Types for Google Cloud Osconfig v1 API¶
- class google.cloud.osconfig_v1.types.AptSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageApt patching is completed by executing
apt-get update && apt-get upgrade. Additional options can be set to control how this is executed.- type_¶
By changing the type to DIST, the patching is performed using
apt-get dist-upgradeinstead.
- excludes¶
List of packages to exclude from update. These packages will be excluded
- Type
MutableSequence[str]
- exclusive_packages¶
An exclusive list of packages to be updated. These are the only packages that will be updated. If these packages are not installed, they will be ignored. This field cannot be specified with any other patch configuration fields.
- Type
MutableSequence[str]
- class Type(value)[source]¶
Bases:
proto.enums.EnumApt patch type.
- Values:
- TYPE_UNSPECIFIED (0):
By default, upgrade will be performed.
- DIST (1):
Runs
apt-get dist-upgrade.- UPGRADE (2):
Runs
apt-get upgrade.
- class google.cloud.osconfig_v1.types.CVSSv3(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageCommon Vulnerability Scoring System version 3. For details, see https://www.first.org/cvss/specification-document
- base_score¶
The base score is a function of the base metric scores. https://www.first.org/cvss/specification-document#Base-Metrics
- Type
- exploitability_score¶
The Exploitability sub-score equation is derived from the Base Exploitability metrics. https://www.first.org/cvss/specification-document#2-1-Exploitability-Metrics
- Type
- attack_vector¶
This metric reflects the context by which vulnerability exploitation is possible.
- attack_complexity¶
This metric describes the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability.
- privileges_required¶
This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
- user_interaction¶
This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.
- scope¶
The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.
- confidentiality_impact¶
This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.
- integrity_impact¶
This metric measures the impact to integrity of a successfully exploited vulnerability.
- availability_impact¶
This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability.
- class AttackComplexity(value)[source]¶
Bases:
proto.enums.EnumThis metric describes the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability.
- Values:
- ATTACK_COMPLEXITY_UNSPECIFIED (0):
Invalid value.
- ATTACK_COMPLEXITY_LOW (1):
Specialized access conditions or extenuating circumstances do not exist. An attacker can expect repeatable success when attacking the vulnerable component.
- ATTACK_COMPLEXITY_HIGH (2):
A successful attack depends on conditions beyond the attacker’s control. That is, a successful attack cannot be accomplished at will, but requires the attacker to invest in some measurable amount of effort in preparation or execution against the vulnerable component before a successful attack can be expected.
- class AttackVector(value)[source]¶
Bases:
proto.enums.EnumThis metric reflects the context by which vulnerability exploitation is possible.
- Values:
- ATTACK_VECTOR_UNSPECIFIED (0):
Invalid value.
- ATTACK_VECTOR_NETWORK (1):
The vulnerable component is bound to the network stack and the set of possible attackers extends beyond the other options listed below, up to and including the entire Internet.
- ATTACK_VECTOR_ADJACENT (2):
The vulnerable component is bound to the network stack, but the attack is limited at the protocol level to a logically adjacent topology.
- ATTACK_VECTOR_LOCAL (3):
The vulnerable component is not bound to the network stack and the attacker’s path is via read/write/execute capabilities.
- ATTACK_VECTOR_PHYSICAL (4):
The attack requires the attacker to physically touch or manipulate the vulnerable component.
- class Impact(value)[source]¶
Bases:
proto.enums.EnumThe Impact metrics capture the effects of a successfully exploited vulnerability on the component that suffers the worst outcome that is most directly and predictably associated with the attack.
- Values:
- IMPACT_UNSPECIFIED (0):
Invalid value.
- IMPACT_HIGH (1):
High impact.
- IMPACT_LOW (2):
Low impact.
- IMPACT_NONE (3):
No impact.
- class PrivilegesRequired(value)[source]¶
Bases:
proto.enums.EnumThis metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
- Values:
- PRIVILEGES_REQUIRED_UNSPECIFIED (0):
Invalid value.
- PRIVILEGES_REQUIRED_NONE (1):
The attacker is unauthorized prior to attack, and therefore does not require any access to settings or files of the vulnerable system to carry out an attack.
- PRIVILEGES_REQUIRED_LOW (2):
The attacker requires privileges that provide basic user capabilities that could normally affect only settings and files owned by a user. Alternatively, an attacker with Low privileges has the ability to access only non-sensitive resources.
- PRIVILEGES_REQUIRED_HIGH (3):
The attacker requires privileges that provide significant (e.g., administrative) control over the vulnerable component allowing access to component-wide settings and files.
- class Scope(value)[source]¶
Bases:
proto.enums.EnumThe Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.
- Values:
- SCOPE_UNSPECIFIED (0):
Invalid value.
- SCOPE_UNCHANGED (1):
An exploited vulnerability can only affect resources managed by the same security authority.
- SCOPE_CHANGED (2):
An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component.
- class UserInteraction(value)[source]¶
Bases:
proto.enums.EnumThis metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.
- Values:
- USER_INTERACTION_UNSPECIFIED (0):
Invalid value.
- USER_INTERACTION_NONE (1):
The vulnerable system can be exploited without interaction from any user.
- USER_INTERACTION_REQUIRED (2):
Successful exploitation of this vulnerability requires a user to take some action before the vulnerability can be exploited.
- class google.cloud.osconfig_v1.types.CancelPatchJobRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageMessage for canceling a patch job.
- class google.cloud.osconfig_v1.types.CreateOSPolicyAssignmentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message to create an OS policy assignment
- parent¶
Required. The parent resource name in the form: projects/{project}/locations/{location}
- Type
- os_policy_assignment¶
Required. The OS policy assignment to be created.
- os_policy_assignment_id¶
Required. The logical name of the OS policy assignment in the project with the following restrictions:
Must contain only lowercase letters, numbers, and hyphens.
Must start with a letter.
Must be between 1-63 characters.
Must end with a number or a letter.
Must be unique within the project.
- Type
- class google.cloud.osconfig_v1.types.CreatePatchDeploymentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for creating a patch deployment.
- patch_deployment_id¶
Required. A name for the patch deployment in the project. When creating a name the following rules apply:
Must contain only lowercase letters, numbers, and hyphens.
Must start with a letter.
Must be between 1-63 characters.
Must end with a number or a letter.
Must be unique within the project.
- Type
- patch_deployment¶
Required. The patch deployment to create.
- class google.cloud.osconfig_v1.types.DeleteOSPolicyAssignmentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for deleting a OS policy assignment.
- class google.cloud.osconfig_v1.types.DeletePatchDeploymentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for deleting a patch deployment.
- class google.cloud.osconfig_v1.types.ExecStep(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA step that runs an executable for a PatchJob.
- linux_exec_step_config¶
The ExecStepConfig for all Linux VMs targeted by the PatchJob.
- windows_exec_step_config¶
The ExecStepConfig for all Windows VMs targeted by the PatchJob.
- class google.cloud.osconfig_v1.types.ExecStepConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageCommon configurations for an ExecStep.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- local_path¶
An absolute path to the executable on the VM.
This field is a member of oneof
executable.- Type
- gcs_object¶
A Cloud Storage object containing the executable.
This field is a member of oneof
executable.
- allowed_success_codes¶
Defaults to [0]. A list of possible return values that the execution can return to indicate a success.
- Type
MutableSequence[int]
- interpreter¶
The script interpreter to use to run the script. If no interpreter is specified the script will be executed directly, which will likely only succeed for scripts with [shebang lines] (https://en.wikipedia.org/wiki/Shebang_(Unix)).
- class Interpreter(value)[source]¶
Bases:
proto.enums.EnumThe interpreter used to execute the a file.
- Values:
- INTERPRETER_UNSPECIFIED (0):
Invalid for a Windows ExecStepConfig. For a Linux ExecStepConfig, the interpreter will be parsed from the shebang line of the script if unspecified.
- SHELL (1):
Indicates that the script is run with
/bin/shon Linux andcmdon Windows.- POWERSHELL (2):
Indicates that the file is run with PowerShell flags
-NonInteractive,-NoProfile, and-ExecutionPolicy Bypass.
- class google.cloud.osconfig_v1.types.ExecutePatchJobRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message to initiate patching across Compute Engine instances.
- description¶
Description of the patch job. Length of the description is limited to 1024 characters.
- Type
- instance_filter¶
Required. Instances to patch, either explicitly or filtered by some criteria such as zone or labels.
- patch_config¶
Patch configuration being applied. If omitted, instances are patched using the default configurations.
- duration¶
Duration of the patch job. After the duration ends, the patch job times out.
- rollout¶
Rollout strategy of the patch job.
- class google.cloud.osconfig_v1.types.FixedOrPercent(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageMessage encapsulating a value that can be either absolute (“fixed”) or relative (“percent”) to a value.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- class google.cloud.osconfig_v1.types.GcsObject(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageCloud Storage object representation.
- class google.cloud.osconfig_v1.types.GetInventoryRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for getting inventory data for the specified VM.
- name¶
Required. API resource name for inventory resource.
Format:
projects/{project}/locations/{location}/instances/{instance}/inventoryFor
{project}, eitherproject-numberorproject-idcan be provided. For{instance}, either Compute Engineinstance-idorinstance-namecan be provided.- Type
- view¶
Inventory view indicating what information should be included in the inventory resource. If unspecified, the default view is BASIC.
- class google.cloud.osconfig_v1.types.GetOSPolicyAssignmentReportRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageGet a report of the OS policy assignment for a VM instance.
- name¶
Required. API resource name for OS policy assignment report.
Format:
/projects/{project}/locations/{location}/instances/{instance}/osPolicyAssignments/{assignment}/reportFor
{project}, eitherproject-numberorproject-idcan be provided. For{instance_id}, either Compute Engineinstance-idorinstance-namecan be provided. For{assignment_id}, the OSPolicyAssignment id must be provided.- Type
- class google.cloud.osconfig_v1.types.GetOSPolicyAssignmentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message to get an OS policy assignment
- class google.cloud.osconfig_v1.types.GetPatchDeploymentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for retrieving a patch deployment.
- class google.cloud.osconfig_v1.types.GetPatchJobRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest to get an active or completed patch job.
- class google.cloud.osconfig_v1.types.GetVulnerabilityReportRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for getting the vulnerability report for the specified VM.
- name¶
Required. API resource name for vulnerability resource.
Format:
projects/{project}/locations/{location}/instances/{instance}/vulnerabilityReportFor
{project}, eitherproject-numberorproject-idcan be provided. For{instance}, either Compute Engineinstance-idorinstance-namecan be provided.- Type
- class google.cloud.osconfig_v1.types.GooSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageGooget patching is performed by running
googet update.
- class google.cloud.osconfig_v1.types.Instance(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageNamespace for instance state enums.
- class PatchState(value)[source]¶
Bases:
proto.enums.EnumPatch state of an instance.
- Values:
- PATCH_STATE_UNSPECIFIED (0):
Unspecified.
- PENDING (1):
The instance is not yet notified.
- INACTIVE (2):
Instance is inactive and cannot be patched.
- NOTIFIED (3):
The instance is notified that it should be patched.
- STARTED (4):
The instance has started the patching process.
- DOWNLOADING_PATCHES (5):
The instance is downloading patches.
- APPLYING_PATCHES (6):
The instance is applying patches.
- REBOOTING (7):
The instance is rebooting.
- SUCCEEDED (8):
The instance has completed applying patches.
- SUCCEEDED_REBOOT_REQUIRED (9):
The instance has completed applying patches but a reboot is required.
- FAILED (10):
The instance has failed to apply the patch.
- ACKED (11):
The instance acked the notification and will start shortly.
- TIMED_OUT (12):
The instance exceeded the time out while applying the patch.
- RUNNING_PRE_PATCH_STEP (13):
The instance is running the pre-patch step.
- RUNNING_POST_PATCH_STEP (14):
The instance is running the post-patch step.
- NO_AGENT_DETECTED (15):
The service could not detect the presence of the agent. Check to ensure that the agent is installed, running, and able to communicate with the service.
- class google.cloud.osconfig_v1.types.Inventory(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageThis API resource represents the available inventory data for a Compute Engine virtual machine (VM) instance at a given point in time.
You can use this API resource to determine the inventory data of your VM.
For more information, see Information provided by OS inventory management.
- name¶
Output only. The
InventoryAPI resource name.Format:
projects/{project_number}/locations/{location}/instances/{instance_id}/inventory- Type
- os_info¶
Base level operating system information for the VM.
- items¶
Inventory items related to the VM keyed by an opaque unique identifier for each inventory item. The identifier is unique to each distinct and addressable inventory item and will change, when there is a new package version.
- Type
MutableMapping[str, google.cloud.osconfig_v1.types.Inventory.Item]
- update_time¶
Output only. Timestamp of the last reported inventory for the VM.
- class Item(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA single piece of inventory on a VM.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- origin_type¶
The origin of this inventory item.
- create_time¶
When this inventory item was first detected.
- update_time¶
When this inventory item was last modified.
- type_¶
The specific type of inventory, correlating to its specific details.
- installed_package¶
Software package present on the VM instance.
This field is a member of oneof
details.
- available_package¶
Software package available to be installed on the VM instance.
This field is a member of oneof
details.
- class OriginType(value)[source]¶
Bases:
proto.enums.EnumThe origin of a specific inventory item.
- Values:
- ORIGIN_TYPE_UNSPECIFIED (0):
Invalid. An origin type must be specified.
- INVENTORY_REPORT (1):
This inventory item was discovered as the result of the agent reporting inventory via the reporting API.
- class Type(value)[source]¶
Bases:
proto.enums.EnumThe different types of inventory that are tracked on a VM.
- Values:
- TYPE_UNSPECIFIED (0):
Invalid. An type must be specified.
- INSTALLED_PACKAGE (1):
This represents a package that is installed on the VM.
- AVAILABLE_PACKAGE (2):
This represents an update that is available for a package.
- class ItemsEntry(mapping=None, *, ignore_unknown_fields=False, **kwargs)¶
Bases:
proto.message.Message
- class OsInfo(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageOperating system information for the VM.
- long_name¶
The operating system long name. For example ‘Debian GNU/Linux 9’ or ‘Microsoft Window Server 2019 Datacenter’.
- Type
- class SoftwarePackage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageSoftware package information of the operating system.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- yum_package¶
Yum package info. For details about the yum package manager, see https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/ch-yum.
This field is a member of oneof
details.
- apt_package¶
Details of an APT package. For details about the apt package manager, see https://wiki.debian.org/Apt.
This field is a member of oneof
details.
- zypper_package¶
Details of a Zypper package. For details about the Zypper package manager, see https://en.opensuse.org/SDB:Zypper_manual.
This field is a member of oneof
details.
- googet_package¶
Details of a Googet package. For details about the googet package manager, see https://github.com/google/googet.
This field is a member of oneof
details.
- zypper_patch¶
Details of a Zypper patch. For details about the Zypper package manager, see https://en.opensuse.org/SDB:Zypper_manual.
This field is a member of oneof
details.
- wua_package¶
Details of a Windows Update package. See https://docs.microsoft.com/en-us/windows/win32/api/_wua/ for information about Windows Update.
This field is a member of oneof
details.
- qfe_package¶
Details of a Windows Quick Fix engineering package. See https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-quickfixengineering for info in Windows Quick Fix Engineering.
This field is a member of oneof
details.
- class VersionedPackage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageInformation related to the a standard versioned package. This includes package info for APT, Yum, Zypper, and Googet package managers.
- class WindowsApplication(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageContains information about a Windows application that is retrieved from the Windows Registry. For more information about these fields, see:
https://docs.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key
- install_date¶
The last time this product received service. The value of this property is replaced each time a patch is applied or removed from the product or the command-line option is used to repair the product.
- Type
google.type.date_pb2.Date
- class WindowsQuickFixEngineeringPackage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageInformation related to a Quick Fix Engineering package. Fields are taken from Windows QuickFixEngineering Interface and match the source names:
https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-quickfixengineering
- install_time¶
Date that the QFE update was installed. Mapped from installed_on field.
- class WindowsUpdatePackage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageDetails related to a Windows Update package. Field data and names are taken from Windows Update API IUpdate Interface: https://docs.microsoft.com/en-us/windows/win32/api/_wua/ Descriptive fields like title, and description are localized based on the locale of the VM being updated.
- categories¶
The categories that are associated with this update package.
- Type
MutableSequence[google.cloud.osconfig_v1.types.Inventory.WindowsUpdatePackage.WindowsUpdateCategory]
- kb_article_ids¶
A collection of Microsoft Knowledge Base article IDs that are associated with the update package.
- Type
MutableSequence[str]
- more_info_urls¶
A collection of URLs that provide more information about the update package.
- Type
MutableSequence[str]
- last_deployment_change_time¶
The last published date of the update, in (UTC) date and time.
- class ZypperPatch(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageDetails related to a Zypper Patch.
- class google.cloud.osconfig_v1.types.InventoryView(value)[source]¶
Bases:
proto.enums.EnumThe view for inventory objects.
- Values:
- INVENTORY_VIEW_UNSPECIFIED (0):
The default value. The API defaults to the BASIC view.
- BASIC (1):
Returns the basic inventory information that includes
os_info.- FULL (2):
Returns all fields.
- class google.cloud.osconfig_v1.types.ListInventoriesRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for listing inventory data for all VMs in the specified location.
- parent¶
Required. The parent resource name.
Format:
projects/{project}/locations/{location}/instances/-For
{project}, eitherproject-numberorproject-idcan be provided.- Type
- view¶
Inventory view indicating what information should be included in the inventory resource. If unspecified, the default view is BASIC.
- page_token¶
A pagination token returned from a previous call to
ListInventoriesthat indicates where this listing should continue from.- Type
- class google.cloud.osconfig_v1.types.ListInventoriesResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA response message for listing inventory data for all VMs in a specified location.
- inventories¶
List of inventory objects.
- Type
MutableSequence[google.cloud.osconfig_v1.types.Inventory]
- class google.cloud.osconfig_v1.types.ListOSPolicyAssignmentReportsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageList the OS policy assignment reports for VM instances.
- parent¶
Required. The parent resource name.
Format:
projects/{project}/locations/{location}/instances/{instance}/osPolicyAssignments/{assignment}/reportsFor
{project}, eitherproject-numberorproject-idcan be provided. For{instance}, eitherinstance-name,instance-id, or-can be provided. If ‘-’ is provided, the response will include OSPolicyAssignmentReports for all instances in the project/location. For{assignment}, eitherassignment-idor-can be provided. If ‘-’ is provided, the response will include OSPolicyAssignmentReports for all OSPolicyAssignments in the project/location. Either {instance} or {assignment} must be-.For example:
projects/{project}/locations/{location}/instances/{instance}/osPolicyAssignments/-/reportsreturns all reports for the instanceprojects/{project}/locations/{location}/instances/-/osPolicyAssignments/{assignment-id}/reportsreturns all the reports for the given assignment across all instances.projects/{project}/locations/{location}/instances/-/osPolicyAssignments/-/reportsreturns all the reports for all assignments across all instances.- Type
- filter¶
If provided, this field specifies the criteria that must be met by the
OSPolicyAssignmentReportAPI resource that is included in the response.- Type
- class google.cloud.osconfig_v1.types.ListOSPolicyAssignmentReportsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA response message for listing OS Policy assignment reports including the page of results and page token.
- os_policy_assignment_reports¶
List of OS policy assignment reports.
- Type
MutableSequence[google.cloud.osconfig_v1.types.OSPolicyAssignmentReport]
- class google.cloud.osconfig_v1.types.ListOSPolicyAssignmentRevisionsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message to list revisions for a OS policy assignment
- class google.cloud.osconfig_v1.types.ListOSPolicyAssignmentRevisionsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA response message for listing all revisions for a OS policy assignment.
- os_policy_assignments¶
The OS policy assignment revisions
- Type
MutableSequence[google.cloud.osconfig_v1.types.OSPolicyAssignment]
- class google.cloud.osconfig_v1.types.ListOSPolicyAssignmentsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message to list OS policy assignments for a parent resource
- class google.cloud.osconfig_v1.types.ListOSPolicyAssignmentsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA response message for listing all assignments under given parent.
- os_policy_assignments¶
The list of assignments
- Type
MutableSequence[google.cloud.osconfig_v1.types.OSPolicyAssignment]
- class google.cloud.osconfig_v1.types.ListPatchDeploymentsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for listing patch deployments.
- class google.cloud.osconfig_v1.types.ListPatchDeploymentsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA response message for listing patch deployments.
- patch_deployments¶
The list of patch deployments.
- Type
MutableSequence[google.cloud.osconfig_v1.types.PatchDeployment]
- class google.cloud.osconfig_v1.types.ListPatchJobInstanceDetailsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest to list details for all instances that are part of a patch job.
- page_token¶
A pagination token returned from a previous call that indicates where this listing should continue from.
- Type
- class google.cloud.osconfig_v1.types.ListPatchJobInstanceDetailsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA response message for listing the instances details for a patch job.
- patch_job_instance_details¶
A list of instance status.
- Type
MutableSequence[google.cloud.osconfig_v1.types.PatchJobInstanceDetails]
- class google.cloud.osconfig_v1.types.ListPatchJobsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for listing patch jobs.
- page_token¶
A pagination token returned from a previous call that indicates where this listing should continue from.
- Type
- class google.cloud.osconfig_v1.types.ListPatchJobsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA response message for listing patch jobs.
- patch_jobs¶
The list of patch jobs.
- Type
MutableSequence[google.cloud.osconfig_v1.types.PatchJob]
- class google.cloud.osconfig_v1.types.ListVulnerabilityReportsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for listing vulnerability reports for all VM instances in the specified location.
- parent¶
Required. The parent resource name.
Format:
projects/{project}/locations/{location}/instances/-For
{project}, eitherproject-numberorproject-idcan be provided.- Type
- page_token¶
A pagination token returned from a previous call to
ListVulnerabilityReportsthat indicates where this listing should continue from.- Type
- class google.cloud.osconfig_v1.types.ListVulnerabilityReportsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA response message for listing vulnerability reports for all VM instances in the specified location.
- vulnerability_reports¶
List of vulnerabilityReport objects.
- Type
MutableSequence[google.cloud.osconfig_v1.types.VulnerabilityReport]
- class google.cloud.osconfig_v1.types.MonthlySchedule(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRepresents a monthly schedule. An example of a valid monthly schedule is “on the third Tuesday of the month” or “on the 15th of the month”.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- month_day¶
Required. One day of the month. 1-31 indicates the 1st to the 31st day. -1 indicates the last day of the month. Months without the target day will be skipped. For example, a schedule to run “every month on the 31st” will not run in February, April, June, etc.
This field is a member of oneof
day_of_month.- Type
- class google.cloud.osconfig_v1.types.OSPolicy(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageAn OS policy defines the desired state configuration for a VM.
- id¶
Required. The id of the OS policy with the following restrictions:
Must contain only lowercase letters, numbers, and hyphens.
Must start with a letter.
Must be between 1-63 characters.
Must end with a number or a letter.
Must be unique within the assignment.
- Type
- mode¶
Required. Policy mode
- resource_groups¶
Required. List of resource groups for the policy. For a particular VM, resource groups are evaluated in the order specified and the first resource group that is applicable is selected and the rest are ignored.
If none of the resource groups are applicable for a VM, the VM is considered to be non-compliant w.r.t this policy. This behavior can be toggled by the flag
allow_no_resource_group_match- Type
MutableSequence[google.cloud.osconfig_v1.types.OSPolicy.ResourceGroup]
- allow_no_resource_group_match¶
This flag determines the OS policy compliance status when none of the resource groups within the policy are applicable for a VM. Set this value to
trueif the policy needs to be reported as compliant even if the policy has nothing to validate or enforce.- Type
- class InventoryFilter(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageFiltering criteria to select VMs based on inventory details.
- class Mode(value)[source]¶
Bases:
proto.enums.EnumPolicy mode
- Values:
- MODE_UNSPECIFIED (0):
Invalid mode
- VALIDATION (1):
This mode checks if the configuration resources in the policy are in their desired state. No actions are performed if they are not in the desired state. This mode is used for reporting purposes.
- ENFORCEMENT (2):
This mode checks if the configuration resources in the policy are in their desired state, and if not, enforces the desired state.
- class Resource(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageAn OS policy resource is used to define the desired state configuration and provides a specific functionality like installing/removing packages, executing a script etc.
The system ensures that resources are always in their desired state by taking necessary actions if they have drifted from their desired state.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- id¶
Required. The id of the resource with the following restrictions:
Must contain only lowercase letters, numbers, and hyphens.
Must start with a letter.
Must be between 1-63 characters.
Must end with a number or a letter.
Must be unique within the OS policy.
- Type
- class ExecResource(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA resource that allows executing scripts on the VM.
The
ExecResourcehas 2 stages:validateandenforceand both stages accept a script as an argument to execute.When the
ExecResourceis applied by the agent, it first executes the script in thevalidatestage. Thevalidatestage can signal that theExecResourceis already in the desired state by returning an exit code of100. If theExecResourceis not in the desired state, it should return an exit code of101. Any other exit code returned by this stage is considered an error.If the
ExecResourceis not in the desired state based on the exit code from thevalidatestage, the agent proceeds to execute the script from theenforcestage. If theExecResourceis already in the desired state, theenforcestage will not be run. Similar tovalidatestage, theenforcestage should return an exit code of100to indicate that the resource in now in its desired state. Any other exit code is considered an error.NOTE: An exit code of
100was chosen over0(and101vs1) to have an explicit indicator ofin desired state,not in desired stateand errors. Because, for example, Powershell will always return an exit code of0unless anexitstatement is provided in the script. So, for reasons of consistency and being explicit, exit codes100and101were chosen.- validate¶
Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates “in desired state”, and exit code of 101 indicates “not in desired state”. Any other exit code indicates a failure running validate.
- enforce¶
What to run to bring this resource into the desired state. An exit code of 100 indicates “success”, any other exit code indicates a failure running enforce.
- class Exec(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA file or script to execute.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- script¶
An inline script. The size of the script is limited to 1024 characters.
This field is a member of oneof
source.- Type
- interpreter¶
Required. The script interpreter to use.
- output_file_path¶
Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes.
- Type
- class Interpreter(value)[source]¶
Bases:
proto.enums.EnumThe interpreter to use.
- Values:
- INTERPRETER_UNSPECIFIED (0):
Invalid value, the request will return validation error.
- NONE (1):
If an interpreter is not specified, the source is executed directly. This execution, without an interpreter, only succeeds for executables and scripts that have shebang lines.
- SHELL (2):
Indicates that the script runs with
/bin/shon Linux andcmd.exeon Windows.- POWERSHELL (3):
Indicates that the script runs with PowerShell.
- class File(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA remote or local file.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- allow_insecure¶
Defaults to false. When false, files are subject to validations based on the file type:
Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified.
- Type
- class Gcs(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageSpecifies a file available as a Cloud Storage Object.
- class Remote(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageSpecifies a file available via some URI.
- uri¶
Required. URI from which to fetch the object. It should contain both the protocol and path following the format
{protocol}://{location}.- Type
- class FileResource(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA resource that manages the state of a file.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- content¶
A a file with this content. The size of the content is limited to 1024 characters.
This field is a member of oneof
source.- Type
- state¶
Required. Desired state of the file.
- permissions¶
Consists of three octal digits which represent, in order, the permissions of the owner, group, and other users for the file (similarly to the numeric mode used in the linux chmod utility). Each digit represents a three bit number with the 4 bit corresponding to the read permissions, the 2 bit corresponds to the write bit, and the one bit corresponds to the execute permission. Default behavior is 755.
Below are some examples of permissions and their associated values:
read, write, and execute: 7 read and execute: 5 read and write: 6 read only: 4
- Type
- class DesiredState(value)[source]¶
Bases:
proto.enums.EnumDesired state of the file.
- Values:
- DESIRED_STATE_UNSPECIFIED (0):
Unspecified is invalid.
- PRESENT (1):
Ensure file at path is present.
- ABSENT (2):
Ensure file at path is absent.
- CONTENTS_MATCH (3):
Ensure the contents of the file at path matches. If the file does not exist it will be created.
- class PackageResource(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA resource that manages a system package.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- desired_state¶
Required. The desired state the agent should maintain for this package.
- class APT(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA package managed by APT.
install:
apt-get update && apt-get -y install [name]remove:
apt-get -y remove [name]
- class Deb(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA deb package file. dpkg packages only support INSTALLED state.
- source¶
Required. A deb package.
- class DesiredState(value)[source]¶
Bases:
proto.enums.EnumThe desired state that the OS Config agent maintains on the VM.
- Values:
- DESIRED_STATE_UNSPECIFIED (0):
Unspecified is invalid.
- INSTALLED (1):
Ensure that the package is installed.
- REMOVED (2):
The agent ensures that the package is not installed and uninstalls it if detected.
- class GooGet(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA package managed by GooGet.
install:
googet -noconfirm install packageremove:
googet -noconfirm remove package
- class MSI(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageAn MSI package. MSI packages only support INSTALLED state.
- source¶
Required. The MSI package.
- class RPM(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageAn RPM package file. RPM packages only support INSTALLED state.
- source¶
Required. An rpm package.
- class YUM(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA package managed by YUM.
install:
yum -y install packageremove:
yum -y remove package
- class Zypper(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA package managed by Zypper.
install:
zypper -y install packageremove:
zypper -y rm package
- class RepositoryResource(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA resource that manages a package repository.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- class AptRepository(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRepresents a single apt package repository. These will be added to a repo file that will be managed at
/etc/apt/sources.list.d/google_osconfig.list.- archive_type¶
Required. Type of archive files in this repository.
- components¶
Required. List of components for this repository. Must contain at least one item.
- Type
MutableSequence[str]
- gpg_key¶
URI of the key file for this repository. The agent maintains a keyring at
/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg.- Type
- class ArchiveType(value)[source]¶
Bases:
proto.enums.EnumType of archive.
- Values:
- ARCHIVE_TYPE_UNSPECIFIED (0):
Unspecified is invalid.
- DEB (1):
Deb indicates that the archive contains binary files.
- DEB_SRC (2):
Deb-src indicates that the archive contains source files.
- class GooRepository(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRepresents a Goo package repository. These are added to a repo file that is managed at
C:/ProgramData/GooGet/repos/google_osconfig.repo.
- class YumRepository(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRepresents a single yum package repository. These are added to a repo file that is managed at
/etc/yum.repos.d/google_osconfig.repo.- id¶
Required. A one word, unique name for this repository. This is the
repo idin the yum config file and also thedisplay_nameifdisplay_nameis omitted. This id is also used as the unique identifier when checking for resource conflicts.- Type
- class ZypperRepository(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRepresents a single zypper package repository. These are added to a repo file that is managed at
/etc/zypp/repos.d/google_osconfig.repo.- id¶
Required. A one word, unique name for this repository. This is the
repo idin the zypper config file and also thedisplay_nameifdisplay_nameis omitted. This id is also used as the unique identifier when checking for GuestPolicy conflicts.- Type
- class ResourceGroup(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageResource groups provide a mechanism to group OS policy resources.
Resource groups enable OS policy authors to create a single OS policy to be applied to VMs running different operating Systems.
When the OS policy is applied to a target VM, the appropriate resource group within the OS policy is selected based on the
OSFilterspecified within the resource group.- inventory_filters¶
List of inventory filters for the resource group.
The resources in this resource group are applied to the target VM if it satisfies at least one of the following inventory filters.
For example, to apply this resource group to VMs running either
RHELorCentOSoperating systems, specify 2 items for the list with following values: inventory_filters[0].os_short_name=’rhel’ and inventory_filters[1].os_short_name=’centos’If the list is empty, this resource group will be applied to the target VM unconditionally.
- Type
MutableSequence[google.cloud.osconfig_v1.types.OSPolicy.InventoryFilter]
- resources¶
Required. List of resources configured for this resource group. The resources are executed in the exact order specified here.
- Type
MutableSequence[google.cloud.osconfig_v1.types.OSPolicy.Resource]
- class google.cloud.osconfig_v1.types.OSPolicyAssignment(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageOS policy assignment is an API resource that is used to apply a set of OS policies to a dynamically targeted group of Compute Engine VM instances.
An OS policy is used to define the desired state configuration for a Compute Engine VM instance through a set of configuration resources that provide capabilities such as installing or removing software packages, or executing a script.
For more information, see OS policy and OS policy assignment.
- name¶
Resource name.
Format:
projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}This field is ignored when you create an OS policy assignment.
- Type
- description¶
OS policy assignment description. Length of the description is limited to 1024 characters.
- Type
- os_policies¶
Required. List of OS policies to be applied to the VMs.
- Type
MutableSequence[google.cloud.osconfig_v1.types.OSPolicy]
- instance_filter¶
Required. Filter to select VMs.
- rollout¶
Required. Rollout to deploy the OS policy assignment. A rollout is triggered in the following situations:
OSPolicyAssignment is created.
OSPolicyAssignment is updated and the update contains changes to one of the following fields:
instance_filter
os_policies
OSPolicyAssignment is deleted.
- revision_id¶
Output only. The assignment revision ID A new revision is committed whenever a rollout is triggered for a OS policy assignment
- Type
- revision_create_time¶
Output only. The timestamp that the revision was created.
- etag¶
The etag for this OS policy assignment. If this is provided on update, it must match the server’s etag.
- Type
- rollout_state¶
Output only. OS policy assignment rollout state
- baseline¶
Output only. Indicates that this revision has been successfully rolled out in this zone and new VMs will be assigned OS policies from this revision.
For a given OS policy assignment, there is only one revision with a value of
truefor this field.- Type
- reconciling¶
Output only. Indicates that reconciliation is in progress for the revision. This value is
truewhen therollout_stateis one of:IN_PROGRESS
CANCELLING
- Type
- class InstanceFilter(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageFilters to select target VMs for an assignment.
If more than one filter criteria is specified below, a VM will be selected if and only if it satisfies all of them.
- inclusion_labels¶
List of label sets used for VM inclusion.
If the list has more than one
LabelSet, the VM is included if any of the label sets are applicable for the VM.- Type
MutableSequence[google.cloud.osconfig_v1.types.OSPolicyAssignment.LabelSet]
- exclusion_labels¶
List of label sets used for VM exclusion.
If the list has more than one label set, the VM is excluded if any of the label sets are applicable for the VM.
- Type
MutableSequence[google.cloud.osconfig_v1.types.OSPolicyAssignment.LabelSet]
- inventories¶
List of inventories to select VMs.
A VM is selected if its inventory data matches at least one of the following inventories.
- Type
MutableSequence[google.cloud.osconfig_v1.types.OSPolicyAssignment.InstanceFilter.Inventory]
- class Inventory(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageVM inventory details.
- class LabelSet(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageMessage representing label set.
A label is a key value pair set for a VM.
A LabelSet is a set of labels.
Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet.
Example: A LabelSet with 2 labels:
env=prodandtype=webserverwill only be applicable for those VMs with both labels present.
- labels¶
Labels are identified by key/value pairs in this map. A VM should contain all the key/value pairs specified in this map to be selected.
- class LabelsEntry(mapping=None, *, ignore_unknown_fields=False, **kwargs)¶
Bases:
proto.message.Message
- class Rollout(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageMessage to configure the rollout at the zonal level for the OS policy assignment.
- disruption_budget¶
Required. The maximum number (or percentage) of VMs per zone to disrupt at any given moment.
- min_wait_duration¶
Required. This determines the minimum duration of time to wait after the configuration changes are applied through the current rollout. A VM continues to count towards the
disruption_budgetat least until this duration of time has passed after configuration changes are applied.
- class RolloutState(value)[source]¶
Bases:
proto.enums.EnumOS policy assignment rollout state
- Values:
- ROLLOUT_STATE_UNSPECIFIED (0):
Invalid value
- IN_PROGRESS (1):
The rollout is in progress.
- CANCELLING (2):
The rollout is being cancelled.
- CANCELLED (3):
The rollout is cancelled.
- SUCCEEDED (4):
The rollout has completed successfully.
- class google.cloud.osconfig_v1.types.OSPolicyAssignmentOperationMetadata(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageOS policy assignment operation metadata provided by OS policy assignment API methods that return long running operations.
- os_policy_assignment¶
Reference to the
OSPolicyAssignmentAPI resource.Format:
projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id@revision_id}- Type
- api_method¶
The OS policy assignment API method.
- rollout_state¶
State of the rollout
- rollout_start_time¶
Rollout start time
- rollout_update_time¶
Rollout update time
- class APIMethod(value)[source]¶
Bases:
proto.enums.EnumThe OS policy assignment API method.
- Values:
- API_METHOD_UNSPECIFIED (0):
Invalid value
- CREATE (1):
Create OS policy assignment API method
- UPDATE (2):
Update OS policy assignment API method
- DELETE (3):
Delete OS policy assignment API method
- class RolloutState(value)[source]¶
Bases:
proto.enums.EnumState of the rollout
- Values:
- ROLLOUT_STATE_UNSPECIFIED (0):
Invalid value
- IN_PROGRESS (1):
The rollout is in progress.
- CANCELLING (2):
The rollout is being cancelled.
- CANCELLED (3):
The rollout is cancelled.
- SUCCEEDED (4):
The rollout has completed successfully.
- class google.cloud.osconfig_v1.types.OSPolicyAssignmentReport(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA report of the OS policy assignment status for a given instance.
- name¶
The
OSPolicyAssignmentReportAPI resource name.Format:
projects/{project_number}/locations/{location}/instances/{instance_id}/osPolicyAssignments/{os_policy_assignment_id}/report- Type
- os_policy_assignment¶
Reference to the
OSPolicyAssignmentAPI resource that theOSPolicybelongs to.Format:
projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id@revision_id}- Type
- os_policy_compliances¶
Compliance data for each
OSPolicythat is applied to the VM.- Type
MutableSequence[google.cloud.osconfig_v1.types.OSPolicyAssignmentReport.OSPolicyCompliance]
- update_time¶
Timestamp for when the report was last generated.
- last_run_id¶
Unique identifier of the last attempted run to apply the OS policies associated with this assignment on the VM.
This ID is logged by the OS Config agent while applying the OS policies associated with this assignment on the VM. NOTE: If the service is unable to successfully connect to the agent for this run, then this id will not be available in the agent logs.
- Type
- class OSPolicyCompliance(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageCompliance data for an OS policy
- compliance_state¶
The compliance state of the OS policy.
- compliance_state_reason¶
The reason for the OS policy to be in an unknown compliance state. This field is always populated when
compliance_stateisUNKNOWN.If populated, the field can contain one of the following values:
vm-not-running: The VM was not running.os-policies-not-supported-by-agent: The version of the OS Config agent running on the VM does not support running OS policies.no-agent-detected: The OS Config agent is not detected for the VM.resource-execution-errors: The OS Config agent encountered errors while executing one or more resources in the policy. Seeos_policy_resource_compliancesfor details.task-timeout: The task sent to the agent to apply the policy timed out.unexpected-agent-state: The OS Config agent did not report the final status of the task that attempted to apply the policy. Instead, the agent unexpectedly started working on a different task. This mostly happens when the agent or VM unexpectedly restarts while applying OS policies.internal-service-errors: Internal service errors were encountered while attempting to apply the policy.
- Type
- os_policy_resource_compliances¶
Compliance data for each resource within the policy that is applied to the VM.
- class ComplianceState(value)[source]¶
Bases:
proto.enums.EnumPossible compliance states for an os policy.
- Values:
- UNKNOWN (0):
The policy is in an unknown compliance state.
Refer to the field
compliance_state_reasonto learn the exact reason for the policy to be in this compliance state.- COMPLIANT (1):
Policy is compliant.
The policy is compliant if all the underlying resources are also compliant.
- NON_COMPLIANT (2):
Policy is non-compliant.
The policy is non-compliant if one or more underlying resources are non-compliant.
- class OSPolicyResourceCompliance(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageCompliance data for an OS policy resource.
- config_steps¶
Ordered list of configuration completed by the agent for the OS policy resource.
- compliance_state¶
The compliance state of the resource.
- compliance_state_reason¶
A reason for the resource to be in the given compliance state. This field is always populated when
compliance_stateisUNKNOWN.The following values are supported when
compliance_state == UNKNOWNexecution-errors: Errors were encountered by the agent while executing the resource and the compliance state couldn’t be determined.execution-skipped-by-agent: Resource execution was skipped by the agent because errors were encountered while executing prior resources in the OS policy.os-policy-execution-attempt-failed: The execution of the OS policy containing this resource failed and the compliance state couldn’t be determined.
- Type
- class ComplianceState(value)[source]¶
Bases:
proto.enums.EnumPossible compliance states for a resource.
- Values:
- UNKNOWN (0):
The resource is in an unknown compliance state.
To get more details about why the policy is in this state, review the output of the
compliance_state_reasonfield.- COMPLIANT (1):
Resource is compliant.
- NON_COMPLIANT (2):
Resource is non-compliant.
- class ExecResourceOutput(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageExecResource specific output.
- class OSPolicyResourceConfigStep(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageStep performed by the OS Config agent for configuring an
OSPolicyresource to its desired state.- type_¶
Configuration step type.
- error_message¶
An error message recorded during the execution of this step. Only populated if errors were encountered during this step execution.
- Type
- class Type(value)[source]¶
Bases:
proto.enums.EnumSupported configuration step types
- Values:
- TYPE_UNSPECIFIED (0):
Default value. This value is unused.
- VALIDATION (1):
Checks for resource conflicts such as schema errors.
- DESIRED_STATE_CHECK (2):
Checks the current status of the desired state for a resource.
- DESIRED_STATE_ENFORCEMENT (3):
Enforces the desired state for a resource that is not in desired state.
- DESIRED_STATE_CHECK_POST_ENFORCEMENT (4):
Re-checks the status of the desired state. This check is done for a resource after the enforcement of all OS policies.
This step is used to determine the final desired state status for the resource. It accounts for any resources that might have drifted from their desired state due to side effects from executing other resources.
- class google.cloud.osconfig_v1.types.OneTimeSchedule(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageSets the time for a one time patch deployment. Timestamp is in RFC3339 text format.
- execute_time¶
Required. The desired patch job execution time.
- class google.cloud.osconfig_v1.types.PatchConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessagePatch configuration specifications. Contains details on how to apply the patch(es) to a VM instance.
- reboot_config¶
Post-patch reboot settings.
- apt¶
Apt update settings. Use this setting to override the default
aptpatch rules.
- yum¶
Yum update settings. Use this setting to override the default
yumpatch rules.
- goo¶
Goo update settings. Use this setting to override the default
goopatch rules.
- zypper¶
Zypper update settings. Use this setting to override the default
zypperpatch rules.
- windows_update¶
Windows update settings. Use this override the default windows patch rules.
- pre_step¶
The
ExecStepto run before the patch update.
- post_step¶
The
ExecStepto run after the patch update.
- class RebootConfig(value)[source]¶
Bases:
proto.enums.EnumPost-patch reboot settings.
- Values:
- REBOOT_CONFIG_UNSPECIFIED (0):
The default behavior is DEFAULT.
- DEFAULT (1):
The agent decides if a reboot is necessary by checking signals such as registry keys on Windows or
/var/run/reboot-requiredon APT based systems. On RPM based systems, a set of core system package install times are compared with system boot time.- ALWAYS (2):
Always reboot the machine after the update completes.
- NEVER (3):
Never reboot the machine after the update completes.
- class google.cloud.osconfig_v1.types.PatchDeployment(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessagePatch deployments are configurations that individual patch jobs use to complete a patch. These configurations include instance filter, package repository settings, and a schedule. For more information about creating and managing patch deployments, see Scheduling patch jobs.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- name¶
Unique name for the patch deployment resource in a project. The patch deployment name is in the form:
projects/{project_id}/patchDeployments/{patch_deployment_id}. This field is ignored when you create a new patch deployment.- Type
- description¶
Optional. Description of the patch deployment. Length of the description is limited to 1024 characters.
- Type
- instance_filter¶
Required. VM instances to patch.
- patch_config¶
Optional. Patch configuration that is applied.
- duration¶
Optional. Duration of the patch. After the duration ends, the patch times out.
- one_time_schedule¶
Required. Schedule a one-time execution.
This field is a member of oneof
schedule.
- recurring_schedule¶
Required. Schedule recurring executions.
This field is a member of oneof
schedule.
- create_time¶
Output only. Time the patch deployment was created. Timestamp is in RFC3339 text format.
- update_time¶
Output only. Time the patch deployment was last updated. Timestamp is in RFC3339 text format.
- last_execute_time¶
Output only. The last time a patch job was started by this deployment. Timestamp is in RFC3339 text format.
- rollout¶
Optional. Rollout strategy of the patch job.
- state¶
Output only. Current state of the patch deployment.
- class State(value)[source]¶
Bases:
proto.enums.EnumRepresents state of patch peployment.
- Values:
- STATE_UNSPECIFIED (0):
The default value. This value is used if the state is omitted.
- ACTIVE (1):
Active value means that patch deployment generates Patch Jobs.
- PAUSED (2):
Paused value means that patch deployment does not generate Patch jobs. Requires user action to move in and out from this state.
- class google.cloud.osconfig_v1.types.PatchInstanceFilter(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA filter to target VM instances for patching. The targeted VMs must meet all criteria specified. So if both labels and zones are specified, the patch job targets only VMs with those labels and in those zones.
- group_labels¶
Targets VM instances matching ANY of these GroupLabels. This allows targeting of disparate groups of VM instances.
- Type
MutableSequence[google.cloud.osconfig_v1.types.PatchInstanceFilter.GroupLabel]
- zones¶
Targets VM instances in ANY of these zones. Leave empty to target VM instances in any zone.
- Type
MutableSequence[str]
- instances¶
Targets any of the VM instances specified. Instances are specified by their URI in the form
zones/[ZONE]/instances/[INSTANCE_NAME],projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME], orhttps://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME]- Type
MutableSequence[str]
- instance_name_prefixes¶
Targets VMs whose name starts with one of these prefixes. Similar to labels, this is another way to group VMs when targeting configs, for example prefix=”prod-“.
- Type
MutableSequence[str]
- class GroupLabel(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageTargets a group of VM instances by using their assigned labels. Labels are key-value pairs. A
GroupLabelis a combination of labels that is used to target VMs for a patch job.For example, a patch job can target VMs that have the following
GroupLabel:{"env":"test", "app":"web"}. This means that the patch job is applied to VMs that have both the labelsenv=testandapp=web.- labels¶
Compute Engine instance labels that must be present for a VM instance to be targeted by this filter.
- class LabelsEntry(mapping=None, *, ignore_unknown_fields=False, **kwargs)¶
Bases:
proto.message.Message
- class google.cloud.osconfig_v1.types.PatchJob(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA high level representation of a patch job that is either in progress or has completed.
Instance details are not included in the job. To paginate through instance details, use ListPatchJobInstanceDetails.
For more information about patch jobs, see Creating patch jobs.
- description¶
Description of the patch job. Length of the description is limited to 1024 characters.
- Type
- create_time¶
Time this patch job was created.
- update_time¶
Last time this patch job was updated.
- state¶
The current state of the PatchJob.
- instance_filter¶
Instances to patch.
- patch_config¶
Patch configuration being applied.
- duration¶
Duration of the patch job. After the duration ends, the patch job times out.
- instance_details_summary¶
Summary of instance details.
- dry_run¶
If this patch job is a dry run, the agent reports that it has finished without running any updates on the VM instance.
- Type
- error_message¶
If this patch job failed, this message provides information about the failure.
- Type
- percent_complete¶
Reflects the overall progress of the patch job in the range of 0.0 being no progress to 100.0 being complete.
- Type
- rollout¶
Rollout strategy being applied.
- class InstanceDetailsSummary(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA summary of the current patch state across all instances that this patch job affects. Contains counts of instances in different states. These states map to
InstancePatchState. List patch job instance details to see the specific states of each instance.- timed_out_instance_count¶
Number of instances that exceeded the time out while applying the patch.
- Type
- class State(value)[source]¶
Bases:
proto.enums.EnumEnumeration of the various states a patch job passes through as it executes.
- Values:
- STATE_UNSPECIFIED (0):
State must be specified.
- STARTED (1):
The patch job was successfully initiated.
- INSTANCE_LOOKUP (2):
The patch job is looking up instances to run the patch on.
- PATCHING (3):
Instances are being patched.
- SUCCEEDED (4):
Patch job completed successfully.
- COMPLETED_WITH_ERRORS (5):
Patch job completed but there were errors.
- CANCELED (6):
The patch job was canceled.
- TIMED_OUT (7):
The patch job timed out.
- class google.cloud.osconfig_v1.types.PatchJobInstanceDetails(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessagePatch details for a VM instance. For more information about reviewing VM instance details, see Listing all VM instance details for a specific patch job.
- instance_system_id¶
The unique identifier for the instance. This identifier is defined by the server.
- Type
- state¶
Current state of instance patch.
- class google.cloud.osconfig_v1.types.PatchRollout(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessagePatch rollout configuration specifications. Contains details on the concurrency control when applying patch(es) to all targeted VMs.
- mode¶
Mode of the patch rollout.
- disruption_budget¶
The maximum number (or percentage) of VMs per zone to disrupt at any given moment. The number of VMs calculated from multiplying the percentage by the total number of VMs in a zone is rounded up.
During patching, a VM is considered disrupted from the time the agent is notified to begin until patching has completed. This disruption time includes the time to complete reboot and any post-patch steps.
A VM contributes to the disruption budget if its patching operation fails either when applying the patches, running pre or post patch steps, or if it fails to respond with a success notification before timing out. VMs that are not running or do not have an active agent do not count toward this disruption budget.
For zone-by-zone rollouts, if the disruption budget in a zone is exceeded, the patch job stops, because continuing to the next zone requires completion of the patch process in the previous zone.
For example, if the disruption budget has a fixed value of
10, and 8 VMs fail to patch in the current zone, the patch job continues to patch 2 VMs at a time until the zone is completed. When that zone is completed successfully, patching begins with 10 VMs at a time in the next zone. If 10 VMs in the next zone fail to patch, the patch job stops.
- class Mode(value)[source]¶
Bases:
proto.enums.EnumType of the rollout.
- Values:
- MODE_UNSPECIFIED (0):
Mode must be specified.
- ZONE_BY_ZONE (1):
Patches are applied one zone at a time. The patch job begins in the region with the lowest number of targeted VMs. Within the region, patching begins in the zone with the lowest number of targeted VMs. If multiple regions (or zones within a region) have the same number of targeted VMs, a tie-breaker is achieved by sorting the regions or zones in alphabetical order.
- CONCURRENT_ZONES (2):
Patches are applied to VMs in all zones at the same time.
- class google.cloud.osconfig_v1.types.PausePatchDeploymentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for pausing a patch deployment.
- class google.cloud.osconfig_v1.types.RecurringSchedule(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageSets the time for recurring patch deployments.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- time_zone¶
Required. Defines the time zone that
time_of_dayis relative to. The rules for daylight saving time are determined by the chosen time zone.- Type
google.type.datetime_pb2.TimeZone
- start_time¶
Optional. The time that the recurring schedule becomes effective. Defaults to
create_timeof the patch deployment.
- end_time¶
Optional. The end time at which a recurring patch deployment schedule is no longer active.
- time_of_day¶
Required. Time of the day to run a recurring deployment.
- Type
google.type.timeofday_pb2.TimeOfDay
- frequency¶
Required. The frequency unit of this recurring schedule.
- monthly¶
Required. Schedule with monthly executions.
This field is a member of oneof
schedule_config.
- last_execute_time¶
Output only. The time the last patch job ran successfully.
- next_execute_time¶
Output only. The time the next patch job is scheduled to run.
- class Frequency(value)[source]¶
Bases:
proto.enums.EnumSpecifies the frequency of the recurring patch deployments.
- Values:
- FREQUENCY_UNSPECIFIED (0):
Invalid. A frequency must be specified.
- WEEKLY (1):
Indicates that the frequency of recurrence should be expressed in terms of weeks.
- MONTHLY (2):
Indicates that the frequency of recurrence should be expressed in terms of months.
- DAILY (3):
Indicates that the frequency of recurrence should be expressed in terms of days.
- class google.cloud.osconfig_v1.types.ResumePatchDeploymentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for resuming a patch deployment.
- class google.cloud.osconfig_v1.types.UpdateOSPolicyAssignmentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message to update an OS policy assignment
- os_policy_assignment¶
Required. The updated OS policy assignment.
- update_mask¶
Optional. Field mask that controls which fields of the assignment should be updated.
- class google.cloud.osconfig_v1.types.UpdatePatchDeploymentRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA request message for updating a patch deployment.
- patch_deployment¶
Required. The patch deployment to Update.
- update_mask¶
Optional. Field mask that controls which fields of the patch deployment should be updated.
- class google.cloud.osconfig_v1.types.VulnerabilityReport(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageThis API resource represents the vulnerability report for a specified Compute Engine virtual machine (VM) instance at a given point in time.
For more information, see Vulnerability reports.
- name¶
Output only. The
vulnerabilityReportAPI resource name.Format:
projects/{project_number}/locations/{location}/instances/{instance_id}/vulnerabilityReport- Type
- vulnerabilities¶
Output only. List of vulnerabilities affecting the VM.
- Type
MutableSequence[google.cloud.osconfig_v1.types.VulnerabilityReport.Vulnerability]
- update_time¶
Output only. The timestamp for when the last vulnerability report was generated for the VM.
- class Vulnerability(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA vulnerability affecting the VM instance.
- details¶
Contains metadata as per the upstream feed of the operating system and NVD.
- installed_inventory_item_ids¶
Corresponds to the
INSTALLED_PACKAGEinventory item on the VM. This field displays the inventory items affected by this vulnerability. If the vulnerability report was not updated after the VM inventory update, these values might not display in VM inventory. For some distros, this field may be empty.- Type
MutableSequence[str]
- available_inventory_item_ids¶
Corresponds to the
AVAILABLE_PACKAGEinventory item on the VM. If the vulnerability report was not updated after the VM inventory update, these values might not display in VM inventory. If there is no available fix, the field is empty. Theinventory_itemvalue specifies the latestSoftwarePackageavailable to the VM that fixes the vulnerability.- Type
MutableSequence[str]
- create_time¶
The timestamp for when the vulnerability was first detected.
- update_time¶
The timestamp for when the vulnerability was last modified.
- items¶
List of items affected by the vulnerability.
- Type
MutableSequence[google.cloud.osconfig_v1.types.VulnerabilityReport.Vulnerability.Item]
- class Details(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageContains metadata information for the vulnerability. This information is collected from the upstream feed of the operating system.
- cve¶
The CVE of the vulnerability. CVE cannot be empty and the combination of <cve, classification> should be unique across vulnerabilities for a VM.
- Type
- cvss_v2_score¶
The CVSS V2 score of this vulnerability. CVSS V2 score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.
- Type
- cvss_v3¶
The full description of the CVSSv3 for this vulnerability from NVD.
- references¶
Corresponds to the references attached to the
VulnerabilityDetails.- Type
MutableSequence[google.cloud.osconfig_v1.types.VulnerabilityReport.Vulnerability.Details.Reference]
- class Item(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageOS inventory item that is affected by a vulnerability or fixed as a result of a vulnerability.
- installed_inventory_item_id¶
Corresponds to the
INSTALLED_PACKAGEinventory item on the VM. This field displays the inventory items affected by this vulnerability. If the vulnerability report was not updated after the VM inventory update, these values might not display in VM inventory. For some operating systems, this field might be empty.- Type
- available_inventory_item_id¶
Corresponds to the
AVAILABLE_PACKAGEinventory item on the VM. If the vulnerability report was not updated after the VM inventory update, these values might not display in VM inventory. If there is no available fix, the field is empty. Theinventory_itemvalue specifies the latestSoftwarePackageavailable to the VM that fixes the vulnerability.- Type
- class google.cloud.osconfig_v1.types.WeekDayOfMonth(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRepresents one week day in a month. An example is “the 4th Sunday”.
- week_ordinal¶
Required. Week number in a month. 1-4 indicates the 1st to 4th week of the month. -1 indicates the last week of the month.
- Type
- day_of_week¶
Required. A day of the week.
- Type
google.type.dayofweek_pb2.DayOfWeek
- day_offset¶
Optional. Represents the number of days before or after the given week day of month that the patch deployment is scheduled for. For example if
week_ordinalandday_of_weekvalues point to the second day of the month and thisday_offsetvalue is set to3, the patch deployment takes place three days after the second Tuesday of the month. If this value is negative, for example -5, the patches are deployed five days before before the second Tuesday of the month. Allowed values are in range [-30, 30].- Type
- class google.cloud.osconfig_v1.types.WeeklySchedule(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRepresents a weekly schedule.
- day_of_week¶
Required. Day of the week.
- Type
google.type.dayofweek_pb2.DayOfWeek
- class google.cloud.osconfig_v1.types.WindowsUpdateSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageWindows patching is performed using the Windows Update Agent.
- classifications¶
Only apply updates of these windows update classifications. If empty, all updates are applied.
- Type
MutableSequence[google.cloud.osconfig_v1.types.WindowsUpdateSettings.Classification]
- exclusive_patches¶
An exclusive list of kbs to be updated. These are the only patches that will be updated. This field must not be used with other patch configurations.
- Type
MutableSequence[str]
- class Classification(value)[source]¶
Bases:
proto.enums.EnumMicrosoft Windows update classifications as defined in [1] https://support.microsoft.com/en-us/help/824684/description-of-the-standard-terminology-that-is-used-to-describe-micro
- Values:
- CLASSIFICATION_UNSPECIFIED (0):
Invalid. If classifications are included, they must be specified.
- CRITICAL (1):
“A widely released fix for a specific problem that addresses a critical, non-security-related bug.” [1]
- SECURITY (2):
“A widely released fix for a product-specific, security-related vulnerability. Security vulnerabilities are rated by their severity. The severity rating is indicated in the Microsoft security bulletin as critical, important, moderate, or low.” [1]
- DEFINITION (3):
“A widely released and frequent software update that contains additions to a product’s definition database. Definition databases are often used to detect objects that have specific attributes, such as malicious code, phishing websites, or junk mail.” [1]
- DRIVER (4):
“Software that controls the input and output of a device.” [1]
- FEATURE_PACK (5):
“New product functionality that is first distributed outside the context of a product release and that is typically included in the next full product release.” [1]
- SERVICE_PACK (6):
“A tested, cumulative set of all hotfixes, security updates, critical updates, and updates. Additionally, service packs may contain additional fixes for problems that are found internally since the release of the product. Service packs my also contain a limited number of customer-requested design changes or features.” [1]
- TOOL (7):
“A utility or feature that helps complete a task or set of tasks.” [1]
- UPDATE_ROLLUP (8):
“A tested, cumulative set of hotfixes, security updates, critical updates, and updates that are packaged together for easy deployment. A rollup generally targets a specific area, such as security, or a component of a product, such as Internet Information Services (IIS).” [1]
- UPDATE (9):
“A widely released fix for a specific problem. An update addresses a noncritical, non-security-related bug.” [1]
- class google.cloud.osconfig_v1.types.YumSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageYum patching is performed by executing
yum update. Additional options can be set to control how this is executed.Note that not all settings are supported on all platforms.
- class google.cloud.osconfig_v1.types.ZypperSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageZypper patching is performed by running
zypper patch. See also https://en.opensuse.org/SDB:Zypper_manual.- categories¶
Install only patches with these categories. Common categories include security, recommended, and feature.
- Type
MutableSequence[str]
