SSM / Paginator / DescribeAvailablePatches

DescribeAvailablePatches

class SSM.Paginator.DescribeAvailablePatches

paginator = client.get_paginator('describe_available_patches')

paginate(**kwargs)

Creates an iterator that will paginate through responses from SSM.Client.describe_available_patches().

See also: AWS API Documentation

Request Syntax

response_iterator = paginator.paginate(
    Filters=[
        {
            'Key': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    PaginationConfig={
        'MaxItems': 123,
        'PageSize': 123,
        'StartingToken': 'string'
    }
)

Parameters:

• Filters (list) –

  Each element in the array is a structure containing a key-value pair.

  Windows Server

  Supported keys for Windows Server managed node patches include the following:

  • PATCH_SET Sample values: OS | APPLICATION

  • PRODUCT Sample values: WindowsServer2012 | Office 2010 | MicrosoftDefenderAntivirus

  • PRODUCT_FAMILY Sample values: Windows | Office

  • MSRC_SEVERITY Sample values: ServicePacks | Important | Moderate

  • CLASSIFICATION Sample values: ServicePacks | SecurityUpdates | DefinitionUpdates

  • PATCH_ID Sample values: KB123456 | KB4516046

  Linux

  Warning

  When specifying filters for Linux patches, you must specify a key-pair for PRODUCT . For example, using the Command Line Interface (CLI), the following command fails:

  aws ssm describe-available-patches --filters Key=CVE_ID,Values=CVE-2018-3615

  However, the following command succeeds:

  aws ssm describe-available-patches --filters Key=PRODUCT,Values=AmazonLinux2018.03 Key=CVE_ID,Values=CVE-2018-3615

  Supported keys for Linux managed node patches include the following:

  • PRODUCT Sample values: AmazonLinux2018.03 | AmazonLinux2.0

  • NAME Sample values: kernel-headers | samba-python | php

  • SEVERITY Sample values: Critical | Important | Medium | Low

  • EPOCH Sample values: 0 | 1

  • VERSION Sample values: 78.6.1 | 4.10.16

  • RELEASE Sample values: 9.56.amzn1 | 1.amzn2

  • ARCH Sample values: i686 | x86_64

  • REPOSITORY Sample values: Core | Updates

  • ADVISORY_ID Sample values: ALAS-2018-1058 | ALAS2-2021-1594

  • CVE_ID Sample values: CVE-2018-3615 | CVE-2020-1472

  • BUGZILLA_ID Sample values: 1463241

  • (dict) –

    Defines a filter used in Patch Manager APIs. Supported filter keys depend on the API operation that includes the filter. Patch Manager API operations that use PatchOrchestratorFilter include the following:

    • DescribeAvailablePatches

    • DescribeInstancePatches

    • DescribePatchBaselines

    • DescribePatchGroups

    • Key (string) –

      The key for the filter.

    • Values (list) –

      The value for the filter.

      • (string) –

• PaginationConfig (dict) –

  A dictionary that provides parameters to control pagination.

  • MaxItems (integer) –

    The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.

  • PageSize (integer) –

    The size of each page.

  • StartingToken (string) –

    A token to specify where to start paginating. This is the NextToken from a previous response.

Return type:

dict

Returns:

Response Syntax

{
    'Patches': [
        {
            'Id': 'string',
            'ReleaseDate': datetime(2015, 1, 1),
            'Title': 'string',
            'Description': 'string',
            'ContentUrl': 'string',
            'Vendor': 'string',
            'ProductFamily': 'string',
            'Product': 'string',
            'Classification': 'string',
            'MsrcSeverity': 'string',
            'KbNumber': 'string',
            'MsrcNumber': 'string',
            'Language': 'string',
            'AdvisoryIds': [
                'string',
            ],
            'BugzillaIds': [
                'string',
            ],
            'CVEIds': [
                'string',
            ],
            'Name': 'string',
            'Epoch': 123,
            'Version': 'string',
            'Release': 'string',
            'Arch': 'string',
            'Severity': 'string',
            'Repository': 'string'
        },
    ],

}

Response Structure

• (dict) –

  • Patches (list) –

    An array of patches. Each entry in the array is a patch structure.

    • (dict) –

      Represents metadata about a patch.

      • Id (string) –

        The ID of the patch. Applies to Windows patches only.

        Note

        This ID isn’t the same as the Microsoft Knowledge Base ID.

      • ReleaseDate (datetime) –

        The date the patch was released.

      • Title (string) –

        The title of the patch.

      • Description (string) –

        The description of the patch.

      • ContentUrl (string) –

        The URL where more information can be obtained about the patch.

      • Vendor (string) –

        The name of the vendor providing the patch.

      • ProductFamily (string) –

        The product family the patch is applicable for. For example, Windows or Amazon Linux 2 .

      • Product (string) –

        The specific product the patch is applicable for. For example, WindowsServer2016 or AmazonLinux2018.03 .

      • Classification (string) –

        The classification of the patch. For example, SecurityUpdates , Updates , or CriticalUpdates .

      • MsrcSeverity (string) –

        The severity of the patch, such as Critical , Important , or Moderate . Applies to Windows patches only.

      • KbNumber (string) –

        The Microsoft Knowledge Base ID of the patch. Applies to Windows patches only.

      • MsrcNumber (string) –

        The ID of the Microsoft Security Response Center (MSRC) bulletin the patch is related to. For example, MS14-045 . Applies to Windows patches only.

      • Language (string) –

        The language of the patch if it’s language-specific.

      • AdvisoryIds (list) –

        The Advisory ID of the patch. For example, RHSA-2020:3779 . Applies to Linux-based managed nodes only.

        • (string) –

      • BugzillaIds (list) –

        The Bugzilla ID of the patch. For example, 1600646 . Applies to Linux-based managed nodes only.

        • (string) –

      • CVEIds (list) –

        The Common Vulnerabilities and Exposures (CVE) ID of the patch. For example, CVE-2011-3192 . Applies to Linux-based managed nodes only.

        • (string) –

      • Name (string) –

        The name of the patch. Applies to Linux-based managed nodes only.

      • Epoch (integer) –

        The epoch of the patch. For example in pkg-example-EE-20180914-2.2.amzn1.noarch , the epoch value is 20180914-2 . Applies to Linux-based managed nodes only.

      • Version (string) –

        The version number of the patch. For example, in example-pkg-1.710.10-2.7.abcd.x86_64 , the version number is indicated by -1 . Applies to Linux-based managed nodes only.

      • Release (string) –

        The particular release of a patch. For example, in pkg-example-EE-20180914-2.2.amzn1.noarch , the release is 2.amaz1 . Applies to Linux-based managed nodes only.

      • Arch (string) –

        The architecture of the patch. For example, in example-pkg-0.710.10-2.7.abcd.x86_64 , the architecture is indicated by x86_64 . Applies to Linux-based managed nodes only.

      • Severity (string) –

        The severity level of the patch. For example, CRITICAL or MODERATE .

      • Repository (string) –

        The source patch repository for the operating system and version, such as trusty-security for Ubuntu Server 14.04 LTE and focal-security for Ubuntu Server 20.04 LTE. Applies to Linux-based managed nodes only.