npm - @aws-sdk/client-ssm - Versions diffs - 3.624.0 → 3.629.0 - Mend

@aws-sdk/client-ssm 3.624.0 → 3.629.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist-types/commands/DescribeInstanceInformationCommand.d.ts CHANGED Viewed

@@ -34,8 +34,9 @@ declare const DescribeInstanceInformationCommand_base: {
  *    nodes. If you don't specify node IDs, it returns information for all your managed nodes. If you
  *    specify a node ID that isn't valid or a node that you don't own, you receive an error.</p>
  *          <note>
- *             <p>The <code>IamRole</code> field returned for this API operation is the Identity and Access Management (IAM) role assigned to on-premises managed nodes. This operation does not
- *     return the IAM role for EC2 instances.</p>
+ *             <p>The <code>IamRole</code> field returned for this API operation is the role assigned to an
+ *     Amazon EC2 instance configured with a Systems Manager Quick Setup host management configuration or
+ *     the role assigned to an on-premises managed node.</p>
  *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/DescribeInstancePropertiesCommand.d.ts CHANGED Viewed

@@ -27,7 +27,8 @@ declare const DescribeInstancePropertiesCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>An API operation used by the Systems Manager console to display information about Systems Manager managed nodes.</p>
+ * <p>An API operation used by the Systems Manager console to display information about Systems Manager managed
+ *    nodes.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DescribePatchPropertiesCommand.d.ts CHANGED Viewed

@@ -45,6 +45,12 @@ declare const DescribePatchPropertiesCommand_base: {
  *        <code>SEVERITY</code>
  *                </p>
  *             </dd>
+ *             <dt>AMAZON_LINUX_2023</dt>
+ *             <dd>
+ *                <p>Valid properties: <code>PRODUCT</code> | <code>CLASSIFICATION</code> |
+ *        <code>SEVERITY</code>
+ *                </p>
+ *             </dd>
  *             <dt>CENTOS</dt>
  *             <dd>
  *                <p>Valid properties: <code>PRODUCT</code> | <code>CLASSIFICATION</code> |

package/dist-types/commands/GetCommandInvocationCommand.d.ts CHANGED Viewed

@@ -27,7 +27,12 @@ declare const GetCommandInvocationCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Returns detailed information about command execution for an invocation or plugin.</p>
+ * <p>Returns detailed information about command execution for an invocation or plugin. The Run
+ *    Command API follows an eventual consistency model, due to the distributed nature of the system
+ *    supporting the API. This means that the result of an API command you run that affects your
+ *    resources might not be immediately visible to all subsequent commands you run. You should keep
+ *    this in mind when you carry out an API command that immediately follows a previous API
+ *    command.</p>
  *          <p>
  *             <code>GetCommandInvocation</code> only gives the execution status of a plugin in a document.
  *    To get the command execution status on a specific managed node, use <a>ListCommandInvocations</a>. To get the command execution status across managed nodes,

package/dist-types/models/models_0.d.ts CHANGED Viewed

@@ -3041,16 +3041,25 @@ export interface PatchRule {
     /**
      * <p>The number of days after the release date of each patch matched by the rule that the patch
      *    is marked as approved in the patch baseline. For example, a value of <code>7</code> means that
-     *    patches are approved seven days after they are released. Not supported on Debian Server or Ubuntu
-     *    Server.</p>
+     *    patches are approved seven days after they are released.</p>
+     *          <note>
+     *             <p>This parameter is marked as not required, but your request must include a value
+     *     for either <code>ApproveAfterDays</code> or <code>ApproveUntilDate</code>.</p>
+     *          </note>
+     *          <p> Not supported for Debian Server or Ubuntu Server.</p>
      * @public
      */
     ApproveAfterDays?: number;
     /**
      * <p>The cutoff date for auto approval of released patches. Any patches released on or before
-     *    this date are installed automatically. Not supported on Debian Server or Ubuntu Server.</p>
+     *    this date are installed automatically.</p>
      *          <p>Enter dates in the format <code>YYYY-MM-DD</code>. For example,
      *    <code>2021-12-31</code>.</p>
+     *          <note>
+     *             <p>This parameter is marked as not required, but your request must include a value
+     *     for either <code>ApproveUntilDate</code> or <code>ApproveAfterDays</code>.</p>
+     *          </note>
+     *          <p>Not supported for Debian Server or Ubuntu Server.</p>
      * @public
      */
     ApproveUntilDate?: string;
@@ -3208,26 +3217,31 @@ export interface CreatePatchBaselineRequest {
     /**
      * <p>The action for Patch Manager to take on patches included in the
      *     <code>RejectedPackages</code> list.</p>
-     *          <ul>
-     *             <li>
+     *          <dl>
+     *             <dt>ALLOW_AS_DEPENDENCY</dt>
+     *             <dd>
      *                <p>
-     *                   <b>
-     *                      <code>ALLOW_AS_DEPENDENCY</code>
-     *                   </b>: A package in the
-     *       <code>Rejected</code> patches list is installed only if it is a dependency of another package.
-     *      It is considered compliant with the patch baseline, and its status is reported as
-     *       <code>InstalledOther</code>. This is the default action if no option is specified.</p>
-     *             </li>
-     *             <li>
+     *                   <b>Linux and macOS</b>: A package in the rejected patches list
+     *       is installed only if it is a dependency of another package. It is considered compliant with
+     *       the patch baseline, and its status is reported as <code>INSTALLED_OTHER</code>. This is the
+     *       default action if no option is specified.</p>
      *                <p>
-     *                   <b>BLOCK</b>: Packages in the <b>Rejected
-     *       patches</b> list, and packages that include them as dependencies, aren't installed by
-     *      Patch Manager under any circumstances. If a package was installed before it was added to the
-     *       <b>Rejected patches</b> list, or is installed outside of Patch
-     *      Manager afterward, it's considered noncompliant with the patch baseline and its status is
-     *      reported as <i>InstalledRejected</i>.</p>
-     *             </li>
-     *          </ul>
+     *                   <b>Windows Server</b>: Windows Server doesn't support the
+     *       concept of package dependencies. If a package in the rejected patches list and already
+     *       installed on the node, its status is reported as <code>INSTALLED_OTHER</code>. Any package not
+     *       already installed on the node is skipped. This is the default action if no option is
+     *       specified.</p>
+     *             </dd>
+     *             <dt>BLOCK</dt>
+     *             <dd>
+     *                <p>
+     *                   <b>All OSs</b>: Packages in the rejected patches list, and
+     *       packages that include them as dependencies, aren't installed by Patch Manager under any
+     *       circumstances. If a package was installed before it was added to the rejected patches list, or
+     *       is installed outside of Patch Manager afterward, it's considered noncompliant with the patch
+     *       baseline and its status is reported as <code>INSTALLED_REJECTED</code>.</p>
+     *             </dd>
+     *          </dl>
      * @public
      */
     RejectedPatchesAction?: PatchAction;
@@ -6422,10 +6436,15 @@ export interface InstanceInformation {
      */
     ActivationId?: string;
     /**
-     * <p>The Identity and Access Management (IAM) role assigned to the on-premises Systems Manager
-     *    managed node. This call doesn't return the IAM role for Amazon Elastic Compute Cloud
-     *     (Amazon EC2) instances. To retrieve the IAM role for an EC2 instance, use
-     *    the Amazon EC2 <code>DescribeInstances</code> operation. For information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html">DescribeInstances</a> in the <i>Amazon EC2 API Reference</i> or <a href="https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html">describe-instances</a> in the <i>Amazon Web Services CLI Command Reference</i>.</p>
+     * <p>The role assigned to an Amazon EC2 instance configured with a Systems Manager
+     *    Quick Setup host management configuration or the role assigned to an on-premises managed
+     *    node.</p>
+     *          <p> This call doesn't return the IAM role for <i>unmanaged</i>
+     *    Amazon EC2 instances (instances not configured for Systems Manager). To retrieve the
+     *    role for an unmanaged instance, use the Amazon EC2 <code>DescribeInstances</code> operation. For
+     *    information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html">DescribeInstances</a> in the
+     *     <i>Amazon EC2 API Reference</i> or <a href="https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html">describe-instances</a> in the
+     *     <i>Amazon Web Services CLI Command Reference</i>.</p>
      * @public
      */
     IamRole?: string;
@@ -7145,7 +7164,8 @@ export declare const InstancePropertyFilterKey: {
  */
 export type InstancePropertyFilterKey = (typeof InstancePropertyFilterKey)[keyof typeof InstancePropertyFilterKey];
 /**
- * <p>Describes a filter for a specific list of managed nodes. You can filter node information by using tags. You specify tags by using a key-value mapping.</p>
+ * <p>Describes a filter for a specific list of managed nodes. You can filter node information by
+ *    using tags. You specify tags by using a key-value mapping.</p>
  * @public
  */
 export interface InstancePropertyFilter {
@@ -7176,7 +7196,7 @@ export interface DescribeInstancePropertiesRequest {
     FiltersWithOperator?: InstancePropertyStringFilter[];
     /**
      * <p>The maximum number of items to return for the call. The call also returns a token that you
-     *         can specify in a subsequent call to get the next set of results.</p>
+     *    can specify in a subsequent call to get the next set of results.</p>
      * @public
      */
     MaxResults?: number;
@@ -7192,7 +7212,8 @@ export interface DescribeInstancePropertiesRequest {
  */
 export interface InstanceProperty {
     /**
-     * <p>The value of the EC2 <code>Name</code> tag associated with the node. If a <code>Name</code> tag hasn't been applied to the node, this value is blank.</p>
+     * <p>The value of the EC2 <code>Name</code> tag associated with the node. If a <code>Name</code>
+     *    tag hasn't been applied to the node, this value is blank.</p>
      * @public
      */
     Name?: string;
@@ -7207,12 +7228,14 @@ export interface InstanceProperty {
      */
     InstanceType?: string;
     /**
-     * <p>The instance profile attached to the node. If an instance profile isn't attached to the node, this value is blank.</p>
+     * <p>The instance profile attached to the node. If an instance profile isn't attached to the
+     *    node, this value is blank.</p>
      * @public
      */
     InstanceRole?: string;
     /**
-     * <p>The name of the key pair associated with the node. If a key pair isnt't associated with the node, this value is blank.</p>
+     * <p>The name of the key pair associated with the node. If a key pair isnt't associated with the
+     *    node, this value is blank.</p>
      * @public
      */
     KeyName?: string;
@@ -7222,12 +7245,13 @@ export interface InstanceProperty {
      */
     InstanceState?: string;
     /**
-     * <p>The CPU architecture of the node. For example, x86_64.</p>
+     * <p>The CPU architecture of the node. For example, <code>x86_64</code>.</p>
      * @public
      */
     Architecture?: string;
     /**
-     * <p>The public IPv4 address assigned to the node. If a public IPv4 address isn't assigned to the node, this value is blank.</p>
+     * <p>The public IPv4 address assigned to the node. If a public IPv4 address isn't assigned to the
+     *    node, this value is blank.</p>
      * @public
      */
     IPAddress?: string;
@@ -7267,12 +7291,14 @@ export interface InstanceProperty {
      */
     PlatformVersion?: string;
     /**
-     * <p>The activation ID created by Systems Manager when the server or virtual machine (VM) was registered</p>
+     * <p>The activation ID created by Systems Manager when the server or virtual machine (VM) was
+     *    registered</p>
      * @public
      */
     ActivationId?: string;
     /**
-     * <p>The IAM role used in the hybrid activation to register the node with Systems Manager.</p>
+     * <p>The IAM role used in the hybrid activation to register the node with
+     *    Systems Manager.</p>
      * @public
      */
     IamRole?: string;
@@ -7333,7 +7359,7 @@ export interface DescribeInstancePropertiesResult {
     InstanceProperties?: InstanceProperty[];
     /**
      * <p>The token for the next set of properties to return. Use this token to get the next set of
-     *         results.</p>
+     *    results.</p>
      * @public
      */
     NextToken?: string;

package/dist-types/models/models_1.d.ts CHANGED Viewed

@@ -319,8 +319,16 @@ export interface MaintenanceWindowTask {
      */
     LoggingInfo?: LoggingInfo;
     /**
-     * <p>The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) service role to use to publish Amazon Simple Notification Service
-     * (Amazon SNS) notifications for maintenance window Run Command tasks.</p>
+     * <p>The Amazon Resource Name (ARN) of the IAM service role for
+     *                 Amazon Web Services Systems Manager to assume when running a maintenance window task. If you do not specify a
+     *                 service role ARN, Systems Manager uses a service-linked role in your account. If no
+     *                 appropriate service-linked role for Systems Manager exists in your account, it is created when
+     *                 you run <code>RegisterTaskWithMaintenanceWindow</code>.</p>
+     *          <p>However, for an improved security posture, we strongly recommend creating a custom
+     *                 policy and custom service role for running your maintenance window tasks. The policy
+     *                 can be crafted to provide only the permissions needed for your particular
+     *                 maintenance window tasks. For more information, see <a href="https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html">Setting up maintenance windows</a> in the in the
+     *                     <i>Amazon Web Services Systems Manager User Guide</i>.</p>
      * @public
      */
     ServiceRoleArn?: string;
@@ -1047,8 +1055,9 @@ export interface PatchBaselineIdentity {
      */
     BaselineDescription?: string;
     /**
-     * <p>Whether this is the default baseline. Amazon Web Services Systems Manager supports creating multiple default patch
-     *    baselines. For example, you can create a default patch baseline for each operating system.</p>
+     * <p>Indicates whether this is the default baseline. Amazon Web Services Systems Manager supports creating multiple default
+     *    patch baselines. For example, you can create a default patch baseline for each operating
+     *    system.</p>
      * @public
      */
     DefaultBaseline?: boolean;
@@ -3392,8 +3401,16 @@ export interface MaintenanceWindowRunCommandParameters {
      */
     Parameters?: Record<string, string[]>;
     /**
-     * <p>The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) service role to use to publish Amazon Simple Notification Service
-     * (Amazon SNS) notifications for maintenance window Run Command tasks.</p>
+     * <p>The Amazon Resource Name (ARN) of the IAM service role for
+     *                 Amazon Web Services Systems Manager to assume when running a maintenance window task. If you do not specify a
+     *                 service role ARN, Systems Manager uses a service-linked role in your account. If no
+     *                 appropriate service-linked role for Systems Manager exists in your account, it is created when
+     *                 you run <code>RegisterTaskWithMaintenanceWindow</code>.</p>
+     *          <p>However, for an improved security posture, we strongly recommend creating a custom
+     *                 policy and custom service role for running your maintenance window tasks. The policy
+     *                 can be crafted to provide only the permissions needed for your particular
+     *                 maintenance window tasks. For more information, see <a href="https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html">Setting up maintenance windows</a> in the in the
+     *                     <i>Amazon Web Services Systems Manager User Guide</i>.</p>
      * @public
      */
     ServiceRoleArn?: string;
@@ -3489,8 +3506,16 @@ export interface GetMaintenanceWindowTaskResult {
      */
     TaskArn?: string;
     /**
-     * <p>The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) service role to use to publish Amazon Simple Notification Service
-     * (Amazon SNS) notifications for maintenance window Run Command tasks.</p>
+     * <p>The Amazon Resource Name (ARN) of the IAM service role for
+     *                 Amazon Web Services Systems Manager to assume when running a maintenance window task. If you do not specify a
+     *                 service role ARN, Systems Manager uses a service-linked role in your account. If no
+     *                 appropriate service-linked role for Systems Manager exists in your account, it is created when
+     *                 you run <code>RegisterTaskWithMaintenanceWindow</code>.</p>
+     *          <p>However, for an improved security posture, we strongly recommend creating a custom
+     *                 policy and custom service role for running your maintenance window tasks. The policy
+     *                 can be crafted to provide only the permissions needed for your particular
+     *                 maintenance window tasks. For more information, see <a href="https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html">Setting up maintenance windows</a> in the in the
+     *                     <i>Amazon Web Services Systems Manager User Guide</i>.</p>
      * @public
      */
     ServiceRoleArn?: string;

package/dist-types/models/models_2.d.ts CHANGED Viewed

@@ -1255,8 +1255,16 @@ export interface UpdateMaintenanceWindowTaskResult {
      */
     TaskArn?: string;
     /**
-     * <p>The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) service role to use to publish Amazon Simple Notification Service
-     * (Amazon SNS) notifications for maintenance window Run Command tasks.</p>
+     * <p>The Amazon Resource Name (ARN) of the IAM service role for
+     *                 Amazon Web Services Systems Manager to assume when running a maintenance window task. If you do not specify a
+     *                 service role ARN, Systems Manager uses a service-linked role in your account. If no
+     *                 appropriate service-linked role for Systems Manager exists in your account, it is created when
+     *                 you run <code>RegisterTaskWithMaintenanceWindow</code>.</p>
+     *          <p>However, for an improved security posture, we strongly recommend creating a custom
+     *                 policy and custom service role for running your maintenance window tasks. The policy
+     *                 can be crafted to provide only the permissions needed for your particular
+     *                 maintenance window tasks. For more information, see <a href="https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html">Setting up maintenance windows</a> in the in the
+     *                     <i>Amazon Web Services Systems Manager User Guide</i>.</p>
      * @public
      */
     ServiceRoleArn?: string;
@@ -1571,26 +1579,31 @@ export interface UpdatePatchBaselineRequest {
     /**
      * <p>The action for Patch Manager to take on patches included in the
      *     <code>RejectedPackages</code> list.</p>
-     *          <ul>
-     *             <li>
+     *          <dl>
+     *             <dt>ALLOW_AS_DEPENDENCY</dt>
+     *             <dd>
      *                <p>
-     *                   <b>
-     *                      <code>ALLOW_AS_DEPENDENCY</code>
-     *                   </b>: A package in the
-     *       <code>Rejected</code> patches list is installed only if it is a dependency of another package.
-     *      It is considered compliant with the patch baseline, and its status is reported as
-     *       <code>InstalledOther</code>. This is the default action if no option is specified.</p>
-     *             </li>
-     *             <li>
+     *                   <b>Linux and macOS</b>: A package in the rejected patches list
+     *       is installed only if it is a dependency of another package. It is considered compliant with
+     *       the patch baseline, and its status is reported as <code>INSTALLED_OTHER</code>. This is the
+     *       default action if no option is specified.</p>
      *                <p>
-     *                   <b>BLOCK</b>: Packages in the <b>Rejected
-     *       patches</b> list, and packages that include them as dependencies, aren't installed by
-     *      Patch Manager under any circumstances. If a package was installed before it was added to the
-     *       <b>Rejected patches</b> list, or is installed outside of Patch
-     *      Manager afterward, it's considered noncompliant with the patch baseline and its status is
-     *      reported as <i>InstalledRejected</i>.</p>
-     *             </li>
-     *          </ul>
+     *                   <b>Windows Server</b>: Windows Server doesn't support the
+     *       concept of package dependencies. If a package in the rejected patches list and already
+     *       installed on the node, its status is reported as <code>INSTALLED_OTHER</code>. Any package not
+     *       already installed on the node is skipped. This is the default action if no option is
+     *       specified.</p>
+     *             </dd>
+     *             <dt>BLOCK</dt>
+     *             <dd>
+     *                <p>
+     *                   <b>All OSs</b>: Packages in the rejected patches list, and
+     *       packages that include them as dependencies, aren't installed by Patch Manager under any
+     *       circumstances. If a package was installed before it was added to the rejected patches list, or
+     *       is installed outside of Patch Manager afterward, it's considered noncompliant with the patch
+     *       baseline and its status is reported as <code>INSTALLED_REJECTED</code>.</p>
+     *             </dd>
+     *          </dl>
      * @public
      */
     RejectedPatchesAction?: PatchAction;

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-ssm",
   "description": "AWS SDK for JavaScript Ssm Client for Node.js, Browser and React Native",
-  "version": "3.624.0",
+  "version": "3.629.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-ssm",
@@ -20,10 +20,10 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "5.2.0",
     "@aws-crypto/sha256-js": "5.2.0",
-    "@aws-sdk/client-sso-oidc": "3.624.0",
-    "@aws-sdk/client-sts": "3.624.0",
-    "@aws-sdk/core": "3.624.0",
-    "@aws-sdk/credential-provider-node": "3.624.0",
+    "@aws-sdk/client-sso-oidc": "3.629.0",
+    "@aws-sdk/client-sts": "3.629.0",
+    "@aws-sdk/core": "3.629.0",
+    "@aws-sdk/credential-provider-node": "3.629.0",
     "@aws-sdk/middleware-host-header": "3.620.0",
     "@aws-sdk/middleware-logger": "3.609.0",
     "@aws-sdk/middleware-recursion-detection": "3.620.0",