API Reference google_api_os_config v0.20.0
Modules
API client metadata for GoogleApi.OSConfig.V1.
API calls for all endpoints tagged Projects.
Handle Tesla connections for GoogleApi.OSConfig.V1.
Apt patching is completed by executing apt-get update && apt-get upgrade. Additional options can be set to control how this is executed.
Common Vulnerability Scoring System version 3. For details, see https://www.first.org/cvss/specification-document
The request message for Operations.CancelOperation.
Message for canceling a patch job.
Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: A full date, with non-zero year, month, and day values A month and day value, with a zero year, such as an anniversary A year on its own, with zero month and day values A year and month value, with a zero day, such as a credit card expiration date Related types are google.type.TimeOfDay and google.protobuf.Timestamp.
A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}.
A step that runs an executable for a PatchJob.
Common configurations for an ExecStep.
A request message to initiate patching across Compute Engine instances.
Message encapsulating a value that can be either absolute ("fixed") or relative ("percent") to a value.
Cloud Storage object representation.
Googet patching is performed by running googet update.
OS policy assignment operation metadata provided by OS policy assignment API methods that return long running operations.
This API resource represents the available inventory data for a Compute Engine virtual machine (VM) instance at a given point in time. You can use this API resource to determine the inventory data of your VM. For more information, see Information provided by OS inventory management.
A single piece of inventory on a VM.
Operating system information for the VM.
Software package information of the operating system.
Information related to the a standard versioned package. This includes package info for APT, Yum, Zypper, and Googet package managers.
Contains information about a Windows application that is retrieved from the Windows Registry. For more information about these fields, see: https://docs.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key
Information related to a Quick Fix Engineering package. Fields are taken from Windows QuickFixEngineering Interface and match the source names: https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-quickfixengineering
Details related to a Windows Update package. Field data and names are taken from Windows Update API IUpdate Interface: https://docs.microsoft.com/en-us/windows/win32/api/_wua/ Descriptive fields like title, and description are localized based on the locale of the VM being updated.
Categories specified by the Windows Update.
Details related to a Zypper Patch.
A response message for listing inventory data for all VMs in a specified location.
A response message for listing OS Policy assignment reports including the page of results and page token.
A response message for listing all revisions for a OS policy assignment.
A response message for listing all assignments under given parent.
A response message for listing patch deployments.
A response message for listing the instances details for a patch job.
A response message for listing patch jobs.
A response message for listing vulnerability reports for all VM instances in the specified location.
Represents a monthly schedule. An example of a valid monthly schedule is "on the third Tuesday of the month" or "on the 15th of the month".
An OS policy defines the desired state configuration for a VM.
OS policy assignment is an API resource that is used to apply a set of OS policies to a dynamically targeted group of Compute Engine VM instances. An OS policy is used to define the desired state configuration for a Compute Engine VM instance through a set of configuration resources that provide capabilities such as installing or removing software packages, or executing a script. For more information, see OS policy and OS policy assignment.
Filters to select target VMs for an assignment. If more than one filter criteria is specified below, a VM will be selected if and only if it satisfies all of them.
VM inventory details.
Message representing label set. A label is a key value pair set for a VM. A LabelSet is a set of labels. Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet. Example: A LabelSet with 2 labels: env=prod and type=webserver will only be applicable for those VMs with both labels present.
OS policy assignment operation metadata provided by OS policy assignment API methods that return long running operations.
A report of the OS policy assignment status for a given instance.
Compliance data for an OS policy
Compliance data for an OS policy resource.
ExecResource specific output.
Step performed by the OS Config agent for configuring an OSPolicy resource to its desired state.
Message to configure the rollout at the zonal level for the OS policy assignment.
Filtering criteria to select VMs based on inventory details.
An OS policy resource is used to define the desired state configuration and provides a specific functionality like installing/removing packages, executing a script etc. The system ensures that resources are always in their desired state by taking necessary actions if they have drifted from their desired state.
A resource that allows executing scripts on the VM. The ExecResource has 2 stages: validate and enforce and both stages accept a script as an argument to execute. When the ExecResource is applied by the agent, it first executes the script in the validate stage. The validate stage can signal that the ExecResource is already in the desired state by returning an exit code of 100. If the ExecResource is not in the desired state, it should return an exit code of 101. Any other exit code returned by this stage is considered an error. If the ExecResource is not in the desired state based on the exit code from the validate stage, the agent proceeds to execute the script from the enforce stage. If the ExecResource is already in the desired state, the enforce stage will not be run. Similar to validate stage, the enforce stage should return an exit code of 100 to indicate that the resource in now in its desired state. Any other exit code is considered an error. NOTE: An exit code of 100 was chosen over 0 (and 101 vs 1) to have an explicit indicator of in desired state, not in desired state and errors. Because, for example, Powershell will always return an exit code of 0 unless an exit statement is provided in the script. So, for reasons of consistency and being explicit, exit codes 100 and 101 were chosen.
A file or script to execute.
A remote or local file.
Specifies a file available as a Cloud Storage Object.
Specifies a file available via some URI.
A resource that manages the state of a file.
Resource groups provide a mechanism to group OS policy resources. Resource groups enable OS policy authors to create a single OS policy to be applied to VMs running different operating Systems. When the OS policy is applied to a target VM, the appropriate resource group within the OS policy is selected based on the OSFilter specified within the resource group.
A resource that manages a system package.
A package managed by APT. - install: apt-get update && apt-get -y install [name] - remove: apt-get -y remove [name]
A deb package file. dpkg packages only support INSTALLED state.
A package managed by GooGet. - install: googet -noconfirm install package - remove: googet -noconfirm remove package
An MSI package. MSI packages only support INSTALLED state.
An RPM package file. RPM packages only support INSTALLED state.
A package managed by YUM. - install: yum -y install package - remove: yum -y remove package
A package managed by Zypper. - install: zypper -y install package - remove: zypper -y rm package
A resource that manages a package repository.
Represents a single apt package repository. These will be added to a repo file that will be managed at /etc/apt/sources.list.d/google_osconfig.list.
Represents a Goo package repository. These are added to a repo file that is managed at C:/ProgramData/GooGet/repos/google_osconfig.repo.
Represents a single yum package repository. These are added to a repo file that is managed at /etc/yum.repos.d/google_osconfig.repo.
Represents a single zypper package repository. These are added to a repo file that is managed at /etc/zypp/repos.d/google_osconfig.repo.
Sets the time for a one time patch deployment. Timestamp is in RFC3339 text format.
This resource represents a long-running operation that is the result of a network API call.
Patch configuration specifications. Contains details on how to apply the patch(es) to a VM instance.
Patch deployments are configurations that individual patch jobs use to complete a patch. These configurations include instance filter, package repository settings, and a schedule. For more information about creating and managing patch deployments, see Scheduling patch jobs.
A filter to target VM instances for patching. The targeted VMs must meet all criteria specified. So if both labels and zones are specified, the patch job targets only VMs with those labels and in those zones.
Targets a group of VM instances by using their assigned labels. Labels are key-value pairs. A GroupLabel is a combination of labels that is used to target VMs for a patch job. For example, a patch job can target VMs that have the following GroupLabel: {"env":"test", "app":"web"}. This means that the patch job is applied to VMs that have both the labels env=test and app=web.
A high level representation of a patch job that is either in progress or has completed. Instance details are not included in the job. To paginate through instance details, use ListPatchJobInstanceDetails. For more information about patch jobs, see Creating patch jobs.
Patch details for a VM instance. For more information about reviewing VM instance details, see Listing all VM instance details for a specific patch job.
A summary of the current patch state across all instances that this patch job affects. Contains counts of instances in different states. These states map to InstancePatchState. List patch job instance details to see the specific states of each instance.
Patch rollout configuration specifications. Contains details on the concurrency control when applying patch(es) to all targeted VMs.
A request message for pausing a patch deployment.
Sets the time for recurring patch deployments.
A request message for resuming a patch deployment.
The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC. Each Status message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the API Design Guide.
Represents a time of day. The date and time zone are either not significant or are specified elsewhere. An API may choose to allow leap seconds. Related types are google.type.Date and google.protobuf.Timestamp.
Represents a time zone from the IANA Time Zone Database.
This API resource represents the vulnerability report for a specified Compute Engine virtual machine (VM) instance at a given point in time. For more information, see Vulnerability reports.
A vulnerability affecting the VM instance.
Contains metadata information for the vulnerability. This information is collected from the upstream feed of the operating system.
A reference for this vulnerability.
OS inventory item that is affected by a vulnerability or fixed as a result of a vulnerability.
Represents one week day in a month. An example is "the 4th Sunday".
Represents a weekly schedule.
Windows patching is performed using the Windows Update Agent.
Yum patching is performed by executing yum update. Additional options can be set to control how this is executed. Note that not all settings are supported on all platforms.
Zypper patching is performed by running zypper patch. See also https://en.opensuse.org/SDB:Zypper_manual.