Class: Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance

Inherits:

Object

• Object
• Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/cloud/osconfig/v1/os_policy_assignment_reports.rb

Overview

Compliance data for an OS policy

Defined Under Namespace

Modules: ComplianceState Classes: OSPolicyResourceCompliance

Instance Attribute Summary

• #compliance_state ⇒ ::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::ComplianceState

  The compliance state of the OS policy.

• #compliance_state_reason ⇒ ::String

  The reason for the OS policy to be in an unknown compliance state.

• #os_policy_id ⇒ ::String

  The OS policy id.

• #os_policy_resource_compliances ⇒ ::Array<::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance>

  Compliance data for each resource within the policy that is applied to the VM.

Instance Attribute Details

#compliance_state ⇒ ::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::ComplianceState

Returns The compliance state of the OS policy.

Returns:

• (::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::ComplianceState) —

  The compliance state of the OS policy.

# File 'proto_docs/google/cloud/osconfig/v1/os_policy_assignment_reports.rb', line 165

class OSPolicyCompliance
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Compliance data for an OS policy resource.
  # @!attribute [rw] os_policy_resource_id
  #   @return [::String]
  #     The ID of the OS policy resource.
  # @!attribute [rw] config_steps
  #   @return [::Array<::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep>]
  #     Ordered list of configuration completed by the agent for the OS policy
  #     resource.
  # @!attribute [rw] compliance_state
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ComplianceState]
  #     The compliance state of the resource.
  # @!attribute [rw] compliance_state_reason
  #   @return [::String]
  #     A reason for the resource to be in the given compliance state.
  #     This field is always populated when `compliance_state` is `UNKNOWN`.
  #
  #     The following values are supported when `compliance_state == UNKNOWN`
  #
  #     * `execution-errors`: Errors were encountered by the agent while
  #     executing the resource and the compliance state couldn't be
  #     determined.
  #     * `execution-skipped-by-agent`: Resource execution was skipped by the
  #     agent because errors were encountered while executing prior resources
  #     in the OS policy.
  #     * `os-policy-execution-attempt-failed`: The execution of the OS policy
  #     containing this resource failed and the compliance state couldn't be
  #     determined.
  # @!attribute [rw] exec_resource_output
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ExecResourceOutput]
  #     ExecResource specific output.
  class OSPolicyResourceCompliance
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Step performed by the OS Config agent for configuring an
    # `OSPolicy` resource to its desired state.
    # @!attribute [rw] type
    #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep::Type]
    #     Configuration step type.
    # @!attribute [rw] error_message
    #   @return [::String]
    #     An error message recorded during the execution of this step.
    #     Only populated if errors were encountered during this step execution.
    class OSPolicyResourceConfigStep
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # Supported configuration step types
      module Type
        # Default value. This value is unused.
        TYPE_UNSPECIFIED = 0

        # Checks for resource conflicts such as schema errors.
        VALIDATION = 1

        # Checks the current status of the desired state for a resource.
        DESIRED_STATE_CHECK = 2

        # Enforces the desired state for a resource that is not in desired
        # state.
        DESIRED_STATE_ENFORCEMENT = 3

        # Re-checks the status of the desired state. This check is done
        # for a resource after the enforcement of all OS policies.
        #
        # This step is used to determine the final desired state status for
        # the resource. It accounts for any resources that might have drifted
        # from their desired state due to side effects from executing other
        # resources.
        DESIRED_STATE_CHECK_POST_ENFORCEMENT = 4
      end
    end

    # ExecResource specific output.
    # @!attribute [rw] enforcement_output
    #   @return [::String]
    #     Output from enforcement phase output file (if run).
    #     Output size is limited to 100K bytes.
    class ExecResourceOutput
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods
    end

    # Possible compliance states for a resource.
    module ComplianceState
      # The resource is in an unknown compliance state.
      #
      # To get more details about why the policy is in this state, review
      # the output of the `compliance_state_reason` field.
      UNKNOWN = 0

      # Resource is compliant.
      COMPLIANT = 1

      # Resource is non-compliant.
      NON_COMPLIANT = 2
    end
  end

  # Possible compliance states for an os policy.
  module ComplianceState
    # The policy is in an unknown compliance state.
    #
    # Refer to the field `compliance_state_reason` to learn the exact reason
    # for the policy to be in this compliance state.
    UNKNOWN = 0

    # Policy is compliant.
    #
    # The policy is compliant if all the underlying resources are also
    # compliant.
    COMPLIANT = 1

    # Policy is non-compliant.
    #
    # The policy is non-compliant if one or more underlying resources are
    # non-compliant.
    NON_COMPLIANT = 2
  end
end

#compliance_state_reason ⇒ ::String

Returns The reason for the OS policy to be in an unknown compliance state. This field is always populated when compliance_state is UNKNOWN.

If populated, the field can contain one of the following values:

• vm-not-running: The VM was not running.
• os-policies-not-supported-by-agent: The version of the OS Config agent running on the VM does not support running OS policies.
• no-agent-detected: The OS Config agent is not detected for the VM.
• resource-execution-errors: The OS Config agent encountered errors while executing one or more resources in the policy. See os_policy_resource_compliances for details.
• task-timeout: The task sent to the agent to apply the policy timed out.
• unexpected-agent-state: The OS Config agent did not report the final status of the task that attempted to apply the policy. Instead, the agent unexpectedly started working on a different task. This mostly happens when the agent or VM unexpectedly restarts while applying OS policies.
• internal-service-errors: Internal service errors were encountered while attempting to apply the policy.

Returns:

• (::String) —

  The reason for the OS policy to be in an unknown compliance state. This field is always populated when compliance_state is UNKNOWN.

  If populated, the field can contain one of the following values:

  • vm-not-running: The VM was not running.
  • os-policies-not-supported-by-agent: The version of the OS Config agent running on the VM does not support running OS policies.
  • no-agent-detected: The OS Config agent is not detected for the VM.
  • resource-execution-errors: The OS Config agent encountered errors while executing one or more resources in the policy. See os_policy_resource_compliances for details.
  • task-timeout: The task sent to the agent to apply the policy timed out.
  • unexpected-agent-state: The OS Config agent did not report the final status of the task that attempted to apply the policy. Instead, the agent unexpectedly started working on a different task. This mostly happens when the agent or VM unexpectedly restarts while applying OS policies.
  • internal-service-errors: Internal service errors were encountered while attempting to apply the policy.

# File 'proto_docs/google/cloud/osconfig/v1/os_policy_assignment_reports.rb', line 165

class OSPolicyCompliance
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Compliance data for an OS policy resource.
  # @!attribute [rw] os_policy_resource_id
  #   @return [::String]
  #     The ID of the OS policy resource.
  # @!attribute [rw] config_steps
  #   @return [::Array<::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep>]
  #     Ordered list of configuration completed by the agent for the OS policy
  #     resource.
  # @!attribute [rw] compliance_state
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ComplianceState]
  #     The compliance state of the resource.
  # @!attribute [rw] compliance_state_reason
  #   @return [::String]
  #     A reason for the resource to be in the given compliance state.
  #     This field is always populated when `compliance_state` is `UNKNOWN`.
  #
  #     The following values are supported when `compliance_state == UNKNOWN`
  #
  #     * `execution-errors`: Errors were encountered by the agent while
  #     executing the resource and the compliance state couldn't be
  #     determined.
  #     * `execution-skipped-by-agent`: Resource execution was skipped by the
  #     agent because errors were encountered while executing prior resources
  #     in the OS policy.
  #     * `os-policy-execution-attempt-failed`: The execution of the OS policy
  #     containing this resource failed and the compliance state couldn't be
  #     determined.
  # @!attribute [rw] exec_resource_output
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ExecResourceOutput]
  #     ExecResource specific output.
  class OSPolicyResourceCompliance
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Step performed by the OS Config agent for configuring an
    # `OSPolicy` resource to its desired state.
    # @!attribute [rw] type
    #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep::Type]
    #     Configuration step type.
    # @!attribute [rw] error_message
    #   @return [::String]
    #     An error message recorded during the execution of this step.
    #     Only populated if errors were encountered during this step execution.
    class OSPolicyResourceConfigStep
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # Supported configuration step types
      module Type
        # Default value. This value is unused.
        TYPE_UNSPECIFIED = 0

        # Checks for resource conflicts such as schema errors.
        VALIDATION = 1

        # Checks the current status of the desired state for a resource.
        DESIRED_STATE_CHECK = 2

        # Enforces the desired state for a resource that is not in desired
        # state.
        DESIRED_STATE_ENFORCEMENT = 3

        # Re-checks the status of the desired state. This check is done
        # for a resource after the enforcement of all OS policies.
        #
        # This step is used to determine the final desired state status for
        # the resource. It accounts for any resources that might have drifted
        # from their desired state due to side effects from executing other
        # resources.
        DESIRED_STATE_CHECK_POST_ENFORCEMENT = 4
      end
    end

    # ExecResource specific output.
    # @!attribute [rw] enforcement_output
    #   @return [::String]
    #     Output from enforcement phase output file (if run).
    #     Output size is limited to 100K bytes.
    class ExecResourceOutput
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods
    end

    # Possible compliance states for a resource.
    module ComplianceState
      # The resource is in an unknown compliance state.
      #
      # To get more details about why the policy is in this state, review
      # the output of the `compliance_state_reason` field.
      UNKNOWN = 0

      # Resource is compliant.
      COMPLIANT = 1

      # Resource is non-compliant.
      NON_COMPLIANT = 2
    end
  end

  # Possible compliance states for an os policy.
  module ComplianceState
    # The policy is in an unknown compliance state.
    #
    # Refer to the field `compliance_state_reason` to learn the exact reason
    # for the policy to be in this compliance state.
    UNKNOWN = 0

    # Policy is compliant.
    #
    # The policy is compliant if all the underlying resources are also
    # compliant.
    COMPLIANT = 1

    # Policy is non-compliant.
    #
    # The policy is non-compliant if one or more underlying resources are
    # non-compliant.
    NON_COMPLIANT = 2
  end
end

#os_policy_id ⇒ ::String

Returns The OS policy id.

Returns:

• (::String) —

  The OS policy id

# File 'proto_docs/google/cloud/osconfig/v1/os_policy_assignment_reports.rb', line 165

class OSPolicyCompliance
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Compliance data for an OS policy resource.
  # @!attribute [rw] os_policy_resource_id
  #   @return [::String]
  #     The ID of the OS policy resource.
  # @!attribute [rw] config_steps
  #   @return [::Array<::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep>]
  #     Ordered list of configuration completed by the agent for the OS policy
  #     resource.
  # @!attribute [rw] compliance_state
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ComplianceState]
  #     The compliance state of the resource.
  # @!attribute [rw] compliance_state_reason
  #   @return [::String]
  #     A reason for the resource to be in the given compliance state.
  #     This field is always populated when `compliance_state` is `UNKNOWN`.
  #
  #     The following values are supported when `compliance_state == UNKNOWN`
  #
  #     * `execution-errors`: Errors were encountered by the agent while
  #     executing the resource and the compliance state couldn't be
  #     determined.
  #     * `execution-skipped-by-agent`: Resource execution was skipped by the
  #     agent because errors were encountered while executing prior resources
  #     in the OS policy.
  #     * `os-policy-execution-attempt-failed`: The execution of the OS policy
  #     containing this resource failed and the compliance state couldn't be
  #     determined.
  # @!attribute [rw] exec_resource_output
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ExecResourceOutput]
  #     ExecResource specific output.
  class OSPolicyResourceCompliance
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Step performed by the OS Config agent for configuring an
    # `OSPolicy` resource to its desired state.
    # @!attribute [rw] type
    #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep::Type]
    #     Configuration step type.
    # @!attribute [rw] error_message
    #   @return [::String]
    #     An error message recorded during the execution of this step.
    #     Only populated if errors were encountered during this step execution.
    class OSPolicyResourceConfigStep
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # Supported configuration step types
      module Type
        # Default value. This value is unused.
        TYPE_UNSPECIFIED = 0

        # Checks for resource conflicts such as schema errors.
        VALIDATION = 1

        # Checks the current status of the desired state for a resource.
        DESIRED_STATE_CHECK = 2

        # Enforces the desired state for a resource that is not in desired
        # state.
        DESIRED_STATE_ENFORCEMENT = 3

        # Re-checks the status of the desired state. This check is done
        # for a resource after the enforcement of all OS policies.
        #
        # This step is used to determine the final desired state status for
        # the resource. It accounts for any resources that might have drifted
        # from their desired state due to side effects from executing other
        # resources.
        DESIRED_STATE_CHECK_POST_ENFORCEMENT = 4
      end
    end

    # ExecResource specific output.
    # @!attribute [rw] enforcement_output
    #   @return [::String]
    #     Output from enforcement phase output file (if run).
    #     Output size is limited to 100K bytes.
    class ExecResourceOutput
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods
    end

    # Possible compliance states for a resource.
    module ComplianceState
      # The resource is in an unknown compliance state.
      #
      # To get more details about why the policy is in this state, review
      # the output of the `compliance_state_reason` field.
      UNKNOWN = 0

      # Resource is compliant.
      COMPLIANT = 1

      # Resource is non-compliant.
      NON_COMPLIANT = 2
    end
  end

  # Possible compliance states for an os policy.
  module ComplianceState
    # The policy is in an unknown compliance state.
    #
    # Refer to the field `compliance_state_reason` to learn the exact reason
    # for the policy to be in this compliance state.
    UNKNOWN = 0

    # Policy is compliant.
    #
    # The policy is compliant if all the underlying resources are also
    # compliant.
    COMPLIANT = 1

    # Policy is non-compliant.
    #
    # The policy is non-compliant if one or more underlying resources are
    # non-compliant.
    NON_COMPLIANT = 2
  end
end

#os_policy_resource_compliances ⇒ ::Array<::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance>

Returns Compliance data for each resource within the policy that is applied to the VM.

Returns:

• (::Array<::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance>) —

  Compliance data for each resource within the policy that is applied to the VM.

# File 'proto_docs/google/cloud/osconfig/v1/os_policy_assignment_reports.rb', line 165

class OSPolicyCompliance
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Compliance data for an OS policy resource.
  # @!attribute [rw] os_policy_resource_id
  #   @return [::String]
  #     The ID of the OS policy resource.
  # @!attribute [rw] config_steps
  #   @return [::Array<::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep>]
  #     Ordered list of configuration completed by the agent for the OS policy
  #     resource.
  # @!attribute [rw] compliance_state
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ComplianceState]
  #     The compliance state of the resource.
  # @!attribute [rw] compliance_state_reason
  #   @return [::String]
  #     A reason for the resource to be in the given compliance state.
  #     This field is always populated when `compliance_state` is `UNKNOWN`.
  #
  #     The following values are supported when `compliance_state == UNKNOWN`
  #
  #     * `execution-errors`: Errors were encountered by the agent while
  #     executing the resource and the compliance state couldn't be
  #     determined.
  #     * `execution-skipped-by-agent`: Resource execution was skipped by the
  #     agent because errors were encountered while executing prior resources
  #     in the OS policy.
  #     * `os-policy-execution-attempt-failed`: The execution of the OS policy
  #     containing this resource failed and the compliance state couldn't be
  #     determined.
  # @!attribute [rw] exec_resource_output
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ExecResourceOutput]
  #     ExecResource specific output.
  class OSPolicyResourceCompliance
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Step performed by the OS Config agent for configuring an
    # `OSPolicy` resource to its desired state.
    # @!attribute [rw] type
    #   @return [::Google::Cloud::OsConfig::V1::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep::Type]
    #     Configuration step type.
    # @!attribute [rw] error_message
    #   @return [::String]
    #     An error message recorded during the execution of this step.
    #     Only populated if errors were encountered during this step execution.
    class OSPolicyResourceConfigStep
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # Supported configuration step types
      module Type
        # Default value. This value is unused.
        TYPE_UNSPECIFIED = 0

        # Checks for resource conflicts such as schema errors.
        VALIDATION = 1

        # Checks the current status of the desired state for a resource.
        DESIRED_STATE_CHECK = 2

        # Enforces the desired state for a resource that is not in desired
        # state.
        DESIRED_STATE_ENFORCEMENT = 3

        # Re-checks the status of the desired state. This check is done
        # for a resource after the enforcement of all OS policies.
        #
        # This step is used to determine the final desired state status for
        # the resource. It accounts for any resources that might have drifted
        # from their desired state due to side effects from executing other
        # resources.
        DESIRED_STATE_CHECK_POST_ENFORCEMENT = 4
      end
    end

    # ExecResource specific output.
    # @!attribute [rw] enforcement_output
    #   @return [::String]
    #     Output from enforcement phase output file (if run).
    #     Output size is limited to 100K bytes.
    class ExecResourceOutput
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods
    end

    # Possible compliance states for a resource.
    module ComplianceState
      # The resource is in an unknown compliance state.
      #
      # To get more details about why the policy is in this state, review
      # the output of the `compliance_state_reason` field.
      UNKNOWN = 0

      # Resource is compliant.
      COMPLIANT = 1

      # Resource is non-compliant.
      NON_COMPLIANT = 2
    end
  end

  # Possible compliance states for an os policy.
  module ComplianceState
    # The policy is in an unknown compliance state.
    #
    # Refer to the field `compliance_state_reason` to learn the exact reason
    # for the policy to be in this compliance state.
    UNKNOWN = 0

    # Policy is compliant.
    #
    # The policy is compliant if all the underlying resources are also
    # compliant.
    COMPLIANT = 1

    # Policy is non-compliant.
    #
    # The policy is non-compliant if one or more underlying resources are
    # non-compliant.
    NON_COMPLIANT = 2
  end
end