aws-sdk-ssm 1.101.0 → 1.106.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -117,6 +117,7 @@ module Aws::SSM
117
117
  BaselineDescription = Shapes::StringShape.new(name: 'BaselineDescription')
118
118
  BaselineId = Shapes::StringShape.new(name: 'BaselineId')
119
119
  BaselineName = Shapes::StringShape.new(name: 'BaselineName')
120
+ BaselineOverride = Shapes::StructureShape.new(name: 'BaselineOverride')
120
121
  BatchErrorMessage = Shapes::StringShape.new(name: 'BatchErrorMessage')
121
122
  Boolean = Shapes::BooleanShape.new(name: 'Boolean')
122
123
  CalendarNameOrARN = Shapes::StringShape.new(name: 'CalendarNameOrARN')
@@ -337,6 +338,7 @@ module Aws::SSM
337
338
  DocumentParameterName = Shapes::StringShape.new(name: 'DocumentParameterName')
338
339
  DocumentParameterType = Shapes::StringShape.new(name: 'DocumentParameterType')
339
340
  DocumentPermissionLimit = Shapes::StructureShape.new(name: 'DocumentPermissionLimit')
341
+ DocumentPermissionMaxResults = Shapes::IntegerShape.new(name: 'DocumentPermissionMaxResults')
340
342
  DocumentPermissionType = Shapes::StringShape.new(name: 'DocumentPermissionType')
341
343
  DocumentRequires = Shapes::StructureShape.new(name: 'DocumentRequires')
342
344
  DocumentRequiresList = Shapes::ListShape.new(name: 'DocumentRequiresList')
@@ -1416,6 +1418,17 @@ module Aws::SSM
1416
1418
  AutomationStepNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "Message"))
1417
1419
  AutomationStepNotFoundException.struct_class = Types::AutomationStepNotFoundException
1418
1420
 
1421
+ BaselineOverride.add_member(:operating_system, Shapes::ShapeRef.new(shape: OperatingSystem, location_name: "OperatingSystem"))
1422
+ BaselineOverride.add_member(:global_filters, Shapes::ShapeRef.new(shape: PatchFilterGroup, location_name: "GlobalFilters"))
1423
+ BaselineOverride.add_member(:approval_rules, Shapes::ShapeRef.new(shape: PatchRuleGroup, location_name: "ApprovalRules"))
1424
+ BaselineOverride.add_member(:approved_patches, Shapes::ShapeRef.new(shape: PatchIdList, location_name: "ApprovedPatches"))
1425
+ BaselineOverride.add_member(:approved_patches_compliance_level, Shapes::ShapeRef.new(shape: PatchComplianceLevel, location_name: "ApprovedPatchesComplianceLevel"))
1426
+ BaselineOverride.add_member(:rejected_patches, Shapes::ShapeRef.new(shape: PatchIdList, location_name: "RejectedPatches"))
1427
+ BaselineOverride.add_member(:rejected_patches_action, Shapes::ShapeRef.new(shape: PatchAction, location_name: "RejectedPatchesAction"))
1428
+ BaselineOverride.add_member(:approved_patches_enable_non_security, Shapes::ShapeRef.new(shape: Boolean, location_name: "ApprovedPatchesEnableNonSecurity"))
1429
+ BaselineOverride.add_member(:sources, Shapes::ShapeRef.new(shape: PatchSourceList, location_name: "Sources"))
1430
+ BaselineOverride.struct_class = Types::BaselineOverride
1431
+
1419
1432
  CalendarNameOrARNList.member = Shapes::ShapeRef.new(shape: CalendarNameOrARN)
1420
1433
 
1421
1434
  CancelCommandRequest.add_member(:command_id, Shapes::ShapeRef.new(shape: CommandId, required: true, location_name: "CommandId"))
@@ -1672,6 +1685,7 @@ module Aws::SSM
1672
1685
 
1673
1686
  CreateOpsMetadataRequest.add_member(:resource_id, Shapes::ShapeRef.new(shape: OpsMetadataResourceId, required: true, location_name: "ResourceId"))
1674
1687
  CreateOpsMetadataRequest.add_member(:metadata, Shapes::ShapeRef.new(shape: MetadataMap, location_name: "Metadata"))
1688
+ CreateOpsMetadataRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
1675
1689
  CreateOpsMetadataRequest.struct_class = Types::CreateOpsMetadataRequest
1676
1690
 
1677
1691
  CreateOpsMetadataResult.add_member(:ops_metadata_arn, Shapes::ShapeRef.new(shape: OpsMetadataArn, location_name: "OpsMetadataArn"))
@@ -1878,10 +1892,13 @@ module Aws::SSM
1878
1892
 
1879
1893
  DescribeDocumentPermissionRequest.add_member(:name, Shapes::ShapeRef.new(shape: DocumentName, required: true, location_name: "Name"))
1880
1894
  DescribeDocumentPermissionRequest.add_member(:permission_type, Shapes::ShapeRef.new(shape: DocumentPermissionType, required: true, location_name: "PermissionType"))
1895
+ DescribeDocumentPermissionRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: DocumentPermissionMaxResults, location_name: "MaxResults", metadata: {"box"=>true}))
1896
+ DescribeDocumentPermissionRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
1881
1897
  DescribeDocumentPermissionRequest.struct_class = Types::DescribeDocumentPermissionRequest
1882
1898
 
1883
1899
  DescribeDocumentPermissionResponse.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, location_name: "AccountIds"))
1884
1900
  DescribeDocumentPermissionResponse.add_member(:account_sharing_info_list, Shapes::ShapeRef.new(shape: AccountSharingInfoList, location_name: "AccountSharingInfoList"))
1901
+ DescribeDocumentPermissionResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
1885
1902
  DescribeDocumentPermissionResponse.struct_class = Types::DescribeDocumentPermissionResponse
1886
1903
 
1887
1904
  DescribeDocumentRequest.add_member(:name, Shapes::ShapeRef.new(shape: DocumentARN, required: true, location_name: "Name"))
@@ -2334,6 +2351,7 @@ module Aws::SSM
2334
2351
 
2335
2352
  GetDeployablePatchSnapshotForInstanceRequest.add_member(:instance_id, Shapes::ShapeRef.new(shape: InstanceId, required: true, location_name: "InstanceId"))
2336
2353
  GetDeployablePatchSnapshotForInstanceRequest.add_member(:snapshot_id, Shapes::ShapeRef.new(shape: SnapshotId, required: true, location_name: "SnapshotId"))
2354
+ GetDeployablePatchSnapshotForInstanceRequest.add_member(:baseline_override, Shapes::ShapeRef.new(shape: BaselineOverride, location_name: "BaselineOverride"))
2337
2355
  GetDeployablePatchSnapshotForInstanceRequest.struct_class = Types::GetDeployablePatchSnapshotForInstanceRequest
2338
2356
 
2339
2357
  GetDeployablePatchSnapshotForInstanceResult.add_member(:instance_id, Shapes::ShapeRef.new(shape: InstanceId, location_name: "InstanceId"))
@@ -4842,7 +4860,9 @@ module Aws::SSM
4842
4860
  o.output = Shapes::ShapeRef.new(shape: DescribeDocumentPermissionResponse)
4843
4861
  o.errors << Shapes::ShapeRef.new(shape: InternalServerError)
4844
4862
  o.errors << Shapes::ShapeRef.new(shape: InvalidDocument)
4863
+ o.errors << Shapes::ShapeRef.new(shape: InvalidNextToken)
4845
4864
  o.errors << Shapes::ShapeRef.new(shape: InvalidPermissionType)
4865
+ o.errors << Shapes::ShapeRef.new(shape: InvalidDocumentOperation)
4846
4866
  end)
4847
4867
 
4848
4868
  api.add_operation(:describe_effective_instance_associations, Seahorse::Model::Operation.new.tap do |o|
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -100,7 +100,7 @@ module Aws::SSM
100
100
  # data as a hash:
101
101
  #
102
102
  # {
103
- # resource_type: "Document", # required, accepts Document, ManagedInstance, MaintenanceWindow, Parameter, PatchBaseline, OpsItem
103
+ # resource_type: "Document", # required, accepts Document, ManagedInstance, MaintenanceWindow, Parameter, PatchBaseline, OpsItem, OpsMetadata
104
104
  # resource_id: "ResourceId", # required
105
105
  # tags: [ # required
106
106
  # {
@@ -132,6 +132,15 @@ module Aws::SSM
132
132
  #
133
133
  # PatchBaseline: pb-012345abcde
134
134
  #
135
+ # OpsMetadata object: `ResourceID` for tagging is created from the
136
+ # Amazon Resource Name (ARN) for the object. Specifically,
137
+ # `ResourceID` is created from the strings that come after the word
138
+ # `opsmetadata` in the ARN. For example, an OpsMetadata object with an
139
+ # ARN of
140
+ # `arn:aws:ssm:us-east-2:1234567890:opsmetadata/aws/ssm/MyGroup/appmanager`
141
+ # has a `ResourceID` of either `aws/ssm/MyGroup/appmanager` or
142
+ # `/aws/ssm/MyGroup/appmanager`.
143
+ #
135
144
  # For the Document and Parameter values, use the name of the resource.
136
145
  #
137
146
  # <note markdown="1"> The ManagedInstance type for this API action is only for on-premises
@@ -1219,10 +1228,7 @@ module Aws::SSM
1219
1228
  # }
1220
1229
  #
1221
1230
  # @!attribute [rw] key
1222
- # One or more keys to limit the results. Valid filter keys include the
1223
- # following: DocumentNamePrefix, ExecutionStatus, ExecutionId,
1224
- # ParentExecutionId, CurrentAction, StartTimeBefore, StartTimeAfter,
1225
- # TargetResourceGroup.
1231
+ # One or more keys to limit the results.
1226
1232
  # @return [String]
1227
1233
  #
1228
1234
  # @!attribute [rw] values
@@ -1452,6 +1458,132 @@ module Aws::SSM
1452
1458
  include Aws::Structure
1453
1459
  end
1454
1460
 
1461
+ # Defines the basic information about a patch baseline override.
1462
+ #
1463
+ # @note When making an API call, you may pass BaselineOverride
1464
+ # data as a hash:
1465
+ #
1466
+ # {
1467
+ # operating_system: "WINDOWS", # accepts WINDOWS, AMAZON_LINUX, AMAZON_LINUX_2, UBUNTU, REDHAT_ENTERPRISE_LINUX, SUSE, CENTOS, ORACLE_LINUX, DEBIAN, MACOS
1468
+ # global_filters: {
1469
+ # patch_filters: [ # required
1470
+ # {
1471
+ # key: "ARCH", # required, accepts ARCH, ADVISORY_ID, BUGZILLA_ID, PATCH_SET, PRODUCT, PRODUCT_FAMILY, CLASSIFICATION, CVE_ID, EPOCH, MSRC_SEVERITY, NAME, PATCH_ID, SECTION, PRIORITY, REPOSITORY, RELEASE, SEVERITY, SECURITY, VERSION
1472
+ # values: ["PatchFilterValue"], # required
1473
+ # },
1474
+ # ],
1475
+ # },
1476
+ # approval_rules: {
1477
+ # patch_rules: [ # required
1478
+ # {
1479
+ # patch_filter_group: { # required
1480
+ # patch_filters: [ # required
1481
+ # {
1482
+ # key: "ARCH", # required, accepts ARCH, ADVISORY_ID, BUGZILLA_ID, PATCH_SET, PRODUCT, PRODUCT_FAMILY, CLASSIFICATION, CVE_ID, EPOCH, MSRC_SEVERITY, NAME, PATCH_ID, SECTION, PRIORITY, REPOSITORY, RELEASE, SEVERITY, SECURITY, VERSION
1483
+ # values: ["PatchFilterValue"], # required
1484
+ # },
1485
+ # ],
1486
+ # },
1487
+ # compliance_level: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, UNSPECIFIED
1488
+ # approve_after_days: 1,
1489
+ # approve_until_date: "PatchStringDateTime",
1490
+ # enable_non_security: false,
1491
+ # },
1492
+ # ],
1493
+ # },
1494
+ # approved_patches: ["PatchId"],
1495
+ # approved_patches_compliance_level: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, UNSPECIFIED
1496
+ # rejected_patches: ["PatchId"],
1497
+ # rejected_patches_action: "ALLOW_AS_DEPENDENCY", # accepts ALLOW_AS_DEPENDENCY, BLOCK
1498
+ # approved_patches_enable_non_security: false,
1499
+ # sources: [
1500
+ # {
1501
+ # name: "PatchSourceName", # required
1502
+ # products: ["PatchSourceProduct"], # required
1503
+ # configuration: "PatchSourceConfiguration", # required
1504
+ # },
1505
+ # ],
1506
+ # }
1507
+ #
1508
+ # @!attribute [rw] operating_system
1509
+ # The operating system rule used by the patch baseline override.
1510
+ # @return [String]
1511
+ #
1512
+ # @!attribute [rw] global_filters
1513
+ # A set of patch filters, typically used for approval rules.
1514
+ # @return [Types::PatchFilterGroup]
1515
+ #
1516
+ # @!attribute [rw] approval_rules
1517
+ # A set of rules defining the approval rules for a patch baseline.
1518
+ # @return [Types::PatchRuleGroup]
1519
+ #
1520
+ # @!attribute [rw] approved_patches
1521
+ # A list of explicitly approved patches for the baseline.
1522
+ #
1523
+ # For information about accepted formats for lists of approved patches
1524
+ # and rejected patches, see [About package name formats for approved
1525
+ # and rejected patch lists][1] in the *AWS Systems Manager User
1526
+ # Guide*.
1527
+ #
1528
+ #
1529
+ #
1530
+ # [1]: https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html
1531
+ # @return [Array<String>]
1532
+ #
1533
+ # @!attribute [rw] approved_patches_compliance_level
1534
+ # Defines the compliance level for approved patches. When an approved
1535
+ # patch is reported as missing, this value describes the severity of
1536
+ # the compliance violation.
1537
+ # @return [String]
1538
+ #
1539
+ # @!attribute [rw] rejected_patches
1540
+ # A list of explicitly rejected patches for the baseline.
1541
+ #
1542
+ # For information about accepted formats for lists of approved patches
1543
+ # and rejected patches, see [About package name formats for approved
1544
+ # and rejected patch lists][1] in the *AWS Systems Manager User
1545
+ # Guide*.
1546
+ #
1547
+ #
1548
+ #
1549
+ # [1]: https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html
1550
+ # @return [Array<String>]
1551
+ #
1552
+ # @!attribute [rw] rejected_patches_action
1553
+ # The action for Patch Manager to take on patches included in the
1554
+ # RejectedPackages list. A patch can be allowed only if it is a
1555
+ # dependency of another package, or blocked entirely along with
1556
+ # packages that include it as a dependency.
1557
+ # @return [String]
1558
+ #
1559
+ # @!attribute [rw] approved_patches_enable_non_security
1560
+ # Indicates whether the list of approved patches includes non-security
1561
+ # updates that should be applied to the instances. The default value
1562
+ # is 'false'. Applies to Linux instances only.
1563
+ # @return [Boolean]
1564
+ #
1565
+ # @!attribute [rw] sources
1566
+ # Information about the patches to use to update the instances,
1567
+ # including target operating systems and source repositories. Applies
1568
+ # to Linux instances only.
1569
+ # @return [Array<Types::PatchSource>]
1570
+ #
1571
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/BaselineOverride AWS API Documentation
1572
+ #
1573
+ class BaselineOverride < Struct.new(
1574
+ :operating_system,
1575
+ :global_filters,
1576
+ :approval_rules,
1577
+ :approved_patches,
1578
+ :approved_patches_compliance_level,
1579
+ :rejected_patches,
1580
+ :rejected_patches_action,
1581
+ :approved_patches_enable_non_security,
1582
+ :sources)
1583
+ SENSITIVE = []
1584
+ include Aws::Structure
1585
+ end
1586
+
1455
1587
  # @note When making an API call, you may pass CancelCommandRequest
1456
1588
  # data as a hash:
1457
1589
  #
@@ -3509,6 +3641,12 @@ module Aws::SSM
3509
3641
  # value: "MetadataValueString",
3510
3642
  # },
3511
3643
  # },
3644
+ # tags: [
3645
+ # {
3646
+ # key: "TagKey", # required
3647
+ # value: "TagValue", # required
3648
+ # },
3649
+ # ],
3512
3650
  # }
3513
3651
  #
3514
3652
  # @!attribute [rw] resource_id
@@ -3519,11 +3657,25 @@ module Aws::SSM
3519
3657
  # Metadata for a new Application Manager application.
3520
3658
  # @return [Hash<String,Types::MetadataValue>]
3521
3659
  #
3660
+ # @!attribute [rw] tags
3661
+ # Optional metadata that you assign to a resource. You can specify a
3662
+ # maximum of five tags for an OpsMetadata object. Tags enable you to
3663
+ # categorize a resource in different ways, such as by purpose, owner,
3664
+ # or environment. For example, you might want to tag an OpsMetadata
3665
+ # object to identify an environment or target AWS Region. In this
3666
+ # case, you could specify the following key-value pairs:
3667
+ #
3668
+ # * `Key=Environment,Value=Production`
3669
+ #
3670
+ # * `Key=Region,Value=us-east-2`
3671
+ # @return [Array<Types::Tag>]
3672
+ #
3522
3673
  # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/CreateOpsMetadataRequest AWS API Documentation
3523
3674
  #
3524
3675
  class CreateOpsMetadataRequest < Struct.new(
3525
3676
  :resource_id,
3526
- :metadata)
3677
+ :metadata,
3678
+ :tags)
3527
3679
  SENSITIVE = []
3528
3680
  include Aws::Structure
3529
3681
  end
@@ -3626,8 +3778,8 @@ module Aws::SSM
3626
3778
  # @return [Array<String>]
3627
3779
  #
3628
3780
  # @!attribute [rw] approved_patches_compliance_level
3629
- # Defines the compliance level for approved patches. This means that
3630
- # if an approved patch is reported as missing, this is the severity of
3781
+ # Defines the compliance level for approved patches. When an approved
3782
+ # patch is reported as missing, this value describes the severity of
3631
3783
  # the compliance violation. The default value is UNSPECIFIED.
3632
3784
  # @return [String]
3633
3785
  #
@@ -4822,6 +4974,8 @@ module Aws::SSM
4822
4974
  # {
4823
4975
  # name: "DocumentName", # required
4824
4976
  # permission_type: "Share", # required, accepts Share
4977
+ # max_results: 1,
4978
+ # next_token: "NextToken",
4825
4979
  # }
4826
4980
  #
4827
4981
  # @!attribute [rw] name
@@ -4833,11 +4987,24 @@ module Aws::SSM
4833
4987
  # *Share*.
4834
4988
  # @return [String]
4835
4989
  #
4990
+ # @!attribute [rw] max_results
4991
+ # The maximum number of items to return for this call. The call also
4992
+ # returns a token that you can specify in a subsequent call to get the
4993
+ # next set of results.
4994
+ # @return [Integer]
4995
+ #
4996
+ # @!attribute [rw] next_token
4997
+ # The token for the next set of items to return. (You received this
4998
+ # token from a previous call.)
4999
+ # @return [String]
5000
+ #
4836
5001
  # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DescribeDocumentPermissionRequest AWS API Documentation
4837
5002
  #
4838
5003
  class DescribeDocumentPermissionRequest < Struct.new(
4839
5004
  :name,
4840
- :permission_type)
5005
+ :permission_type,
5006
+ :max_results,
5007
+ :next_token)
4841
5008
  SENSITIVE = []
4842
5009
  include Aws::Structure
4843
5010
  end
@@ -4852,11 +5019,17 @@ module Aws::SSM
4852
5019
  # version shared with each account.
4853
5020
  # @return [Array<Types::AccountSharingInfo>]
4854
5021
  #
5022
+ # @!attribute [rw] next_token
5023
+ # The token for the next set of items to return. Use this token to get
5024
+ # the next set of results.
5025
+ # @return [String]
5026
+ #
4855
5027
  # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DescribeDocumentPermissionResponse AWS API Documentation
4856
5028
  #
4857
5029
  class DescribeDocumentPermissionResponse < Struct.new(
4858
5030
  :account_ids,
4859
- :account_sharing_info_list)
5031
+ :account_sharing_info_list,
5032
+ :next_token)
4860
5033
  SENSITIVE = []
4861
5034
  include Aws::Structure
4862
5035
  end
@@ -7460,12 +7633,14 @@ module Aws::SSM
7460
7633
  # @return [String]
7461
7634
  #
7462
7635
  # @!attribute [rw] plugin_name
7463
- # (Optional) The name of the plugin for which you want detailed
7464
- # results. If the document contains only one plugin, the name can be
7465
- # omitted and the details will be returned.
7636
+ # The name of the plugin for which you want detailed results. If the
7637
+ # document contains only one plugin, you can omit the name and details
7638
+ # for that plugin are returned. If the document contains more than one
7639
+ # plugin, you must specify the name of the plugin for which you want
7640
+ # to view details.
7466
7641
  #
7467
- # Plugin names are also referred to as step names in Systems Manager
7468
- # documents.
7642
+ # Plugin names are also referred to as *step names* in Systems Manager
7643
+ # documents. For example, `aws:RunShellScript` is a plugin.
7469
7644
  # @return [String]
7470
7645
  #
7471
7646
  # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/GetCommandInvocationRequest AWS API Documentation
@@ -7502,8 +7677,8 @@ module Aws::SSM
7502
7677
  # @return [String]
7503
7678
  #
7504
7679
  # @!attribute [rw] plugin_name
7505
- # The name of the plugin for which you want detailed results. For
7506
- # example, aws:RunShellScript is a plugin.
7680
+ # The name of the plugin, or *step name*, for which details are
7681
+ # reported. For example, `aws:RunShellScript` is a plugin.
7507
7682
  # @return [String]
7508
7683
  #
7509
7684
  # @!attribute [rw] response_code
@@ -7735,6 +7910,47 @@ module Aws::SSM
7735
7910
  # {
7736
7911
  # instance_id: "InstanceId", # required
7737
7912
  # snapshot_id: "SnapshotId", # required
7913
+ # baseline_override: {
7914
+ # operating_system: "WINDOWS", # accepts WINDOWS, AMAZON_LINUX, AMAZON_LINUX_2, UBUNTU, REDHAT_ENTERPRISE_LINUX, SUSE, CENTOS, ORACLE_LINUX, DEBIAN, MACOS
7915
+ # global_filters: {
7916
+ # patch_filters: [ # required
7917
+ # {
7918
+ # key: "ARCH", # required, accepts ARCH, ADVISORY_ID, BUGZILLA_ID, PATCH_SET, PRODUCT, PRODUCT_FAMILY, CLASSIFICATION, CVE_ID, EPOCH, MSRC_SEVERITY, NAME, PATCH_ID, SECTION, PRIORITY, REPOSITORY, RELEASE, SEVERITY, SECURITY, VERSION
7919
+ # values: ["PatchFilterValue"], # required
7920
+ # },
7921
+ # ],
7922
+ # },
7923
+ # approval_rules: {
7924
+ # patch_rules: [ # required
7925
+ # {
7926
+ # patch_filter_group: { # required
7927
+ # patch_filters: [ # required
7928
+ # {
7929
+ # key: "ARCH", # required, accepts ARCH, ADVISORY_ID, BUGZILLA_ID, PATCH_SET, PRODUCT, PRODUCT_FAMILY, CLASSIFICATION, CVE_ID, EPOCH, MSRC_SEVERITY, NAME, PATCH_ID, SECTION, PRIORITY, REPOSITORY, RELEASE, SEVERITY, SECURITY, VERSION
7930
+ # values: ["PatchFilterValue"], # required
7931
+ # },
7932
+ # ],
7933
+ # },
7934
+ # compliance_level: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, UNSPECIFIED
7935
+ # approve_after_days: 1,
7936
+ # approve_until_date: "PatchStringDateTime",
7937
+ # enable_non_security: false,
7938
+ # },
7939
+ # ],
7940
+ # },
7941
+ # approved_patches: ["PatchId"],
7942
+ # approved_patches_compliance_level: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, UNSPECIFIED
7943
+ # rejected_patches: ["PatchId"],
7944
+ # rejected_patches_action: "ALLOW_AS_DEPENDENCY", # accepts ALLOW_AS_DEPENDENCY, BLOCK
7945
+ # approved_patches_enable_non_security: false,
7946
+ # sources: [
7947
+ # {
7948
+ # name: "PatchSourceName", # required
7949
+ # products: ["PatchSourceProduct"], # required
7950
+ # configuration: "PatchSourceConfiguration", # required
7951
+ # },
7952
+ # ],
7953
+ # },
7738
7954
  # }
7739
7955
  #
7740
7956
  # @!attribute [rw] instance_id
@@ -7746,11 +7962,16 @@ module Aws::SSM
7746
7962
  # The user-defined snapshot ID.
7747
7963
  # @return [String]
7748
7964
  #
7965
+ # @!attribute [rw] baseline_override
7966
+ # Defines the basic information about a patch baseline override.
7967
+ # @return [Types::BaselineOverride]
7968
+ #
7749
7969
  # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/GetDeployablePatchSnapshotForInstanceRequest AWS API Documentation
7750
7970
  #
7751
7971
  class GetDeployablePatchSnapshotForInstanceRequest < Struct.new(
7752
7972
  :instance_id,
7753
- :snapshot_id)
7973
+ :snapshot_id,
7974
+ :baseline_override)
7754
7975
  SENSITIVE = []
7755
7976
  include Aws::Structure
7756
7977
  end
@@ -8917,9 +9138,11 @@ module Aws::SSM
8917
9138
  #
8918
9139
  # @!attribute [rw] path
8919
9140
  # The hierarchy for the parameter. Hierarchies start with a forward
8920
- # slash (/) and end with the parameter name. A parameter name
8921
- # hierarchy can have a maximum of 15 levels. Here is an example of a
8922
- # hierarchy: `/Finance/Prod/IAD/WinServ2016/license33`
9141
+ # slash (/). The hierachy is the parameter name except the last part
9142
+ # of the parameter. For the API call to succeeed, the last part of the
9143
+ # parameter name cannot be in the path. A parameter name hierarchy can
9144
+ # have a maximum of 15 levels. Here is an example of a hierarchy:
9145
+ # `/Finance/Prod/IAD/WinServ2016/license33 `
8923
9146
  # @return [String]
8924
9147
  #
8925
9148
  # @!attribute [rw] recursive
@@ -9207,6 +9430,8 @@ module Aws::SSM
9207
9430
  #
9208
9431
  # @!attribute [rw] setting_id
9209
9432
  # The ID of the service setting to get. The setting ID can be
9433
+ # `/ssm/automation/customer-script-log-destination`,
9434
+ # `/ssm/automation/customer-script-log-group-name`,
9210
9435
  # `/ssm/parameter-store/default-parameter-tier`,
9211
9436
  # `/ssm/parameter-store/high-throughput-enabled`, or
9212
9437
  # `/ssm/managed-instance/activation-tier`.
@@ -9360,6 +9585,14 @@ module Aws::SSM
9360
9585
 
9361
9586
  # An S3 bucket where you want to store the results of this request.
9362
9587
  #
9588
+ # For the minimal permissions required to enable Amazon S3 output for an
9589
+ # association, see [Creating associations][1] in the *Systems Manager
9590
+ # User Guide*.
9591
+ #
9592
+ #
9593
+ #
9594
+ # [1]: https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-state-assoc.html
9595
+ #
9363
9596
  # @note When making an API call, you may pass InstanceAssociationOutputLocation
9364
9597
  # data as a hash:
9365
9598
  #
@@ -9664,6 +9897,11 @@ module Aws::SSM
9664
9897
  #
9665
9898
  # "InstanceIds"\|"AgentVersion"\|"PingStatus"\|"PlatformTypes"\|"ActivationIds"\|"IamRole"\|"ResourceType"\|"AssociationStatus"\|"Tag
9666
9899
  # Key"
9900
+ #
9901
+ # `Tag key` is not a valid filter. You must specify either `tag-key`
9902
+ # or `tag:keyname` and a string. Here are some valid examples:
9903
+ # tag-key, tag:123, tag:al!, tag:Windows. Here are some *invalid*
9904
+ # examples: tag-keys, Tag Key, tag:, tagKey, abc:keyname.
9667
9905
  # @return [String]
9668
9906
  #
9669
9907
  # @!attribute [rw] values
@@ -11611,13 +11849,19 @@ module Aws::SSM
11611
11849
  # @return [Array<Types::DocumentFilter>]
11612
11850
  #
11613
11851
  # @!attribute [rw] filters
11614
- # One or more DocumentKeyValuesFilter objects. Use a filter to return
11615
- # a more specific list of results. For keys, you can specify one or
11616
- # more key-value pair tags that have been applied to a document. Other
11617
- # valid keys include `Owner`, `Name`, `PlatformTypes`, `DocumentType`,
11618
- # and `TargetType`. For example, to return documents you own use
11619
- # `Key=Owner,Values=Self`. To specify a custom key-value pair, use the
11620
- # format `Key=tag:tagName,Values=valueName`.
11852
+ # One or more `DocumentKeyValuesFilter` objects. Use a filter to
11853
+ # return a more specific list of results. For keys, you can specify
11854
+ # one or more key-value pair tags that have been applied to a
11855
+ # document. Other valid keys include `Owner`, `Name`, `PlatformTypes`,
11856
+ # `DocumentType`, and `TargetType`. For example, to return documents
11857
+ # you own use `Key=Owner,Values=Self`. To specify a custom key-value
11858
+ # pair, use the format `Key=tag:tagName,Values=valueName`.
11859
+ #
11860
+ # <note markdown="1"> This API action only supports filtering documents by using a single
11861
+ # tag key and one or more tag values. For example:
11862
+ # `Key=tag:tagName,Values=valueName1,valueName2`
11863
+ #
11864
+ # </note>
11621
11865
  # @return [Array<Types::DocumentKeyValuesFilter>]
11622
11866
  #
11623
11867
  # @!attribute [rw] max_results
@@ -11993,7 +12237,7 @@ module Aws::SSM
11993
12237
  # data as a hash:
11994
12238
  #
11995
12239
  # {
11996
- # resource_type: "Document", # required, accepts Document, ManagedInstance, MaintenanceWindow, Parameter, PatchBaseline, OpsItem
12240
+ # resource_type: "Document", # required, accepts Document, ManagedInstance, MaintenanceWindow, Parameter, PatchBaseline, OpsItem, OpsMetadata
11997
12241
  # resource_id: "ResourceId", # required
11998
12242
  # }
11999
12243
  #
@@ -14782,13 +15026,14 @@ module Aws::SSM
14782
15026
  # The number of days after the release date of each patch matched by
14783
15027
  # the rule that the patch is marked as approved in the patch baseline.
14784
15028
  # For example, a value of `7` means that patches are approved seven
14785
- # days after they are released. Not supported on Ubuntu Server.
15029
+ # days after they are released. Not supported on Debian Server or
15030
+ # Ubuntu Server.
14786
15031
  # @return [Integer]
14787
15032
  #
14788
15033
  # @!attribute [rw] approve_until_date
14789
15034
  # The cutoff date for auto approval of released patches. Any patches
14790
15035
  # released on or before this date are installed automatically. Not
14791
- # supported on Ubuntu Server.
15036
+ # supported on Debian Server or Ubuntu Server.
14792
15037
  #
14793
15038
  # Enter dates in the format `YYYY-MM-DD`. For example, `2020-12-31`.
14794
15039
  # @return [String]
@@ -14877,11 +15122,20 @@ module Aws::SSM
14877
15122
  #
14878
15123
  # `[main]`
14879
15124
  #
14880
- # `cachedir=/var/cache/yum/$basesearch$releasever`
15125
+ # `name=MyCustomRepository`
14881
15126
  #
14882
- # `keepcache=0`
15127
+ # `baseurl=https://my-custom-repository`
14883
15128
  #
14884
- # `debuglevel=2`
15129
+ # `enabled=1`
15130
+ #
15131
+ # <note markdown="1"> For information about other options available for your yum
15132
+ # repository configuration, see [dnf.conf(5)][1].
15133
+ #
15134
+ # </note>
15135
+ #
15136
+ #
15137
+ #
15138
+ # [1]: https://man7.org/linux/man-pages/man5/dnf.conf.5.html
14885
15139
  # @return [String]
14886
15140
  #
14887
15141
  # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/PatchSource AWS API Documentation
@@ -15163,7 +15417,11 @@ module Aws::SSM
15163
15417
  # (case-insensitive).
15164
15418
  #
15165
15419
  # * Parameter names can include only the following symbols and
15166
- # letters: `a-zA-Z0-9_.-/`
15420
+ # letters: `a-zA-Z0-9_.-`
15421
+ #
15422
+ # In addition, the slash character ( / ) is used to delineate
15423
+ # hierarchies in parameter names. For example:
15424
+ # `/Dev/Production/East/Project-ABC/MyParameter`
15167
15425
  #
15168
15426
  # * A parameter name can't include spaces.
15169
15427
  #
@@ -15171,8 +15429,8 @@ module Aws::SSM
15171
15429
  # levels.
15172
15430
  #
15173
15431
  # For additional information about valid values for parameter names,
15174
- # see [About requirements and constraints for parameter names][1] in
15175
- # the *AWS Systems Manager User Guide*.
15432
+ # see [Creating Systems Manager parameters][1] in the *AWS Systems
15433
+ # Manager User Guide*.
15176
15434
  #
15177
15435
  # <note markdown="1"> The maximum length constraint listed below includes capacity for
15178
15436
  # additional system attributes that are not part of the name. The
@@ -15186,7 +15444,7 @@ module Aws::SSM
15186
15444
  #
15187
15445
  #
15188
15446
  #
15189
- # [1]: https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html
15447
+ # [1]: https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-su-create.html
15190
15448
  # @return [String]
15191
15449
  #
15192
15450
  # @!attribute [rw] description
@@ -15552,6 +15810,14 @@ module Aws::SSM
15552
15810
  # The targets to register with the maintenance window. In other words,
15553
15811
  # the instances to run commands on when the maintenance window runs.
15554
15812
  #
15813
+ # <note markdown="1"> If a single maintenance window task is registered with multiple
15814
+ # targets, its task invocations occur sequentially and not in
15815
+ # parallel. If your task must run on multiple targets at the same
15816
+ # time, register a task for each target individually and assign each
15817
+ # task the same priority level.
15818
+ #
15819
+ # </note>
15820
+ #
15555
15821
  # You can specify targets using instance IDs, resource group names, or
15556
15822
  # tags that have been applied to instances.
15557
15823
  #
@@ -15722,7 +15988,7 @@ module Aws::SSM
15722
15988
  # Command-type tasks. Depending on the task, targets are optional for
15723
15989
  # other maintenance window task types (Automation, AWS Lambda, and AWS
15724
15990
  # Step Functions). For more information about running tasks that do
15725
- # not specify targets, see see [Registering maintenance window tasks
15991
+ # not specify targets, see [Registering maintenance window tasks
15726
15992
  # without targets][1] in the *AWS Systems Manager User Guide*.
15727
15993
  #
15728
15994
  # </note>
@@ -15907,7 +16173,7 @@ module Aws::SSM
15907
16173
  # data as a hash:
15908
16174
  #
15909
16175
  # {
15910
- # resource_type: "Document", # required, accepts Document, ManagedInstance, MaintenanceWindow, Parameter, PatchBaseline, OpsItem
16176
+ # resource_type: "Document", # required, accepts Document, ManagedInstance, MaintenanceWindow, Parameter, PatchBaseline, OpsItem, OpsMetadata
15911
16177
  # resource_id: "ResourceId", # required
15912
16178
  # tag_keys: ["TagKey"], # required
15913
16179
  # }
@@ -15932,6 +16198,15 @@ module Aws::SSM
15932
16198
  #
15933
16199
  # PatchBaseline: pb-012345abcde
15934
16200
  #
16201
+ # OpsMetadata object: `ResourceID` for tagging is created from the
16202
+ # Amazon Resource Name (ARN) for the object. Specifically,
16203
+ # `ResourceID` is created from the strings that come after the word
16204
+ # `opsmetadata` in the ARN. For example, an OpsMetadata object with an
16205
+ # ARN of
16206
+ # `arn:aws:ssm:us-east-2:1234567890:opsmetadata/aws/ssm/MyGroup/appmanager`
16207
+ # has a `ResourceID` of either `aws/ssm/MyGroup/appmanager` or
16208
+ # `/aws/ssm/MyGroup/appmanager`.
16209
+ #
15935
16210
  # For the Document and Parameter values, use the name of the resource.
15936
16211
  #
15937
16212
  # <note markdown="1"> The ManagedInstance type for this API action is only for on-premises
@@ -15970,7 +16245,9 @@ module Aws::SSM
15970
16245
  #
15971
16246
  # @!attribute [rw] setting_id
15972
16247
  # The Amazon Resource Name (ARN) of the service setting to reset. The
15973
- # setting ID can be `/ssm/parameter-store/default-parameter-tier`,
16248
+ # setting ID can be `/ssm/automation/customer-script-log-destination`,
16249
+ # `/ssm/automation/customer-script-log-group-name`,
16250
+ # `/ssm/parameter-store/default-parameter-tier`,
15974
16251
  # `/ssm/parameter-store/high-throughput-enabled`, or
15975
16252
  # `/ssm/managed-instance/activation-tier`. For example,
15976
16253
  # `arn:aws:ssm:us-east-1:111122223333:servicesetting/ssm/parameter-store/high-throughput-enabled`.
@@ -16908,8 +17185,15 @@ module Aws::SSM
16908
17185
  # @return [Array<Types::Target>]
16909
17186
  #
16910
17187
  # @!attribute [rw] document_name
16911
- # Required. The name of the Systems Manager document to run. This can
16912
- # be a public document or a custom document.
17188
+ # The name of the Systems Manager document to run. This can be a
17189
+ # public document or a custom document. To run a shared document
17190
+ # belonging to another account, specify the document ARN. For more
17191
+ # information about how to use shared documents, see [Using shared SSM
17192
+ # documents][1] in the *AWS Systems Manager User Guide*.
17193
+ #
17194
+ #
17195
+ #
17196
+ # [1]: https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-using-shared.html
16913
17197
  # @return [String]
16914
17198
  #
16915
17199
  # @!attribute [rw] document_version
@@ -17387,7 +17671,15 @@ module Aws::SSM
17387
17671
  # }
17388
17672
  #
17389
17673
  # @!attribute [rw] document_name
17390
- # The name of the Automation document to use for this execution.
17674
+ # The name of the Systems Manager document to run. This can be a
17675
+ # public document or a custom document. To run a shared document
17676
+ # belonging to another account, specify the document ARN. For more
17677
+ # information about how to use shared documents, see [Using shared SSM
17678
+ # documents][1] in the *AWS Systems Manager User Guide*.
17679
+ #
17680
+ #
17681
+ #
17682
+ # [1]: https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-using-shared.html
17391
17683
  # @return [String]
17392
17684
  #
17393
17685
  # @!attribute [rw] document_version
@@ -17971,7 +18263,7 @@ module Aws::SSM
17971
18263
  # Command-type tasks. Depending on the task, targets are optional for
17972
18264
  # other maintenance window task types (Automation, AWS Lambda, and AWS
17973
18265
  # Step Functions). For more information about running tasks that do not
17974
- # specify targets, see see [Registering maintenance window tasks without
18266
+ # specify targets, see [Registering maintenance window tasks without
17975
18267
  # targets][1] in the *AWS Systems Manager User Guide*.
17976
18268
  #
17977
18269
  # </note>
@@ -19154,7 +19446,7 @@ module Aws::SSM
19154
19446
  # Command-type tasks. Depending on the task, targets are optional for
19155
19447
  # other maintenance window task types (Automation, AWS Lambda, and AWS
19156
19448
  # Step Functions). For more information about running tasks that do
19157
- # not specify targets, see see [Registering maintenance window tasks
19449
+ # not specify targets, see [Registering maintenance window tasks
19158
19450
  # without targets][1] in the *AWS Systems Manager User Guide*.
19159
19451
  #
19160
19452
  # </note>
@@ -19947,6 +20239,10 @@ module Aws::SSM
19947
20239
  # `arn:aws:ssm:us-east-1:111122223333:servicesetting/ssm/parameter-store/high-throughput-enabled`.
19948
20240
  # The setting ID can be one of the following.
19949
20241
  #
20242
+ # * `/ssm/automation/customer-script-log-destination`
20243
+ #
20244
+ # * `/ssm/automation/customer-script-log-group-name`
20245
+ #
19950
20246
  # * `/ssm/parameter-store/default-parameter-tier`
19951
20247
  #
19952
20248
  # * `/ssm/parameter-store/high-throughput-enabled`
@@ -19968,6 +20264,12 @@ module Aws::SSM
19968
20264
  # For the `/ssm/parameter-store/high-throughput-enabled`, and
19969
20265
  # `/ssm/managed-instance/activation-tier` setting IDs, the setting
19970
20266
  # value can be true or false.
20267
+ #
20268
+ # For the `/ssm/automation/customer-script-log-destination` setting
20269
+ # ID, the setting value can be CloudWatch.
20270
+ #
20271
+ # For the `/ssm/automation/customer-script-log-group-name` setting ID,
20272
+ # the setting value can be the name of a CloudWatch Logs log group.
19971
20273
  # @return [String]
19972
20274
  #
19973
20275
  # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/UpdateServiceSettingRequest AWS API Documentation