run only, instances are contacted but will do nothing.

Type

bool

display_name

Display name for this patch job. This does not have to be unique.

Type

str

rollout

Rollout strategy of the patch job.

Type

google.cloud.osconfig_v1.types.PatchRollout

class google.cloud.osconfig_v1.types.FixedOrPercent(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Message encapsulating a value that can be either absolute (“fixed”) or relative (“percent”) to a value.

fixed

Specifies a fixed value.

Type

int

percent

Specifies the relative value defined as a percentage, which will be multiplied by a reference value.

Type

int

class google.cloud.osconfig_v1.types.GcsObject(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Cloud Storage object representation.

bucket

Required. Bucket of the Cloud Storage object.

Type

str

object_

Required. Name of the Cloud Storage object.

Type

str

generation_number

Required. Generation number of the Cloud Storage object. This is used to ensure that the ExecStep specified by this PatchJob does not change.

Type

int

class google.cloud.osconfig_v1.types.GetInventoryRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A request message for getting inventory data for the specified VM.

name

Required. API resource name for inventory resource.

Format: projects/{project}/locations/{location}/instances/{instance}/inventory

For {project}, either project-number or project-id can be provided. For {instance}, either Compute Engine instance-id or instance-name can be provided.

Type

str

view

Inventory view indicating what information should be included in the inventory resource. If unspecified, the default view is BASIC.

Type

google.cloud.osconfig_v1.types.InventoryView

class google.cloud.osconfig_v1.types.GetPatchDeploymentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A request message for retrieving a patch deployment.

name

Required. The resource name of the patch deployment in the form projects/*/patchDeployments/*.

Type

str

class google.cloud.osconfig_v1.types.GetPatchJobRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Request to get an active or completed patch job.

name

Required. Name of the patch in the form projects/*/patchJobs/*

Type

str

class google.cloud.osconfig_v1.types.GetVulnerabilityReportRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A request message for getting the vulnerability report for the specified VM.

name

Required. API resource name for vulnerability resource.

Format: projects/{project}/locations/{location}/instances/{instance}/vulnerabilityReport

For {project}, either project-number or project-id can be provided. For {instance}, either Compute Engine instance-id or instance-name can be provided.

Type

str

class google.cloud.osconfig_v1.types.GooSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Googet patching is performed by running googet update.

class google.cloud.osconfig_v1.types.Instance(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Namespace for instance state enums.

class PatchState(value)[source]

Bases: proto.enums.Enum

Patch state of an instance.

ACKED = 11
APPLYING_PATCHES = 6
DOWNLOADING_PATCHES = 5
FAILED = 10
INACTIVE = 2
NOTIFIED = 3
NO_AGENT_DETECTED = 15
PATCH_STATE_UNSPECIFIED = 0
PENDING = 1
REBOOTING = 7
RUNNING_POST_PATCH_STEP = 14
RUNNING_PRE_PATCH_STEP = 13
STARTED = 4
SUCCEEDED = 8
SUCCEEDED_REBOOT_REQUIRED = 9
TIMED_OUT = 12
class google.cloud.osconfig_v1.types.Inventory(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

This API resource represents the available inventory data for a Compute Engine virtual machine (VM) instance at a given point in time.

You can use this API resource to determine the inventory data of your VM.

For more information, see Information provided by OS inventory management.

name

Output only. The Inventory API resource name.

Format: projects/{project_number}/locations/{location}/instances/{instance_id}/inventory

Type

str

os_info

Base level operating system information for the VM.

Type

google.cloud.osconfig_v1.types.Inventory.OsInfo

items

Inventory items related to the VM keyed by an opaque unique identifier for each inventory item. The identifier is unique to each distinct and addressable inventory item and will change, when there is a new package version.

Type

Sequence[google.cloud.osconfig_v1.types.Inventory.ItemsEntry]

update_time

Output only. Timestamp of the last reported inventory for the VM.

Type

google.protobuf.timestamp_pb2.Timestamp

class Item(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A single piece of inventory on a VM.

id

Identifier for this item, unique across items for this VM.

Type

str

origin_type

The origin of this inventory item.

Type

google.cloud.osconfig_v1.types.Inventory.Item.OriginType

create_time

When this inventory item was first detected.

Type

google.protobuf.timestamp_pb2.Timestamp

update_time

When this inventory item was last modified.

Type

google.protobuf.timestamp_pb2.Timestamp

type_

The specific type of inventory, correlating to its specific details.

Type

google.cloud.osconfig_v1.types.Inventory.Item.Type

installed_package

Software package present on the VM instance.

Type

google.cloud.osconfig_v1.types.Inventory.SoftwarePackage

available_package

Software package available to be installed on the VM instance.

Type

google.cloud.osconfig_v1.types.Inventory.SoftwarePackage

class OriginType(value)[source]

Bases: proto.enums.Enum

The origin of a specific inventory item.

INVENTORY_REPORT = 1
ORIGIN_TYPE_UNSPECIFIED = 0
class Type(value)[source]

Bases: proto.enums.Enum

The different types of inventory that are tracked on a VM.

AVAILABLE_PACKAGE = 2
INSTALLED_PACKAGE = 1
TYPE_UNSPECIFIED = 0
class ItemsEntry(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Bases: proto.message.Message

class OsInfo(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Operating system information for the VM.

hostname

The VM hostname.

Type

str

long_name

The operating system long name. For example ‘Debian GNU/Linux 9’ or ‘Microsoft Window Server 2019 Datacenter’.

Type

str

short_name

The operating system short name. For example, ‘windows’ or ‘debian’.

Type

str

version

The version of the operating system.

Type

str

architecture

The system architecture of the operating system.

Type

str

kernel_version

The kernel version of the operating system.

Type

str

kernel_release

The kernel release of the operating system.

Type

str

osconfig_agent_version

The current version of the OS Config agent running on the VM.

Type

str

class SoftwarePackage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Software package information of the operating system.

yum_package

Yum package info. For details about the yum package manager, see https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/ch-yum.

Type

google.cloud.osconfig_v1.types.Inventory.VersionedPackage

apt_package

Details of an APT package. For details about the apt package manager, see https://wiki.debian.org/Apt.

Type

google.cloud.osconfig_v1.types.Inventory.VersionedPackage

zypper_package

Details of a Zypper package. For details about the Zypper package manager, see https://en.opensuse.org/SDB:Zypper_manual.

Type

google.cloud.osconfig_v1.types.Inventory.VersionedPackage

googet_package

Details of a Googet package. For details about the googet package manager, see https://github.com/google/googet.

Type

google.cloud.osconfig_v1.types.Inventory.VersionedPackage

zypper_patch

Details of a Zypper patch. For details about the Zypper package manager, see https://en.opensuse.org/SDB:Zypper_manual.

Type

google.cloud.osconfig_v1.types.Inventory.ZypperPatch

wua_package

Details of a Windows Update package. See https://docs.microsoft.com/en-us/windows/win32/api/_wua/ for information about Windows Update.

Type

google.cloud.osconfig_v1.types.Inventory.WindowsUpdatePackage

qfe_package

Details of a Windows Quick Fix engineering package. See https://docs.microsoft.com/en- us/windows/win32/cimwin32prov/win32-quickfixengineering for info in Windows Quick Fix Engineering.

Type

google.cloud.osconfig_v1.types.Inventory.WindowsQuickFixEngineeringPackage

cos_package

Details of a COS package.

Type

google.cloud.osconfig_v1.types.Inventory.VersionedPackage

windows_application

Details of Windows Application.

Type

google.cloud.osconfig_v1.types.Inventory.WindowsApplication

class VersionedPackage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Information related to the a standard versioned package. This includes package info for APT, Yum, Zypper, and Googet package managers.

package_name

The name of the package.

Type

str

architecture

The system architecture this package is intended for.

Type

str

version

The version of the package.

Type

str

class WindowsApplication(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Contains information about a Windows application as retrieved from the Windows Registry. For more information about these fields, see

Windows Installer Properties for the Uninstall Registry{: class=”external” }

display_name

The name of the application or product.

Type

str

display_version

The version of the product or application in string format.

Type

str

publisher

The name of the manufacturer for the product or application.

Type

str

install_date

The last time this product received service. The value of this property is replaced each time a patch is applied or removed from the product or the command-line option is used to repair the product.

Type

google.type.date_pb2.Date

The internet address for technical support.

Type

str

class WindowsQuickFixEngineeringPackage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Information related to a Quick Fix Engineering package. Fields are taken from Windows QuickFixEngineering Interface and match the source names: https://docs.microsoft.com/en- us/windows/win32/cimwin32prov/win32-quickfixengineering

caption

A short textual description of the QFE update.

Type

str

description

A textual description of the QFE update.

Type

str

hot_fix_id

Unique identifier associated with a particular QFE update.

Type

str

install_time

Date that the QFE update was installed. Mapped from installed_on field.

Type

google.protobuf.timestamp_pb2.Timestamp

class WindowsUpdatePackage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Details related to a Windows Update package. Field data and names are taken from Windows Update API IUpdate Interface: https://docs.microsoft.com/en-us/windows/win32/api/_wua/ Descriptive fields like title, and description are localized based on the locale of the VM being updated.

title

The localized title of the update package.

Type

str

description

The localized description of the update package.

Type

str

categories

The categories that are associated with this update package.

Type

Sequence[google.cloud.osconfig_v1.types.Inventory.WindowsUpdatePackage.WindowsUpdateCategory]

kb_article_ids

A collection of Microsoft Knowledge Base article IDs that are associated with the update package.

Type

Sequence[str]

support_url

A hyperlink to the language-specific support information for the update.

Type

str

more_info_urls

A collection of URLs that provide more information about the update package.

Type

Sequence[str]

update_id

Gets the identifier of an update package. Stays the same across revisions.

Type

str

revision_number

The revision number of this update package.

Type

int

last_deployment_change_time

The last published date of the update, in (UTC) date and time.

Type

google.protobuf.timestamp_pb2.Timestamp

class WindowsUpdateCategory(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Categories specified by the Windows Update.

id

The identifier of the windows update category.

Type

str

name

The name of the windows update category.

Type

str

class ZypperPatch(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Details related to a Zypper Patch.

patch_name

The name of the patch.

Type

str

category

The category of the patch.

Type

str

severity

The severity specified for this patch

Type

str

summary

Any summary information provided about this patch.

Type

str

class google.cloud.osconfig_v1.types.InventoryView(value)[source]

Bases: proto.enums.Enum

The view for inventory objects.

BASIC = 1
FULL = 2
INVENTORY_VIEW_UNSPECIFIED = 0
class google.cloud.osconfig_v1.types.ListInventoriesRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A request message for listing inventory data for all VMs in the specified location.

parent

Required. The parent resource name.

Format: projects/{project}/locations/{location}/instances/-

For {project}, either project-number or project-id can be provided.

Type

str

view

Inventory view indicating what information should be included in the inventory resource. If unspecified, the default view is BASIC.

Type

google.cloud.osconfig_v1.types.InventoryView

page_size

The maximum number of results to return.

Type

int

page_token

A pagination token returned from a previous call to ListInventories that indicates where this listing should continue from.

Type

str

filter

If provided, this field specifies the criteria that must be met by a Inventory API resource to be included in the response.

Type

str

class google.cloud.osconfig_v1.types.ListInventoriesResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A response message for listing inventory data for all VMs in a specified location.

inventories

List of inventory objects.

Type

Sequence[google.cloud.osconfig_v1.types.Inventory]

next_page_token

The pagination token to retrieve the next page of inventory objects.

Type

str

property raw_page
class google.cloud.osconfig_v1.types.ListPatchDeploymentsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A request message for listing patch deployments.

parent

Required. The resource name of the parent in the form projects/*.

Type

str

page_size

Optional. The maximum number of patch deployments to return. Default is 100.

Type

int

page_token

Optional. A pagination token returned from a previous call to ListPatchDeployments that indicates where this listing should continue from.

Type

str

class google.cloud.osconfig_v1.types.ListPatchDeploymentsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A response message for listing patch deployments.

patch_deployments

The list of patch deployments.

Type

Sequence[google.cloud.osconfig_v1.types.PatchDeployment]

next_page_token

A pagination token that can be used to get the next page of patch deployments.

Type

str

property raw_page
class google.cloud.osconfig_v1.types.ListPatchJobInstanceDetailsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Request to list details for all instances that are part of a patch job.

parent

Required. The parent for the instances are in the form of projects/*/patchJobs/*.

Type

str

page_size

The maximum number of instance details records to return. Default is 100.

Type

int

page_token

A pagination token returned from a previous call that indicates where this listing should continue from.

Type

str

filter

A filter expression that filters results listed in the response. This field supports filtering results by instance zone, name, state, or failure_reason.

Type

str

class google.cloud.osconfig_v1.types.ListPatchJobInstanceDetailsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A response message for listing the instances details for a patch job.

patch_job_instance_details

A list of instance status.

Type

Sequence[google.cloud.osconfig_v1.types.PatchJobInstanceDetails]

next_page_token

A pagination token that can be used to get the next page of results.

Type

str

property raw_page
class google.cloud.osconfig_v1.types.ListPatchJobsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A request message for listing patch jobs.

parent

Required. In the form of projects/*

Type

str

page_size

The maximum number of instance status to return.

Type

int

page_token

A pagination token returned from a previous call that indicates where this listing should continue from.

Type

str

filter

If provided, this field specifies the criteria that must be met by patch jobs to be included in the response. Currently, filtering is only available on the patch_deployment field.

Type

str

class google.cloud.osconfig_v1.types.ListPatchJobsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A response message for listing patch jobs.

patch_jobs

The list of patch jobs.

Type

Sequence[google.cloud.osconfig_v1.types.PatchJob]

next_page_token

A pagination token that can be used to get the next page of results.

Type

str

property raw_page
class google.cloud.osconfig_v1.types.ListVulnerabilityReportsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A request message for listing vulnerability reports for all VM instances in the specified location.

parent

Required. The parent resource name.

Format: projects/{project}/locations/{location}/instances/-

For {project}, either project-number or project-id can be provided.

Type

str

page_size

The maximum number of results to return.

Type

int

page_token

A pagination token returned from a previous call to ListVulnerabilityReports that indicates where this listing should continue from.

Type

str

filter

If provided, this field specifies the criteria that must be met by a vulnerabilityReport API resource to be included in the response.

Type

str

class google.cloud.osconfig_v1.types.ListVulnerabilityReportsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A response message for listing vulnerability reports for all VM instances in the specified location.

vulnerability_reports

List of vulnerabilityReport objects.

Type

Sequence[google.cloud.osconfig_v1.types.VulnerabilityReport]

next_page_token

The pagination token to retrieve the next page of vulnerabilityReports object.

Type

str

property raw_page
class google.cloud.osconfig_v1.types.MonthlySchedule(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Represents a monthly schedule. An example of a valid monthly schedule is “on the third Tuesday of the month” or “on the 15th of the month”.

week_day_of_month

Required. Week day in a month.

Type

google.cloud.osconfig_v1.types.WeekDayOfMonth

month_day

Required. One day of the month. 1-31 indicates the 1st to the 31st day. -1 indicates the last day of the month. Months without the target day will be skipped. For example, a schedule to run “every month on the 31st” will not run in February, April, June, etc.

Type

int

class google.cloud.osconfig_v1.types.OneTimeSchedule(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Sets the time for a one time patch deployment. Timestamp is in RFC3339 text format.

execute_time

Required. The desired patch job execution time.

Type

google.protobuf.timestamp_pb2.Timestamp

class google.cloud.osconfig_v1.types.PatchConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Patch configuration specifications. Contains details on how to apply the patch(es) to a VM instance.

reboot_config

Post-patch reboot settings.

Type

google.cloud.osconfig_v1.types.PatchConfig.RebootConfig

apt

Apt update settings. Use this setting to override the default apt patch rules.

Type

google.cloud.osconfig_v1.types.AptSettings

yum

Yum update settings. Use this setting to override the default yum patch rules.

Type

google.cloud.osconfig_v1.types.YumSettings

goo

Goo update settings. Use this setting to override the default goo patch rules.

Type

google.cloud.osconfig_v1.types.GooSettings

zypper

Zypper update settings. Use this setting to override the default zypper patch rules.

Type

google.cloud.osconfig_v1.types.ZypperSettings

windows_update

Windows update settings. Use this override the default windows patch rules.

Type

google.cloud.osconfig_v1.types.WindowsUpdateSettings

pre_step

The ExecStep to run before the patch update.

Type

google.cloud.osconfig_v1.types.ExecStep

post_step

The ExecStep to run after the patch update.

Type

google.cloud.osconfig_v1.types.ExecStep

class RebootConfig(value)[source]

Bases: proto.enums.Enum

Post-patch reboot settings.

ALWAYS = 2
DEFAULT = 1
NEVER = 3
REBOOT_CONFIG_UNSPECIFIED = 0
class google.cloud.osconfig_v1.types.PatchDeployment(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Patch deployments are configurations that individual patch jobs use to complete a patch. These configurations include instance filter, package repository settings, and a schedule. For more information about creating and managing patch deployments, see Scheduling patch jobs.

name

Unique name for the patch deployment resource in a project. The patch deployment name is in the form: projects/{project_id}/patchDeployments/{patch_deployment_id}. This field is ignored when you create a new patch deployment.

Type

str

description

Optional. Description of the patch deployment. Length of the description is limited to 1024 characters.

Type

str

instance_filter

Required. VM instances to patch.

Type

google.cloud.osconfig_v1.types.PatchInstanceFilter

patch_config

Optional. Patch configuration that is applied.

Type

google.cloud.osconfig_v1.types.PatchConfig

duration

Optional. Duration of the patch. After the duration ends, the patch times out.

Type

google.protobuf.duration_pb2.Duration

one_time_schedule

Required. Schedule a one-time execution.

Type

google.cloud.osconfig_v1.types.OneTimeSchedule

recurring_schedule

Required. Schedule recurring executions.

Type

google.cloud.osconfig_v1.types.RecurringSchedule

create_time

Output only. Time the patch deployment was created. Timestamp is in RFC3339 text format.

Type

google.protobuf.timestamp_pb2.Timestamp

update_time

Output only. Time the patch deployment was last updated. Timestamp is in RFC3339 text format.

Type

google.protobuf.timestamp_pb2.Timestamp

last_execute_time

Output only. The last time a patch job was started by this deployment. Timestamp is in RFC3339 text format.

Type

google.protobuf.timestamp_pb2.Timestamp

rollout

Optional. Rollout strategy of the patch job.

Type

google.cloud.osconfig_v1.types.PatchRollout

class google.cloud.osconfig_v1.types.PatchInstanceFilter(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A filter to target VM instances for patching. The targeted VMs must meet all criteria specified. So if both labels and zones are specified, the patch job targets only VMs with those labels and in those zones.

all_

Target all VM instances in the project. If true, no other criteria is permitted.

Type

bool

group_labels

Targets VM instances matching ANY of these GroupLabels. This allows targeting of disparate groups of VM instances.

Type

Sequence[google.cloud.osconfig_v1.types.PatchInstanceFilter.GroupLabel]

zones

Targets VM instances in ANY of these zones. Leave empty to target VM instances in any zone.

Type

Sequence[str]

instances

Targets any of the VM instances specified. Instances are specified by their URI in the form zones/[ZONE]/instances/[INSTANCE_NAME], projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME], or https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME]

Type

Sequence[str]

instance_name_prefixes

Targets VMs whose name starts with one of these prefixes. Similar to labels, this is another way to group VMs when targeting configs, for example prefix=”prod-“.

Type

Sequence[str]

class GroupLabel(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Targets a group of VM instances by using their assigned labels. Labels are key-value pairs. A GroupLabel is a combination of labels that is used to target VMs for a patch job.

For example, a patch job can target VMs that have the following GroupLabel: {"env":"test", "app":"web"}. This means that the patch job is applied to VMs that have both the labels env=test and app=web.

labels

Compute Engine instance labels that must be present for a VM instance to be targeted by this filter.

Type

Sequence[google.cloud.osconfig_v1.types.PatchInstanceFilter.GroupLabel.LabelsEntry]

class LabelsEntry(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Bases: proto.message.Message

class google.cloud.osconfig_v1.types.PatchJob(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A high level representation of a patch job that is either in progress or has completed.

Instance details are not included in the job. To paginate through instance details, use ListPatchJobInstanceDetails.

For more information about patch jobs, see Creating patch jobs.

name

Unique identifier for this patch job in the form projects/*/patchJobs/*

Type

str

display_name

Display name for this patch job. This is not a unique identifier.

Type

str

description

Description of the patch job. Length of the description is limited to 1024 characters.

Type

str

create_time

Time this patch job was created.

Type

google.protobuf.timestamp_pb2.Timestamp

update_time

Last time this patch job was updated.

Type

google.protobuf.timestamp_pb2.Timestamp

state

The current state of the PatchJob.

Type

google.cloud.osconfig_v1.types.PatchJob.State

instance_filter

Instances to patch.

Type

google.cloud.osconfig_v1.types.PatchInstanceFilter

patch_config

Patch configuration being applied.

Type

google.cloud.osconfig_v1.types.PatchConfig

duration

Duration of the patch job. After the duration ends, the patch job times out.

Type

google.protobuf.duration_pb2.Duration

instance_details_summary

Summary of instance details.

Type

google.cloud.osconfig_v1.types.PatchJob.InstanceDetailsSummary

dry_run

If this patch job is a dry run, the agent reports that it has finished without running any updates on the VM instance.

Type

bool

error_message

If this patch job failed, this message provides information about the failure.

Type

str

percent_complete

Reflects the overall progress of the patch job in the range of 0.0 being no progress to 100.0 being complete.

Type

float

patch_deployment

Output only. Name of the patch deployment that created this patch job.

Type

str

rollout

Rollout strategy being applied.

Type

google.cloud.osconfig_v1.types.PatchRollout

class InstanceDetailsSummary(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A summary of the current patch state across all instances that this patch job affects. Contains counts of instances in different states. These states map to InstancePatchState. List patch job instance details to see the specific states of each instance.

pending_instance_count

Number of instances pending patch job.

Type

int

inactive_instance_count

Number of instances that are inactive.

Type

int

notified_instance_count

Number of instances notified about patch job.

Type

int

started_instance_count

Number of instances that have started.

Type

int

downloading_patches_instance_count

Number of instances that are downloading patches.

Type

int

applying_patches_instance_count

Number of instances that are applying patches.

Type

int

rebooting_instance_count

Number of instances rebooting.

Type

int

succeeded_instance_count

Number of instances that have completed successfully.

Type

int

succeeded_reboot_required_instance_count

Number of instances that require reboot.

Type

int

failed_instance_count

Number of instances that failed.

Type

int

acked_instance_count

Number of instances that have acked and will start shortly.

Type

int

timed_out_instance_count

Number of instances that exceeded the time out while applying the patch.

Type

int

pre_patch_step_instance_count

Number of instances that are running the pre- atch step.

Type

int

post_patch_step_instance_count

Number of instances that are running the post-patch step.

Type

int

no_agent_detected_instance_count

Number of instances that do not appear to be running the agent. Check to ensure that the agent is installed, running, and able to communicate with the service.

Type

int

class State(value)[source]

Bases: proto.enums.Enum

Enumeration of the various states a patch job passes through as it executes.

CANCELED = 6
COMPLETED_WITH_ERRORS = 5
INSTANCE_LOOKUP = 2
PATCHING = 3
STARTED = 1
STATE_UNSPECIFIED = 0
SUCCEEDED = 4
TIMED_OUT = 7
class google.cloud.osconfig_v1.types.PatchJobInstanceDetails(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Patch details for a VM instance. For more information about reviewing VM instance details, see Listing all VM instance details for a specific patch job.

name

The instance name in the form projects/*/zones/*/instances/*

Type

str

instance_system_id

The unique identifier for the instance. This identifier is defined by the server.

Type

str

state

Current state of instance patch.

Type

google.cloud.osconfig_v1.types.Instance.PatchState

failure_reason

If the patch fails, this field provides the reason.

Type

str

attempt_count

The number of times the agent that the agent attempts to apply the patch.

Type

int

class google.cloud.osconfig_v1.types.PatchRollout(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Patch rollout configuration specifications. Contains details on the concurrency control when applying patch(es) to all targeted VMs.

mode

Mode of the patch rollout.

Type

google.cloud.osconfig_v1.types.PatchRollout.Mode

disruption_budget

The maximum number (or percentage) of VMs per zone to disrupt at any given moment. The number of VMs calculated from multiplying the percentage by the total number of VMs in a zone is rounded up.

During patching, a VM is considered disrupted from the time the agent is notified to begin until patching has completed. This disruption time includes the time to complete reboot and any post-patch steps.

A VM contributes to the disruption budget if its patching operation fails either when applying the patches, running pre or post patch steps, or if it fails to respond with a success notification before timing out. VMs that are not running or do not have an active agent do not count toward this disruption budget.

For zone-by-zone rollouts, if the disruption budget in a zone is exceeded, the patch job stops, because continuing to the next zone requires completion of the patch process in the previous zone.

For example, if the disruption budget has a fixed value of 10, and 8 VMs fail to patch in the current zone, the patch job continues to patch 2 VMs at a time until the zone is completed. When that zone is completed successfully, patching begins with 10 VMs at a time in the next zone. If 10 VMs in the next zone fail to patch, the patch job stops.

Type

google.cloud.osconfig_v1.types.FixedOrPercent

class Mode(value)[source]

Bases: proto.enums.Enum

Type of the rollout.

CONCURRENT_ZONES = 2
MODE_UNSPECIFIED = 0
ZONE_BY_ZONE = 1
class google.cloud.osconfig_v1.types.RecurringSchedule(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Sets the time for recurring patch deployments.

time_zone

Required. Defines the time zone that time_of_day is relative to. The rules for daylight saving time are determined by the chosen time zone.

Type

google.type.datetime_pb2.TimeZone

start_time

Optional. The time that the recurring schedule becomes effective. Defaults to create_time of the patch deployment.

Type

google.protobuf.timestamp_pb2.Timestamp

end_time

Optional. The end time at which a recurring patch deployment schedule is no longer active.

Type

google.protobuf.timestamp_pb2.Timestamp

time_of_day

Required. Time of the day to run a recurring deployment.

Type

google.type.timeofday_pb2.TimeOfDay

frequency

Required. The frequency unit of this recurring schedule.

Type

google.cloud.osconfig_v1.types.RecurringSchedule.Frequency

weekly

Required. Schedule with weekly executions.

Type

google.cloud.osconfig_v1.types.WeeklySchedule

monthly

Required. Schedule with monthly executions.

Type

google.cloud.osconfig_v1.types.MonthlySchedule

last_execute_time

Output only. The time the last patch job ran successfully.

Type

google.protobuf.timestamp_pb2.Timestamp

next_execute_time

Output only. The time the next patch job is scheduled to run.

Type

google.protobuf.timestamp_pb2.Timestamp

class Frequency(value)[source]

Bases: proto.enums.Enum

Specifies the frequency of the recurring patch deployments.

FREQUENCY_UNSPECIFIED = 0
MONTHLY = 2
WEEKLY = 1
class google.cloud.osconfig_v1.types.VulnerabilityReport(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

This API resource represents the vulnerability report for a specified Compute Engine virtual machine (VM) instance at a given point in time.

For more information, see Vulnerability reports.

name

Output only. The vulnerabilityReport API resource name.

Format: projects/{project_number}/locations/{location}/instances/{instance_id}/vulnerabilityReport

Type

str

vulnerabilities

Output only. List of vulnerabilities affecting the VM.

Type

Sequence[google.cloud.osconfig_v1.types.VulnerabilityReport.Vulnerability]

update_time

Output only. The timestamp for when the last vulnerability report was generated for the VM.

Type

google.protobuf.timestamp_pb2.Timestamp

class Vulnerability(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A vulnerability affecting the VM instance.

details

Contains metadata as per the upstream feed of the operating system and NVD.

Type

google.cloud.osconfig_v1.types.VulnerabilityReport.Vulnerability.Details

installed_inventory_item_ids

Corresponds to the INSTALLED_PACKAGE inventory item on the VM. This field displays the inventory items affected by this vulnerability. If the vulnerability report was not updated after the VM inventory update, these values might not display in VM inventory. For some distros, this field may be empty.

Type

Sequence[str]

available_inventory_item_ids

Corresponds to the AVAILABLE_PACKAGE inventory item on the VM. If the vulnerability report was not updated after the VM inventory update, these values might not display in VM inventory. If there is no available fix, the field is empty. The inventory_item value specifies the latest SoftwarePackage available to the VM that fixes the vulnerability.

Type

Sequence[str]

create_time

The timestamp for when the vulnerability was first detected.

Type

google.protobuf.timestamp_pb2.Timestamp

update_time

The timestamp for when the vulnerability was last modified.

Type

google.protobuf.timestamp_pb2.Timestamp

class Details(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Contains metadata information for the vulnerability. This information is collected from the upstream feed of the operating system.

cve

The CVE of the vulnerability. CVE cannot be empty and the combination of <cve, classification> should be unique across vulnerabilities for a VM.

Type

str

cvss_v2_score

The CVSS V2 score of this vulnerability. CVSS V2 score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.

Type

float

cvss_v3

The full description of the CVSSv3 for this vulnerability from NVD.

Type

google.cloud.osconfig_v1.types.CVSSv3

severity

Assigned severity/impact ranking from the distro.

Type

str

description

The note or description describing the vulnerability from the distro.

Type

str

references

Corresponds to the references attached to the VulnerabilityDetails.

Type

Sequence[google.cloud.osconfig_v1.types.VulnerabilityReport.Vulnerability.Details.Reference]

class Reference(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A reference for this vulnerability.

url

The url of the reference.

Type

str

source

The source of the reference e.g. NVD.

Type

str

class google.cloud.osconfig_v1.types.WeekDayOfMonth(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Represents one week day in a month. An example is “the 4th Sunday”.

week_ordinal

Required. Week number in a month. 1-4 indicates the 1st to 4th week of the month. -1 indicates the last week of the month.

Type

int

day_of_week

Required. A day of the week.

Type

google.type.dayofweek_pb2.DayOfWeek

class google.cloud.osconfig_v1.types.WeeklySchedule(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Represents a weekly schedule.

day_of_week

Required. Day of the week.

Type

google.type.dayofweek_pb2.DayOfWeek

class google.cloud.osconfig_v1.types.WindowsUpdateSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Windows patching is performed using the Windows Update Agent.

classifications

Only apply updates of these windows update classifications. If empty, all updates are applied.

Type

Sequence[google.cloud.osconfig_v1.types.WindowsUpdateSettings.Classification]

excludes

List of KBs to exclude from update.

Type

Sequence[str]

exclusive_patches

An exclusive list of kbs to be updated. These are the only patches that will be updated. This field must not be used with other patch configurations.

Type

Sequence[str]

class Classification(value)[source]

Bases: proto.enums.Enum

Microsoft Windows update classifications as defined in [1] https://support.microsoft.com/en-us/help/824684/description-of-the-standard-terminology-that-is-used-to-describe-micro

CLASSIFICATION_UNSPECIFIED = 0
CRITICAL = 1
DEFINITION = 3
DRIVER = 4
FEATURE_PACK = 5
SECURITY = 2
SERVICE_PACK = 6
TOOL = 7
UPDATE = 9
UPDATE_ROLLUP = 8
class google.cloud.osconfig_v1.types.YumSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Yum patching is performed by executing yum update. Additional options can be set to control how this is executed.

Note that not all settings are supported on all platforms.

security

Adds the --security flag to yum update. Not supported on all platforms.

Type

bool

minimal

Will cause patch to run yum update-minimal instead.

Type

bool

excludes

List of packages to exclude from update. These packages are excluded by using the yum --exclude flag.

Type

Sequence[str]

exclusive_packages

An exclusive list of packages to be updated. These are the only packages that will be updated. If these packages are not installed, they will be ignored. This field must not be specified with any other patch configuration fields.

Type

Sequence[str]

class google.cloud.osconfig_v1.types.ZypperSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Zypper patching is performed by running zypper patch. See also https://en.opensuse.org/SDB:Zypper_manual.

with_optional

Adds the --with-optional flag to zypper patch.

Type

bool

with_update

Adds the --with-update flag, to zypper patch.

Type

bool

categories

Install only patches with these categories. Common categories include security, recommended, and feature.

Type

Sequence[str]

severities

Install only patches with these severities. Common severities include critical, important, moderate, and low.

Type

Sequence[str]

excludes

List of patches to exclude from update.

Type

Sequence[str]

exclusive_patches

An exclusive list of patches to be updated. These are the only patches that will be installed using ‘zypper patch patch:<patch_name>’ command. This field must not be used with any other patch configuration fields.

Type

Sequence[str]