Cloud OS Config API . projects . zones . instances

Instance Methods

lookupEffectiveGuestPolicy(instance, body=None, x__xgafv=None)

Lookup the effective guest policy that applies to a VM instance. This

Method Details

lookupEffectiveGuestPolicy(instance, body=None, x__xgafv=None)
Lookup the effective guest policy that applies to a VM instance. This
lookup merges all policies that are assigned to the instance ancestry.

Args:
  instance: string, Required. The VM instance whose policies are being looked up. (required)
  body: object, The request body.
    The object takes the form of:

{ # A request message for getting the effective guest policy assigned to the
      # instance.
    "osVersion": "A String", # Version of the OS running on the instance. The OS Config agent only
        # provides this field for targeting if OS Inventory is enabled for that
        # VM instance.
    "osShortName": "A String", # Short name of the OS running on the instance. The OS Config agent only
        # provides this field for targeting if OS Inventory is enabled for that
        # instance.
    "osArchitecture": "A String", # Architecture of OS running on the instance. The OS Config agent only
        # provides this field for targeting if OS Inventory is enabled for that
        # instance.
  }

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # The effective guest policy that applies to a VM instance.
    "packageRepositories": [ # List of package repository configurations assigned to the VM instance.
      { # A guest policy package repository including its source.
        "source": "A String", # Name of the guest policy providing this config.
        "packageRepository": { # A package repository. # A software package repository to configure on the VM instance.
          "zypper": { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
              # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
            "displayName": "A String", # The display name of the repository.
            "id": "A String", # Required. A one word, unique name for this repository. This is
                # the `repo id` in the zypper config file and also the `display_name` if
                # `display_name` is omitted. This id is also used as the unique identifier
                # when checking for guest policy conflicts.
            "baseUrl": "A String", # Required. The location of the repository directory.
            "gpgKeys": [ # URIs of GPG keys.
              "A String",
            ],
          },
          "apt": { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
              # a repo file that is stored at
              # `/etc/apt/sources.list.d/google_osconfig.list`.
            "gpgKey": "A String", # URI of the key file for this repository. The agent maintains
                # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
                # all the keys in any applied guest policy.
            "distribution": "A String", # Required. Distribution of this repository.
            "components": [ # Required. List of components for this repository. Must contain at least one item.
              "A String",
            ],
            "archiveType": "A String", # Type of archive files in this repository. The default behavior is DEB.
            "uri": "A String", # Required. URI for this repository.
          },
          "yum": { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
              # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
            "id": "A String", # Required. A one word, unique name for this repository. This is
                # the `repo id` in the Yum config file and also the `display_name` if
                # `display_name` is omitted. This id is also used as the unique identifier
                # when checking for guest policy conflicts.
            "baseUrl": "A String", # Required. The location of the repository directory.
            "gpgKeys": [ # URIs of GPG keys.
              "A String",
            ],
            "displayName": "A String", # The display name of the repository.
          },
          "goo": { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
              # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
            "url": "A String", # Required. The url of the repository.
            "name": "A String", # Required. The name of the repository.
          },
        },
      },
    ],
    "packages": [ # List of package configurations assigned to the VM instance.
      { # A guest policy package including its source.
        "source": "A String", # Name of the guest policy providing this config.
        "package": { # Package is a reference to the software package to be installed or removed. # A software package to configure on the VM instance.
            # The agent on the VM instance uses the system package manager to apply the
            # config.
            #
            #
            # These are the commands that the agent uses to install or remove
            # packages.
            #
            # Apt
            # install: `apt-get update && apt-get -y install package1 package2 package3`
            # remove: `apt-get -y remove package1 package2 package3`
            #
            # Yum
            # install: `yum -y install package1 package2 package3`
            # remove: `yum -y remove package1 package2 package3`
            #
            # Zypper
            # install: `zypper install package1 package2 package3`
            # remove: `zypper rm package1 package2`
            #
            # Googet
            # install: `googet -noconfirm install package1 package2 package3`
            # remove: `googet -noconfirm remove package1 package2 package3`
          "desiredState": "A String", # The desired_state the agent should maintain for this package. The
              # default is to ensure the package is installed.
          "name": "A String", # Required. The name of the package. A package is uniquely identified for conflict
              # validation by checking the package name and the manager(s) that the
              # package targets.
          "manager": "A String", # Type of package manager that can be used to install this package.
              # If a system does not have the package manager, the package is not
              # installed or removed no error message is returned. By default,
              # or if you specify `ANY`,
              # the agent attempts to install and remove this package using the default
              # package manager. This is useful when creating a policy that applies to
              # different types of systems.
              #
              # The default behavior is ANY.
        },
      },
    ],
    "softwareRecipes": [ # List of recipes assigned to the VM instance.
      { # A guest policy recipe including its source.
        "softwareRecipe": { # A software recipe is a set of instructions for installing and configuring a # A software recipe to configure on the VM instance.
            # piece of software. It consists of a set of artifacts that are
            # downloaded, and a set of steps that install, configure, and/or update the
            # software.
            #
            # Recipes support installing and updating software from artifacts in the
            # following formats:
            # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
            #
            # Additionally, recipes support executing a script (either defined in a file or
            # directly in this api) in bash, sh, cmd, and powershell.
            #
            # Updating a software recipe
            #
            # If a recipe is assigned to an instance and there is a recipe with the same
            # name but a lower version already installed and the assigned state
            # of the recipe is `UPDATED`, then the recipe is updated to
            # the new version.
            #
            # Script Working Directories
            #
            # Each script or execution step is run in its own temporary directory which
            # is deleted after completing the step.
          "artifacts": [ # Resources available to be used in the steps in the recipe.
            { # Specifies a resource to be used in the recipe.
              "remote": { # Specifies an artifact available via some URI. # A generic remote artifact.
                "checksum": "A String", # Must be provided if `allow_insecure` is `false`.
                    # SHA256 checksum in hex format, to compare to the checksum of the
                    # artifact. If the checksum is not empty and it doesn't match the
                    # artifact then the recipe installation fails before running any of the
                    # steps.
                "uri": "A String", # URI from which to fetch the object. It should contain both the protocol
                    # and path following the format {protocol}://{location}.
              },
              "gcs": { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
                "object": "A String", # Name of the Google Cloud Storage object.
                    # As specified [here]
                    # (https://cloud.google.com/storage/docs/naming#objectnames)
                    # Given an example URL:
                    # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
                    # this value would be `foo/bar`.
                "generation": "A String", # Must be provided if allow_insecure is false.
                    # Generation number of the Google Cloud Storage object.
                    # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
                    # this value would be `1234567`.
                "bucket": "A String", # Bucket of the Google Cloud Storage object.
                    # Given an example URL:
                    # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
                    # this value would be `my-bucket`.
              },
              "id": "A String", # Required. Id of the artifact, which the installation and update steps of this
                  # recipe can reference. Artifacts in a recipe cannot have the same id.
              "allowInsecure": True or False, # Defaults to false. When false, recipes are subject to validations
                  # based on the artifact type:
                  #
                  # Remote: A checksum must be specified, and only protocols with
                  # transport-layer security are permitted.
                  # GCS:    An object generation number must be specified.
            },
          ],
          "installSteps": [ # Actions to be taken for installing this recipe. On failure it stops
              # executing steps and does not attempt another installation. Any steps taken
              # (including partially completed steps) are not rolled back.
            { # An action that can be taken as part of installing or updating a recipe.
              "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
                "artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
                "destination": "A String", # Directory to extract archive to.
                    # Defaults to `/` on Linux or `C:\` on Windows.
                "type": "A String", # Required. The type of the archive to extract.
              },
              "msiInstallation": { # Installs an MSI file. # Installs an MSI file.
                "allowedExitCodes": [ # Return codes that indicate that the software installed or updated
                    # successfully. Behaviour defaults to [0]
                  42,
                ],
                "artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
                "flags": [ # The flags to use when installing the MSI
                    # defaults to ["/i"] (i.e. the install flag).
                  "A String",
                ],
              },
              "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell.
                "allowedExitCodes": [ # Return codes that indicate that the software installed or updated
                    # successfully. Behaviour defaults to [0]
                  42,
                ],
                "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is
                    # specified the script is executed directly, which likely
                    # only succeed for scripts with
                    # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
                "script": "A String", # Required. The shell script to be executed.
              },
              "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
                "artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
              },
              "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg.
                "artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
              },
              "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
                "artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
                "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is
                    # false and the file already exists the file is not overwritten
                    # and the step is considered a success. Defaults to false.
                "destination": "A String", # Required. The absolute path on the instance to put the file.
                "permissions": "A String", # Consists of three octal digits which represent, in
                    # order, the permissions of the owner, group, and other users for the
                    # file (similarly to the numeric mode used in the linux chmod utility).
                    # Each digit represents a three bit number with the 4 bit
                    # corresponding to the read permissions, the 2 bit corresponds to the
                    # write bit, and the one bit corresponds to the execute permission.
                    # Default behavior is 755.
                    #
                    # Below are some examples of permissions and their associated values:
                    # read, write, and execute: 7
                    # read and execute: 5
                    # read and write: 6
                    # read only: 4
              },
              "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file.
                "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program
                    # can return to indicate a success.
                  42,
                ],
                "artifactId": "A String", # The id of the relevant artifact in the recipe.
                "args": [ # Arguments to be passed to the provided executable.
                  "A String",
                ],
                "localPath": "A String", # The absolute path of the file on the local filesystem.
              },
            },
          ],
          "name": "A String", # Required. Unique identifier for the recipe. Only one recipe with a given name is
              # installed on an instance.
              #
              # Names are also used to identify resources which helps to determine whether
              # guest policies have conflicts. This means that requests to create multiple
              # recipes with the same name and version are rejected since they
              # could potentially have conflicting assignments.
          "updateSteps": [ # Actions to be taken for updating this recipe. On failure it stops
              # executing steps and  does not attempt another update for this recipe. Any
              # steps taken (including partially completed steps) are not rolled back.
            { # An action that can be taken as part of installing or updating a recipe.
              "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
                "artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
                "destination": "A String", # Directory to extract archive to.
                    # Defaults to `/` on Linux or `C:\` on Windows.
                "type": "A String", # Required. The type of the archive to extract.
              },
              "msiInstallation": { # Installs an MSI file. # Installs an MSI file.
                "allowedExitCodes": [ # Return codes that indicate that the software installed or updated
                    # successfully. Behaviour defaults to [0]
                  42,
                ],
                "artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
                "flags": [ # The flags to use when installing the MSI
                    # defaults to ["/i"] (i.e. the install flag).
                  "A String",
                ],
              },
              "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell.
                "allowedExitCodes": [ # Return codes that indicate that the software installed or updated
                    # successfully. Behaviour defaults to [0]
                  42,
                ],
                "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is
                    # specified the script is executed directly, which likely
                    # only succeed for scripts with
                    # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
                "script": "A String", # Required. The shell script to be executed.
              },
              "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
                "artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
              },
              "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg.
                "artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
              },
              "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
                "artifactId": "A String", # Required. The id of the relevant artifact in the recipe.
                "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is
                    # false and the file already exists the file is not overwritten
                    # and the step is considered a success. Defaults to false.
                "destination": "A String", # Required. The absolute path on the instance to put the file.
                "permissions": "A String", # Consists of three octal digits which represent, in
                    # order, the permissions of the owner, group, and other users for the
                    # file (similarly to the numeric mode used in the linux chmod utility).
                    # Each digit represents a three bit number with the 4 bit
                    # corresponding to the read permissions, the 2 bit corresponds to the
                    # write bit, and the one bit corresponds to the execute permission.
                    # Default behavior is 755.
                    #
                    # Below are some examples of permissions and their associated values:
                    # read, write, and execute: 7
                    # read and execute: 5
                    # read and write: 6
                    # read only: 4
              },
              "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file.
                "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program
                    # can return to indicate a success.
                  42,
                ],
                "artifactId": "A String", # The id of the relevant artifact in the recipe.
                "args": [ # Arguments to be passed to the provided executable.
                  "A String",
                ],
                "localPath": "A String", # The absolute path of the file on the local filesystem.
              },
            },
          ],
          "version": "A String", # The version of this software recipe. Version can be up to 4 period
              # separated numbers (e.g. 12.34.56.78).
          "desiredState": "A String", # Default is INSTALLED. The desired state the agent should maintain for this
              # recipe.
              #
              # INSTALLED: The software recipe is installed on the instance but
              #            won't be updated to new versions.
              # UPDATED: The software recipe is installed on the instance. The recipe is
              #          updated to a higher version, if a higher version of the recipe is
              #          assigned to this instance.
              # REMOVE: Remove is unsupported for software recipes and attempts to
              #         create or update a recipe to the REMOVE state is rejected.
        },
        "source": "A String", # Name of the guest policy providing this config.
      },
    ],
  }