lookupEffectiveGuestPolicy(instance, body=None, x__xgafv=None)
Lookup the effective guest policy that applies to a VM instance. This
lookupEffectiveGuestPolicy(instance, body=None, x__xgafv=None)
Lookup the effective guest policy that applies to a VM instance. This
lookup merges all policies that are assigned to the instance ancestry.
Args:
instance: string, Required. The VM instance whose policies are being looked up. (required)
body: object, The request body.
The object takes the form of:
{ # A request message for getting the effective guest policy assigned to the
# instance.
"osVersion": "A String", # Version of the OS running on the instance. The OS Config agent only
# provides this field for targeting if OS Inventory is enabled for that
# VM instance.
"osShortName": "A String", # Short name of the OS running on the instance. The OS Config agent only
# provides this field for targeting if OS Inventory is enabled for that
# instance.
"osArchitecture": "A String", # Architecture of OS running on the instance. The OS Config agent only
# provides this field for targeting if OS Inventory is enabled for that
# instance.
}
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # The effective guest policy that applies to a VM instance.
"packageRepositories": [ # List of package repository configurations assigned to the VM instance.
{ # A guest policy package repository including its source.
"source": "A String", # Name of the guest policy providing this config.
"packageRepository": { # A package repository. # A software package repository to configure on the VM instance.
"zypper": { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
# repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
"displayName": "A String", # The display name of the repository.
"id": "A String", # Required. A one word, unique name for this repository. This is
# the `repo id` in the zypper config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
"baseUrl": "A String", # Required. The location of the repository directory.
"gpgKeys": [ # URIs of GPG keys.
"A String",
],
},
"apt": { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
# a repo file that is stored at
# `/etc/apt/sources.list.d/google_osconfig.list`.
"gpgKey": "A String", # URI of the key file for this repository. The agent maintains
# a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
# all the keys in any applied guest policy.
"distribution": "A String", # Required. Distribution of this repository.
"components": [ # Required. List of components for this repository. Must contain at least one item.
"A String",
],
"archiveType": "A String", # Type of archive files in this repository. The default behavior is DEB.
"uri": "A String", # Required. URI for this repository.
},
"yum": { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
# repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
"id": "A String", # Required. A one word, unique name for this repository. This is
# the `repo id` in the Yum config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
"baseUrl": "A String", # Required. The location of the repository directory.
"gpgKeys": [ # URIs of GPG keys.
"A String",
],
"displayName": "A String", # The display name of the repository.
},
"goo": { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
# that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
"url": "A String", # Required. The url of the repository.
"name": "A String", # Required. The name of the repository.
},
},
},
],
"packages": [ # List of package configurations assigned to the VM instance.
{ # A guest policy package including its source.
"source": "A String", # Name of the guest policy providing this config.
"package": { # Package is a reference to the software package to be installed or removed. # A software package to configure on the VM instance.
# The agent on the VM instance uses the system package manager to apply the
# config.
#
#
# These are the commands that the agent uses to install or remove
# packages.
#
# Apt
# install: `apt-get update && apt-get -y install package1 package2 package3`
# remove: `apt-get -y remove package1 package2 package3`
#
# Yum
# install: `yum -y install package1 package2 package3`
# remove: `yum -y remove package1 package2 package3`
#
# Zypper
# install: `zypper install package1 package2 package3`
# remove: `zypper rm package1 package2`
#
# Googet
# install: `googet -noconfirm install package1 package2 package3`
# remove: `googet -noconfirm remove package1 package2 package3`
"desiredState": "A String", # The desired_state the agent should maintain for this package. The
# default is to ensure the package is installed.
"name": "A String", # Required. The name of the package. A package is uniquely identified for conflict
# validation by checking the package name and the manager(s) that the
# package targets.
"manager": "A String", # Type of package manager that can be used to install this package.
# If a system does not have the package manager, the package is not
# installed or removed no error message is returned. By default,
# or if you specify `ANY`,
# the agent attempts to install and remove this package using the default
# package manager. This is useful when creating a policy that applies to
# different types of systems.
#
# The default behavior is ANY.
},
},
],
"softwareRecipes": [ # List of recipes assigned to the VM instance.
{ # A guest policy recipe including its source.
"softwareRecipe": { # A software recipe is a set of instructions for installing and configuring a # A software recipe to configure on the VM instance.
# piece of software. It consists of a set of artifacts that are
# downloaded, and a set of steps that install, configure, and/or update the
# software.
#
# Recipes support installing and updating software from artifacts in the
# following formats:
# Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
#
# Additionally, recipes support executing a script (either defined in a file or
# directly in this api) in bash, sh, cmd, and powershell.
#
# Updating a software recipe
#
# If a recipe is assigned to an instance and there is a recipe with the same
# name but a lower version already installed and the assigned state
# of the recipe is `UPDATED`, then the recipe is updated to
# the new version.
#
# Script Working Directories
#
# Each script or execution step is run in its own temporary directory which
# is deleted after completing the step.
"artifacts": [ # Resources available to be used in the steps in the recipe.
{ # Specifies a resource to be used in the recipe.
"remote": { # Specifies an artifact available via some URI. # A generic remote artifact.
"checksum": "A String", # Must be provided if `allow_insecure` is `false`.
# SHA256 checksum in hex format, to compare to the checksum of the
# artifact. If the checksum is not empty and it doesn't match the
# artifact then the recipe installation fails before running any of the
# steps.
"uri": "A String", # URI from which to fetch the object. It should contain both the protocol
# and path following the format {protocol}://{location}.
},
"gcs": { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
"object": "A String", # Name of the Google Cloud Storage object.
# As specified [here]
# (https://cloud.google.com/storage/docs/naming#objectnames)
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `foo/bar`.
"generation": "A String", # Must be provided if allow_insecure is false.
# Generation number of the Google Cloud Storage object.
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `1234567`.
"bucket": "A String", # Bucket of the Google Cloud Storage object.
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `my-bucket`.
},
"id": "A String", # Required. Id of the artifact, which the installation and update steps of this
# recipe can reference. Artifacts in a recipe cannot have the same id.
"allowInsecure": True or False, # Defaults to false. When false, recipes are subject to validations
# based on the artifact type:
#
# Remote: A checksum must be specified, and only protocols with
# transport-layer security are permitted.
# GCS: An object generation number must be specified.
},
],
"installSteps": [ # Actions to be taken for installing this recipe. On failure it stops
# executing steps and does not attempt another installation. Any steps taken
# (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
"archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
"artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
"destination": "A String", # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
"type": "A String", # Required. The type of the archive to extract.
},
"msiInstallation": { # Installs an MSI file. # Installs an MSI file.
"allowedExitCodes": [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
"artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
"flags": [ # The flags to use when installing the MSI
# defaults to ["/i"] (i.e. the install flag).
"A String",
],
},
"scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell.
"allowedExitCodes": [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
"interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
"script": "A String", # Required. The shell script to be executed.
},
"rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
"artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
},
"dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg.
"artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
},
"fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
"artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
"overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
"destination": "A String", # Required. The absolute path on the instance to put the file.
"permissions": "A String", # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
},
"fileExec": { # Executes an artifact or local file. # Executes an artifact or local file.
"allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
"artifactId": "A String", # The id of the relevant artifact in the recipe.
"args": [ # Arguments to be passed to the provided executable.
"A String",
],
"localPath": "A String", # The absolute path of the file on the local filesystem.
},
},
],
"name": "A String", # Required. Unique identifier for the recipe. Only one recipe with a given name is
# installed on an instance.
#
# Names are also used to identify resources which helps to determine whether
# guest policies have conflicts. This means that requests to create multiple
# recipes with the same name and version are rejected since they
# could potentially have conflicting assignments.
"updateSteps": [ # Actions to be taken for updating this recipe. On failure it stops
# executing steps and does not attempt another update for this recipe. Any
# steps taken (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
"archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
"artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
"destination": "A String", # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
"type": "A String", # Required. The type of the archive to extract.
},
"msiInstallation": { # Installs an MSI file. # Installs an MSI file.
"allowedExitCodes": [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
"artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
"flags": [ # The flags to use when installing the MSI
# defaults to ["/i"] (i.e. the install flag).
"A String",
],
},
"scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell.
"allowedExitCodes": [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
"interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
"script": "A String", # Required. The shell script to be executed.
},
"rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
"artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
},
"dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg.
"artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
},
"fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
"artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
"overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
"destination": "A String", # Required. The absolute path on the instance to put the file.
"permissions": "A String", # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
},
"fileExec": { # Executes an artifact or local file. # Executes an artifact or local file.
"allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
"artifactId": "A String", # The id of the relevant artifact in the recipe.
"args": [ # Arguments to be passed to the provided executable.
"A String",
],
"localPath": "A String", # The absolute path of the file on the local filesystem.
},
},
],
"version": "A String", # The version of this software recipe. Version can be up to 4 period
# separated numbers (e.g. 12.34.56.78).
"desiredState": "A String", # Default is INSTALLED. The desired state the agent should maintain for this
# recipe.
#
# INSTALLED: The software recipe is installed on the instance but
# won't be updated to new versions.
# UPDATED: The software recipe is installed on the instance. The recipe is
# updated to a higher version, if a higher version of the recipe is
# assigned to this instance.
# REMOVE: Remove is unsupported for software recipes and attempts to
# create or update a recipe to the REMOVE state is rejected.
},
"source": "A String", # Name of the guest policy providing this config.
},
],
}