| yoshi-code-bot | 312da31 | 2021-09-21 00:22:28 -0700 | [diff] [blame] | 1 | <html><body> |
| 2 | <style> |
| 3 | |
| 4 | body, h1, h2, h3, div, span, p, pre, a { |
| 5 | margin: 0; |
| 6 | padding: 0; |
| 7 | border: 0; |
| 8 | font-weight: inherit; |
| 9 | font-style: inherit; |
| 10 | font-size: 100%; |
| 11 | font-family: inherit; |
| 12 | vertical-align: baseline; |
| 13 | } |
| 14 | |
| 15 | body { |
| 16 | font-size: 13px; |
| 17 | padding: 1em; |
| 18 | } |
| 19 | |
| 20 | h1 { |
| 21 | font-size: 26px; |
| 22 | margin-bottom: 1em; |
| 23 | } |
| 24 | |
| 25 | h2 { |
| 26 | font-size: 24px; |
| 27 | margin-bottom: 1em; |
| 28 | } |
| 29 | |
| 30 | h3 { |
| 31 | font-size: 20px; |
| 32 | margin-bottom: 1em; |
| 33 | margin-top: 1em; |
| 34 | } |
| 35 | |
| 36 | pre, code { |
| 37 | line-height: 1.5; |
| 38 | font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; |
| 39 | } |
| 40 | |
| 41 | pre { |
| 42 | margin-top: 0.5em; |
| 43 | } |
| 44 | |
| 45 | h1, h2, h3, p { |
| 46 | font-family: Arial, sans serif; |
| 47 | } |
| 48 | |
| 49 | h1, h2, h3 { |
| 50 | border-bottom: solid #CCC 1px; |
| 51 | } |
| 52 | |
| 53 | .toc_element { |
| 54 | margin-top: 0.5em; |
| 55 | } |
| 56 | |
| 57 | .firstline { |
| 58 | margin-left: 2 em; |
| 59 | } |
| 60 | |
| 61 | .method { |
| 62 | margin-top: 1em; |
| 63 | border: solid 1px #CCC; |
| 64 | padding: 1em; |
| 65 | background: #EEE; |
| 66 | } |
| 67 | |
| 68 | .details { |
| 69 | font-weight: bold; |
| 70 | font-size: 14px; |
| 71 | } |
| 72 | |
| 73 | </style> |
| 74 | |
| 75 | <h1><a href="osconfig_v1.html">OS Config API</a> . <a href="osconfig_v1.projects.html">projects</a> . <a href="osconfig_v1.projects.locations.html">locations</a> . <a href="osconfig_v1.projects.locations.osPolicyAssignments.html">osPolicyAssignments</a></h1> |
| 76 | <h2>Instance Methods</h2> |
| 77 | <p class="toc_element"> |
| 78 | <code><a href="#close">close()</a></code></p> |
| 79 | <p class="firstline">Close httplib2 connections.</p> |
| 80 | <p class="toc_element"> |
| 81 | <code><a href="#create">create(parent, body=None, osPolicyAssignmentId=None, x__xgafv=None)</a></code></p> |
| 82 | <p class="firstline">Create an OS policy assignment. This method also creates the first revision of the OS policy assignment. This method returns a long running operation (LRO) that contains the rollout details. The rollout can be cancelled by cancelling the LRO. For more information, see [Method: projects.locations.osPolicyAssignments.operations.cancel](https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments.operations/cancel).</p> |
| 83 | <p class="toc_element"> |
| 84 | <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p> |
| 85 | <p class="firstline">Delete the OS policy assignment. This method creates a new revision of the OS policy assignment. This method returns a long running operation (LRO) that contains the rollout details. The rollout can be cancelled by cancelling the LRO. If the LRO completes and is not cancelled, all revisions associated with the OS policy assignment are deleted. For more information, see [Method: projects.locations.osPolicyAssignments.operations.cancel](https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments.operations/cancel).</p> |
| 86 | <p class="toc_element"> |
| 87 | <code><a href="#get">get(name, x__xgafv=None)</a></code></p> |
| 88 | <p class="firstline">Retrieve an existing OS policy assignment. This method always returns the latest revision. In order to retrieve a previous revision of the assignment, also provide the revision ID in the `name` parameter.</p> |
| 89 | <p class="toc_element"> |
| 90 | <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p> |
| 91 | <p class="firstline">List the OS policy assignments under the parent resource. For each OS policy assignment, the latest revision is returned.</p> |
| 92 | <p class="toc_element"> |
| 93 | <code><a href="#listRevisions">listRevisions(name, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p> |
| 94 | <p class="firstline">List the OS policy assignment revisions for a given OS policy assignment.</p> |
| 95 | <p class="toc_element"> |
| 96 | <code><a href="#listRevisions_next">listRevisions_next(previous_request, previous_response)</a></code></p> |
| 97 | <p class="firstline">Retrieves the next page of results.</p> |
| 98 | <p class="toc_element"> |
| 99 | <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p> |
| 100 | <p class="firstline">Retrieves the next page of results.</p> |
| 101 | <p class="toc_element"> |
| 102 | <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p> |
| 103 | <p class="firstline">Update an existing OS policy assignment. This method creates a new revision of the OS policy assignment. This method returns a long running operation (LRO) that contains the rollout details. The rollout can be cancelled by cancelling the LRO. For more information, see [Method: projects.locations.osPolicyAssignments.operations.cancel](https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments.operations/cancel).</p> |
| 104 | <h3>Method Details</h3> |
| 105 | <div class="method"> |
| 106 | <code class="details" id="close">close()</code> |
| 107 | <pre>Close httplib2 connections.</pre> |
| 108 | </div> |
| 109 | |
| 110 | <div class="method"> |
| 111 | <code class="details" id="create">create(parent, body=None, osPolicyAssignmentId=None, x__xgafv=None)</code> |
| 112 | <pre>Create an OS policy assignment. This method also creates the first revision of the OS policy assignment. This method returns a long running operation (LRO) that contains the rollout details. The rollout can be cancelled by cancelling the LRO. For more information, see [Method: projects.locations.osPolicyAssignments.operations.cancel](https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments.operations/cancel). |
| 113 | |
| 114 | Args: |
| 115 | parent: string, Required. The parent resource name in the form: projects/{project}/locations/{location} (required) |
| 116 | body: object, The request body. |
| 117 | The object takes the form of: |
| 118 | |
| 119 | { # OS policy assignment is an API resource that is used to apply a set of OS policies to a dynamically targeted group of Compute Engine VM instances. An OS policy is used to define the desired state configuration for a Compute Engine VM instance through a set of configuration resources that provide capabilities such as installing or removing software packages, or executing a script. For more information, see [OS policy and OS policy assignment](https://cloud.google.com/compute/docs/os-configuration-management/working-with-os-policies). |
| 120 | "baseline": True or False, # Output only. Indicates that this revision has been successfully rolled out in this zone and new VMs will be assigned OS policies from this revision. For a given OS policy assignment, there is only one revision with a value of `true` for this field. |
| 121 | "deleted": True or False, # Output only. Indicates that this revision deletes the OS policy assignment. |
| 122 | "description": "A String", # OS policy assignment description. Length of the description is limited to 1024 characters. |
| 123 | "etag": "A String", # The etag for this OS policy assignment. If this is provided on update, it must match the server's etag. |
| 124 | "instanceFilter": { # Filters to select target VMs for an assignment. If more than one filter criteria is specified below, a VM will be selected if and only if it satisfies all of them. # Required. Filter to select VMs. |
| 125 | "all": True or False, # Target all VMs in the project. If true, no other criteria is permitted. |
| 126 | "exclusionLabels": [ # List of label sets used for VM exclusion. If the list has more than one label set, the VM is excluded if any of the label sets are applicable for the VM. |
| 127 | { # Message representing label set. * A label is a key value pair set for a VM. * A LabelSet is a set of labels. * Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet. * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will only be applicable for those VMs with both labels present. |
| 128 | "labels": { # Labels are identified by key/value pairs in this map. A VM should contain all the key/value pairs specified in this map to be selected. |
| 129 | "a_key": "A String", |
| 130 | }, |
| 131 | }, |
| 132 | ], |
| 133 | "inclusionLabels": [ # List of label sets used for VM inclusion. If the list has more than one `LabelSet`, the VM is included if any of the label sets are applicable for the VM. |
| 134 | { # Message representing label set. * A label is a key value pair set for a VM. * A LabelSet is a set of labels. * Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet. * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will only be applicable for those VMs with both labels present. |
| 135 | "labels": { # Labels are identified by key/value pairs in this map. A VM should contain all the key/value pairs specified in this map to be selected. |
| 136 | "a_key": "A String", |
| 137 | }, |
| 138 | }, |
| 139 | ], |
| 140 | "inventories": [ # List of inventories to select VMs. A VM is selected if its inventory data matches at least one of the following inventories. |
| 141 | { # VM inventory details. |
| 142 | "osShortName": "A String", # Required. The OS short name |
| 143 | "osVersion": "A String", # The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions. |
| 144 | }, |
| 145 | ], |
| 146 | }, |
| 147 | "name": "A String", # Resource name. Format: `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}` This field is ignored when you create an OS policy assignment. |
| 148 | "osPolicies": [ # Required. List of OS policies to be applied to the VMs. |
| 149 | { # An OS policy defines the desired state configuration for a VM. |
| 150 | "allowNoResourceGroupMatch": True or False, # This flag determines the OS policy compliance status when none of the resource groups within the policy are applicable for a VM. Set this value to `true` if the policy needs to be reported as compliant even if the policy has nothing to validate or enforce. |
| 151 | "description": "A String", # Policy description. Length of the description is limited to 1024 characters. |
| 152 | "id": "A String", # Required. The id of the OS policy with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the assignment. |
| 153 | "mode": "A String", # Required. Policy mode |
| 154 | "resourceGroups": [ # Required. List of resource groups for the policy. For a particular VM, resource groups are evaluated in the order specified and the first resource group that is applicable is selected and the rest are ignored. If none of the resource groups are applicable for a VM, the VM is considered to be non-compliant w.r.t this policy. This behavior can be toggled by the flag `allow_no_resource_group_match` |
| 155 | { # Resource groups provide a mechanism to group OS policy resources. Resource groups enable OS policy authors to create a single OS policy to be applied to VMs running different operating Systems. When the OS policy is applied to a target VM, the appropriate resource group within the OS policy is selected based on the `OSFilter` specified within the resource group. |
| 156 | "inventoryFilters": [ # List of inventory filters for the resource group. The resources in this resource group are applied to the target VM if it satisfies at least one of the following inventory filters. For example, to apply this resource group to VMs running either `RHEL` or `CentOS` operating systems, specify 2 items for the list with following values: inventory_filters[0].os_short_name='rhel' and inventory_filters[1].os_short_name='centos' If the list is empty, this resource group will be applied to the target VM unconditionally. |
| 157 | { # Filtering criteria to select VMs based on inventory details. |
| 158 | "osShortName": "A String", # Required. The OS short name |
| 159 | "osVersion": "A String", # The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions. |
| 160 | }, |
| 161 | ], |
| 162 | "resources": [ # Required. List of resources configured for this resource group. The resources are executed in the exact order specified here. |
| 163 | { # An OS policy resource is used to define the desired state configuration and provides a specific functionality like installing/removing packages, executing a script etc. The system ensures that resources are always in their desired state by taking necessary actions if they have drifted from their desired state. |
| 164 | "exec": { # A resource that allows executing scripts on the VM. The `ExecResource` has 2 stages: `validate` and `enforce` and both stages accept a script as an argument to execute. When the `ExecResource` is applied by the agent, it first executes the script in the `validate` stage. The `validate` stage can signal that the `ExecResource` is already in the desired state by returning an exit code of `100`. If the `ExecResource` is not in the desired state, it should return an exit code of `101`. Any other exit code returned by this stage is considered an error. If the `ExecResource` is not in the desired state based on the exit code from the `validate` stage, the agent proceeds to execute the script from the `enforce` stage. If the `ExecResource` is already in the desired state, the `enforce` stage will not be run. Similar to `validate` stage, the `enforce` stage should return an exit code of `100` to indicate that the resource in now in its desired state. Any other exit code is considered an error. NOTE: An exit code of `100` was chosen over `0` (and `101` vs `1`) to have an explicit indicator of `in desired state`, `not in desired state` and errors. Because, for example, Powershell will always return an exit code of `0` unless an `exit` statement is provided in the script. So, for reasons of consistency and being explicit, exit codes `100` and `101` were chosen. # Exec resource |
| 165 | "enforce": { # A file or script to execute. # What to run to bring this resource into the desired state. An exit code of 100 indicates "success", any other exit code indicates a failure running enforce. |
| 166 | "args": [ # Optional arguments to pass to the source during execution. |
| 167 | "A String", |
| 168 | ], |
| 169 | "file": { # A remote or local file. # A remote or local file. |
| 170 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 171 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 172 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 173 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 174 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 175 | }, |
| 176 | "localPath": "A String", # A local path within the VM to use. |
| 177 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 178 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 179 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 180 | }, |
| 181 | }, |
| 182 | "interpreter": "A String", # Required. The script interpreter to use. |
| 183 | "outputFilePath": "A String", # Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. |
| 184 | "script": "A String", # An inline script. The size of the script is limited to 1024 characters. |
| 185 | }, |
| 186 | "validate": { # A file or script to execute. # Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates "in desired state", and exit code of 101 indicates "not in desired state". Any other exit code indicates a failure running validate. |
| 187 | "args": [ # Optional arguments to pass to the source during execution. |
| 188 | "A String", |
| 189 | ], |
| 190 | "file": { # A remote or local file. # A remote or local file. |
| 191 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 192 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 193 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 194 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 195 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 196 | }, |
| 197 | "localPath": "A String", # A local path within the VM to use. |
| 198 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 199 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 200 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 201 | }, |
| 202 | }, |
| 203 | "interpreter": "A String", # Required. The script interpreter to use. |
| 204 | "outputFilePath": "A String", # Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. |
| 205 | "script": "A String", # An inline script. The size of the script is limited to 1024 characters. |
| 206 | }, |
| 207 | }, |
| 208 | "file": { # A resource that manages the state of a file. # File resource |
| 209 | "content": "A String", # A a file with this content. The size of the content is limited to 1024 characters. |
| 210 | "file": { # A remote or local file. # A remote or local source. |
| 211 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 212 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 213 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 214 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 215 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 216 | }, |
| 217 | "localPath": "A String", # A local path within the VM to use. |
| 218 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 219 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 220 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 221 | }, |
| 222 | }, |
| 223 | "path": "A String", # Required. The absolute path of the file within the VM. |
| 224 | "permissions": "A String", # Consists of three octal digits which represent, in order, the permissions of the owner, group, and other users for the file (similarly to the numeric mode used in the linux chmod utility). Each digit represents a three bit number with the 4 bit corresponding to the read permissions, the 2 bit corresponds to the write bit, and the one bit corresponds to the execute permission. Default behavior is 755. Below are some examples of permissions and their associated values: read, write, and execute: 7 read and execute: 5 read and write: 6 read only: 4 |
| 225 | "state": "A String", # Required. Desired state of the file. |
| 226 | }, |
| 227 | "id": "A String", # Required. The id of the resource with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the OS policy. |
| 228 | "pkg": { # A resource that manages a system package. # Package resource |
| 229 | "apt": { # A package managed by APT. - install: `apt-get update && apt-get -y install [name]` - remove: `apt-get -y remove [name]` # A package managed by Apt. |
| 230 | "name": "A String", # Required. Package name. |
| 231 | }, |
| 232 | "deb": { # A deb package file. dpkg packages only support INSTALLED state. # A deb package file. |
| 233 | "pullDeps": True or False, # Whether dependencies should also be installed. - install when false: `dpkg -i package` - install when true: `apt-get update && apt-get -y install package.deb` |
| 234 | "source": { # A remote or local file. # Required. A deb package. |
| 235 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 236 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 237 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 238 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 239 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 240 | }, |
| 241 | "localPath": "A String", # A local path within the VM to use. |
| 242 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 243 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 244 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 245 | }, |
| 246 | }, |
| 247 | }, |
| 248 | "desiredState": "A String", # Required. The desired state the agent should maintain for this package. |
| 249 | "googet": { # A package managed by GooGet. - install: `googet -noconfirm install package` - remove: `googet -noconfirm remove package` # A package managed by GooGet. |
| 250 | "name": "A String", # Required. Package name. |
| 251 | }, |
| 252 | "msi": { # An MSI package. MSI packages only support INSTALLED state. # An MSI package. |
| 253 | "properties": [ # Additional properties to use during installation. This should be in the format of Property=Setting. Appended to the defaults of `ACTION=INSTALL REBOOT=ReallySuppress`. |
| 254 | "A String", |
| 255 | ], |
| 256 | "source": { # A remote or local file. # Required. The MSI package. |
| 257 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 258 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 259 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 260 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 261 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 262 | }, |
| 263 | "localPath": "A String", # A local path within the VM to use. |
| 264 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 265 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 266 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 267 | }, |
| 268 | }, |
| 269 | }, |
| 270 | "rpm": { # An RPM package file. RPM packages only support INSTALLED state. # An rpm package file. |
| 271 | "pullDeps": True or False, # Whether dependencies should also be installed. - install when false: `rpm --upgrade --replacepkgs package.rpm` - install when true: `yum -y install package.rpm` or `zypper -y install package.rpm` |
| 272 | "source": { # A remote or local file. # Required. An rpm package. |
| 273 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 274 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 275 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 276 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 277 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 278 | }, |
| 279 | "localPath": "A String", # A local path within the VM to use. |
| 280 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 281 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 282 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 283 | }, |
| 284 | }, |
| 285 | }, |
| 286 | "yum": { # A package managed by YUM. - install: `yum -y install package` - remove: `yum -y remove package` # A package managed by YUM. |
| 287 | "name": "A String", # Required. Package name. |
| 288 | }, |
| 289 | "zypper": { # A package managed by Zypper. - install: `zypper -y install package` - remove: `zypper -y rm package` # A package managed by Zypper. |
| 290 | "name": "A String", # Required. Package name. |
| 291 | }, |
| 292 | }, |
| 293 | "repository": { # A resource that manages a package repository. # Package repository resource |
| 294 | "apt": { # Represents a single apt package repository. These will be added to a repo file that will be managed at `/etc/apt/sources.list.d/google_osconfig.list`. # An Apt Repository. |
| 295 | "archiveType": "A String", # Required. Type of archive files in this repository. |
| 296 | "components": [ # Required. List of components for this repository. Must contain at least one item. |
| 297 | "A String", |
| 298 | ], |
| 299 | "distribution": "A String", # Required. Distribution of this repository. |
| 300 | "gpgKey": "A String", # URI of the key file for this repository. The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`. |
| 301 | "uri": "A String", # Required. URI for this repository. |
| 302 | }, |
| 303 | "goo": { # Represents a Goo package repository. These are added to a repo file that is managed at `C:/ProgramData/GooGet/repos/google_osconfig.repo`. # A Goo Repository. |
| 304 | "name": "A String", # Required. The name of the repository. |
| 305 | "url": "A String", # Required. The url of the repository. |
| 306 | }, |
| 307 | "yum": { # Represents a single yum package repository. These are added to a repo file that is managed at `/etc/yum.repos.d/google_osconfig.repo`. # A Yum Repository. |
| 308 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 309 | "displayName": "A String", # The display name of the repository. |
| 310 | "gpgKeys": [ # URIs of GPG keys. |
| 311 | "A String", |
| 312 | ], |
| 313 | "id": "A String", # Required. A one word, unique name for this repository. This is the `repo id` in the yum config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for resource conflicts. |
| 314 | }, |
| 315 | "zypper": { # Represents a single zypper package repository. These are added to a repo file that is managed at `/etc/zypp/repos.d/google_osconfig.repo`. # A Zypper Repository. |
| 316 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 317 | "displayName": "A String", # The display name of the repository. |
| 318 | "gpgKeys": [ # URIs of GPG keys. |
| 319 | "A String", |
| 320 | ], |
| 321 | "id": "A String", # Required. A one word, unique name for this repository. This is the `repo id` in the zypper config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for GuestPolicy conflicts. |
| 322 | }, |
| 323 | }, |
| 324 | }, |
| 325 | ], |
| 326 | }, |
| 327 | ], |
| 328 | }, |
| 329 | ], |
| 330 | "reconciling": True or False, # Output only. Indicates that reconciliation is in progress for the revision. This value is `true` when the `rollout_state` is one of: * IN_PROGRESS * CANCELLING |
| 331 | "revisionCreateTime": "A String", # Output only. The timestamp that the revision was created. |
| 332 | "revisionId": "A String", # Output only. The assignment revision ID A new revision is committed whenever a rollout is triggered for a OS policy assignment |
| 333 | "rollout": { # Message to configure the rollout at the zonal level for the OS policy assignment. # Required. Rollout to deploy the OS policy assignment. A rollout is triggered in the following situations: 1) OSPolicyAssignment is created. 2) OSPolicyAssignment is updated and the update contains changes to one of the following fields: - instance_filter - os_policies 3) OSPolicyAssignment is deleted. |
| 334 | "disruptionBudget": { # Message encapsulating a value that can be either absolute ("fixed") or relative ("percent") to a value. # Required. The maximum number (or percentage) of VMs per zone to disrupt at any given moment. |
| 335 | "fixed": 42, # Specifies a fixed value. |
| 336 | "percent": 42, # Specifies the relative value defined as a percentage, which will be multiplied by a reference value. |
| 337 | }, |
| 338 | "minWaitDuration": "A String", # Required. This determines the minimum duration of time to wait after the configuration changes are applied through the current rollout. A VM continues to count towards the `disruption_budget` at least until this duration of time has passed after configuration changes are applied. |
| 339 | }, |
| 340 | "rolloutState": "A String", # Output only. OS policy assignment rollout state |
| 341 | "uid": "A String", # Output only. Server generated unique id for the OS policy assignment resource. |
| 342 | } |
| 343 | |
| 344 | osPolicyAssignmentId: string, Required. The logical name of the OS policy assignment in the project with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the project. |
| 345 | x__xgafv: string, V1 error format. |
| 346 | Allowed values |
| 347 | 1 - v1 error format |
| 348 | 2 - v2 error format |
| 349 | |
| 350 | Returns: |
| 351 | An object of the form: |
| 352 | |
| 353 | { # This resource represents a long-running operation that is the result of a network API call. |
| 354 | "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. |
| 355 | "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation. |
| 356 | "code": 42, # The status code, which should be an enum value of google.rpc.Code. |
| 357 | "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use. |
| 358 | { |
| 359 | "a_key": "", # Properties of the object. Contains field @type with type URL. |
| 360 | }, |
| 361 | ], |
| 362 | "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. |
| 363 | }, |
| 364 | "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. |
| 365 | "a_key": "", # Properties of the object. Contains field @type with type URL. |
| 366 | }, |
| 367 | "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`. |
| 368 | "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. |
| 369 | "a_key": "", # Properties of the object. Contains field @type with type URL. |
| 370 | }, |
| 371 | }</pre> |
| 372 | </div> |
| 373 | |
| 374 | <div class="method"> |
| 375 | <code class="details" id="delete">delete(name, x__xgafv=None)</code> |
| 376 | <pre>Delete the OS policy assignment. This method creates a new revision of the OS policy assignment. This method returns a long running operation (LRO) that contains the rollout details. The rollout can be cancelled by cancelling the LRO. If the LRO completes and is not cancelled, all revisions associated with the OS policy assignment are deleted. For more information, see [Method: projects.locations.osPolicyAssignments.operations.cancel](https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments.operations/cancel). |
| 377 | |
| 378 | Args: |
| 379 | name: string, Required. The name of the OS policy assignment to be deleted (required) |
| 380 | x__xgafv: string, V1 error format. |
| 381 | Allowed values |
| 382 | 1 - v1 error format |
| 383 | 2 - v2 error format |
| 384 | |
| 385 | Returns: |
| 386 | An object of the form: |
| 387 | |
| 388 | { # This resource represents a long-running operation that is the result of a network API call. |
| 389 | "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. |
| 390 | "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation. |
| 391 | "code": 42, # The status code, which should be an enum value of google.rpc.Code. |
| 392 | "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use. |
| 393 | { |
| 394 | "a_key": "", # Properties of the object. Contains field @type with type URL. |
| 395 | }, |
| 396 | ], |
| 397 | "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. |
| 398 | }, |
| 399 | "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. |
| 400 | "a_key": "", # Properties of the object. Contains field @type with type URL. |
| 401 | }, |
| 402 | "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`. |
| 403 | "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. |
| 404 | "a_key": "", # Properties of the object. Contains field @type with type URL. |
| 405 | }, |
| 406 | }</pre> |
| 407 | </div> |
| 408 | |
| 409 | <div class="method"> |
| 410 | <code class="details" id="get">get(name, x__xgafv=None)</code> |
| 411 | <pre>Retrieve an existing OS policy assignment. This method always returns the latest revision. In order to retrieve a previous revision of the assignment, also provide the revision ID in the `name` parameter. |
| 412 | |
| 413 | Args: |
| 414 | name: string, Required. The resource name of OS policy assignment. Format: `projects/{project}/locations/{location}/osPolicyAssignments/{os_policy_assignment}@{revisionId}` (required) |
| 415 | x__xgafv: string, V1 error format. |
| 416 | Allowed values |
| 417 | 1 - v1 error format |
| 418 | 2 - v2 error format |
| 419 | |
| 420 | Returns: |
| 421 | An object of the form: |
| 422 | |
| 423 | { # OS policy assignment is an API resource that is used to apply a set of OS policies to a dynamically targeted group of Compute Engine VM instances. An OS policy is used to define the desired state configuration for a Compute Engine VM instance through a set of configuration resources that provide capabilities such as installing or removing software packages, or executing a script. For more information, see [OS policy and OS policy assignment](https://cloud.google.com/compute/docs/os-configuration-management/working-with-os-policies). |
| 424 | "baseline": True or False, # Output only. Indicates that this revision has been successfully rolled out in this zone and new VMs will be assigned OS policies from this revision. For a given OS policy assignment, there is only one revision with a value of `true` for this field. |
| 425 | "deleted": True or False, # Output only. Indicates that this revision deletes the OS policy assignment. |
| 426 | "description": "A String", # OS policy assignment description. Length of the description is limited to 1024 characters. |
| 427 | "etag": "A String", # The etag for this OS policy assignment. If this is provided on update, it must match the server's etag. |
| 428 | "instanceFilter": { # Filters to select target VMs for an assignment. If more than one filter criteria is specified below, a VM will be selected if and only if it satisfies all of them. # Required. Filter to select VMs. |
| 429 | "all": True or False, # Target all VMs in the project. If true, no other criteria is permitted. |
| 430 | "exclusionLabels": [ # List of label sets used for VM exclusion. If the list has more than one label set, the VM is excluded if any of the label sets are applicable for the VM. |
| 431 | { # Message representing label set. * A label is a key value pair set for a VM. * A LabelSet is a set of labels. * Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet. * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will only be applicable for those VMs with both labels present. |
| 432 | "labels": { # Labels are identified by key/value pairs in this map. A VM should contain all the key/value pairs specified in this map to be selected. |
| 433 | "a_key": "A String", |
| 434 | }, |
| 435 | }, |
| 436 | ], |
| 437 | "inclusionLabels": [ # List of label sets used for VM inclusion. If the list has more than one `LabelSet`, the VM is included if any of the label sets are applicable for the VM. |
| 438 | { # Message representing label set. * A label is a key value pair set for a VM. * A LabelSet is a set of labels. * Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet. * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will only be applicable for those VMs with both labels present. |
| 439 | "labels": { # Labels are identified by key/value pairs in this map. A VM should contain all the key/value pairs specified in this map to be selected. |
| 440 | "a_key": "A String", |
| 441 | }, |
| 442 | }, |
| 443 | ], |
| 444 | "inventories": [ # List of inventories to select VMs. A VM is selected if its inventory data matches at least one of the following inventories. |
| 445 | { # VM inventory details. |
| 446 | "osShortName": "A String", # Required. The OS short name |
| 447 | "osVersion": "A String", # The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions. |
| 448 | }, |
| 449 | ], |
| 450 | }, |
| 451 | "name": "A String", # Resource name. Format: `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}` This field is ignored when you create an OS policy assignment. |
| 452 | "osPolicies": [ # Required. List of OS policies to be applied to the VMs. |
| 453 | { # An OS policy defines the desired state configuration for a VM. |
| 454 | "allowNoResourceGroupMatch": True or False, # This flag determines the OS policy compliance status when none of the resource groups within the policy are applicable for a VM. Set this value to `true` if the policy needs to be reported as compliant even if the policy has nothing to validate or enforce. |
| 455 | "description": "A String", # Policy description. Length of the description is limited to 1024 characters. |
| 456 | "id": "A String", # Required. The id of the OS policy with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the assignment. |
| 457 | "mode": "A String", # Required. Policy mode |
| 458 | "resourceGroups": [ # Required. List of resource groups for the policy. For a particular VM, resource groups are evaluated in the order specified and the first resource group that is applicable is selected and the rest are ignored. If none of the resource groups are applicable for a VM, the VM is considered to be non-compliant w.r.t this policy. This behavior can be toggled by the flag `allow_no_resource_group_match` |
| 459 | { # Resource groups provide a mechanism to group OS policy resources. Resource groups enable OS policy authors to create a single OS policy to be applied to VMs running different operating Systems. When the OS policy is applied to a target VM, the appropriate resource group within the OS policy is selected based on the `OSFilter` specified within the resource group. |
| 460 | "inventoryFilters": [ # List of inventory filters for the resource group. The resources in this resource group are applied to the target VM if it satisfies at least one of the following inventory filters. For example, to apply this resource group to VMs running either `RHEL` or `CentOS` operating systems, specify 2 items for the list with following values: inventory_filters[0].os_short_name='rhel' and inventory_filters[1].os_short_name='centos' If the list is empty, this resource group will be applied to the target VM unconditionally. |
| 461 | { # Filtering criteria to select VMs based on inventory details. |
| 462 | "osShortName": "A String", # Required. The OS short name |
| 463 | "osVersion": "A String", # The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions. |
| 464 | }, |
| 465 | ], |
| 466 | "resources": [ # Required. List of resources configured for this resource group. The resources are executed in the exact order specified here. |
| 467 | { # An OS policy resource is used to define the desired state configuration and provides a specific functionality like installing/removing packages, executing a script etc. The system ensures that resources are always in their desired state by taking necessary actions if they have drifted from their desired state. |
| 468 | "exec": { # A resource that allows executing scripts on the VM. The `ExecResource` has 2 stages: `validate` and `enforce` and both stages accept a script as an argument to execute. When the `ExecResource` is applied by the agent, it first executes the script in the `validate` stage. The `validate` stage can signal that the `ExecResource` is already in the desired state by returning an exit code of `100`. If the `ExecResource` is not in the desired state, it should return an exit code of `101`. Any other exit code returned by this stage is considered an error. If the `ExecResource` is not in the desired state based on the exit code from the `validate` stage, the agent proceeds to execute the script from the `enforce` stage. If the `ExecResource` is already in the desired state, the `enforce` stage will not be run. Similar to `validate` stage, the `enforce` stage should return an exit code of `100` to indicate that the resource in now in its desired state. Any other exit code is considered an error. NOTE: An exit code of `100` was chosen over `0` (and `101` vs `1`) to have an explicit indicator of `in desired state`, `not in desired state` and errors. Because, for example, Powershell will always return an exit code of `0` unless an `exit` statement is provided in the script. So, for reasons of consistency and being explicit, exit codes `100` and `101` were chosen. # Exec resource |
| 469 | "enforce": { # A file or script to execute. # What to run to bring this resource into the desired state. An exit code of 100 indicates "success", any other exit code indicates a failure running enforce. |
| 470 | "args": [ # Optional arguments to pass to the source during execution. |
| 471 | "A String", |
| 472 | ], |
| 473 | "file": { # A remote or local file. # A remote or local file. |
| 474 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 475 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 476 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 477 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 478 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 479 | }, |
| 480 | "localPath": "A String", # A local path within the VM to use. |
| 481 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 482 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 483 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 484 | }, |
| 485 | }, |
| 486 | "interpreter": "A String", # Required. The script interpreter to use. |
| 487 | "outputFilePath": "A String", # Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. |
| 488 | "script": "A String", # An inline script. The size of the script is limited to 1024 characters. |
| 489 | }, |
| 490 | "validate": { # A file or script to execute. # Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates "in desired state", and exit code of 101 indicates "not in desired state". Any other exit code indicates a failure running validate. |
| 491 | "args": [ # Optional arguments to pass to the source during execution. |
| 492 | "A String", |
| 493 | ], |
| 494 | "file": { # A remote or local file. # A remote or local file. |
| 495 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 496 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 497 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 498 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 499 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 500 | }, |
| 501 | "localPath": "A String", # A local path within the VM to use. |
| 502 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 503 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 504 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 505 | }, |
| 506 | }, |
| 507 | "interpreter": "A String", # Required. The script interpreter to use. |
| 508 | "outputFilePath": "A String", # Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. |
| 509 | "script": "A String", # An inline script. The size of the script is limited to 1024 characters. |
| 510 | }, |
| 511 | }, |
| 512 | "file": { # A resource that manages the state of a file. # File resource |
| 513 | "content": "A String", # A a file with this content. The size of the content is limited to 1024 characters. |
| 514 | "file": { # A remote or local file. # A remote or local source. |
| 515 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 516 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 517 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 518 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 519 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 520 | }, |
| 521 | "localPath": "A String", # A local path within the VM to use. |
| 522 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 523 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 524 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 525 | }, |
| 526 | }, |
| 527 | "path": "A String", # Required. The absolute path of the file within the VM. |
| 528 | "permissions": "A String", # Consists of three octal digits which represent, in order, the permissions of the owner, group, and other users for the file (similarly to the numeric mode used in the linux chmod utility). Each digit represents a three bit number with the 4 bit corresponding to the read permissions, the 2 bit corresponds to the write bit, and the one bit corresponds to the execute permission. Default behavior is 755. Below are some examples of permissions and their associated values: read, write, and execute: 7 read and execute: 5 read and write: 6 read only: 4 |
| 529 | "state": "A String", # Required. Desired state of the file. |
| 530 | }, |
| 531 | "id": "A String", # Required. The id of the resource with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the OS policy. |
| 532 | "pkg": { # A resource that manages a system package. # Package resource |
| 533 | "apt": { # A package managed by APT. - install: `apt-get update && apt-get -y install [name]` - remove: `apt-get -y remove [name]` # A package managed by Apt. |
| 534 | "name": "A String", # Required. Package name. |
| 535 | }, |
| 536 | "deb": { # A deb package file. dpkg packages only support INSTALLED state. # A deb package file. |
| 537 | "pullDeps": True or False, # Whether dependencies should also be installed. - install when false: `dpkg -i package` - install when true: `apt-get update && apt-get -y install package.deb` |
| 538 | "source": { # A remote or local file. # Required. A deb package. |
| 539 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 540 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 541 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 542 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 543 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 544 | }, |
| 545 | "localPath": "A String", # A local path within the VM to use. |
| 546 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 547 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 548 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 549 | }, |
| 550 | }, |
| 551 | }, |
| 552 | "desiredState": "A String", # Required. The desired state the agent should maintain for this package. |
| 553 | "googet": { # A package managed by GooGet. - install: `googet -noconfirm install package` - remove: `googet -noconfirm remove package` # A package managed by GooGet. |
| 554 | "name": "A String", # Required. Package name. |
| 555 | }, |
| 556 | "msi": { # An MSI package. MSI packages only support INSTALLED state. # An MSI package. |
| 557 | "properties": [ # Additional properties to use during installation. This should be in the format of Property=Setting. Appended to the defaults of `ACTION=INSTALL REBOOT=ReallySuppress`. |
| 558 | "A String", |
| 559 | ], |
| 560 | "source": { # A remote or local file. # Required. The MSI package. |
| 561 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 562 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 563 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 564 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 565 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 566 | }, |
| 567 | "localPath": "A String", # A local path within the VM to use. |
| 568 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 569 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 570 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 571 | }, |
| 572 | }, |
| 573 | }, |
| 574 | "rpm": { # An RPM package file. RPM packages only support INSTALLED state. # An rpm package file. |
| 575 | "pullDeps": True or False, # Whether dependencies should also be installed. - install when false: `rpm --upgrade --replacepkgs package.rpm` - install when true: `yum -y install package.rpm` or `zypper -y install package.rpm` |
| 576 | "source": { # A remote or local file. # Required. An rpm package. |
| 577 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 578 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 579 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 580 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 581 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 582 | }, |
| 583 | "localPath": "A String", # A local path within the VM to use. |
| 584 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 585 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 586 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 587 | }, |
| 588 | }, |
| 589 | }, |
| 590 | "yum": { # A package managed by YUM. - install: `yum -y install package` - remove: `yum -y remove package` # A package managed by YUM. |
| 591 | "name": "A String", # Required. Package name. |
| 592 | }, |
| 593 | "zypper": { # A package managed by Zypper. - install: `zypper -y install package` - remove: `zypper -y rm package` # A package managed by Zypper. |
| 594 | "name": "A String", # Required. Package name. |
| 595 | }, |
| 596 | }, |
| 597 | "repository": { # A resource that manages a package repository. # Package repository resource |
| 598 | "apt": { # Represents a single apt package repository. These will be added to a repo file that will be managed at `/etc/apt/sources.list.d/google_osconfig.list`. # An Apt Repository. |
| 599 | "archiveType": "A String", # Required. Type of archive files in this repository. |
| 600 | "components": [ # Required. List of components for this repository. Must contain at least one item. |
| 601 | "A String", |
| 602 | ], |
| 603 | "distribution": "A String", # Required. Distribution of this repository. |
| 604 | "gpgKey": "A String", # URI of the key file for this repository. The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`. |
| 605 | "uri": "A String", # Required. URI for this repository. |
| 606 | }, |
| 607 | "goo": { # Represents a Goo package repository. These are added to a repo file that is managed at `C:/ProgramData/GooGet/repos/google_osconfig.repo`. # A Goo Repository. |
| 608 | "name": "A String", # Required. The name of the repository. |
| 609 | "url": "A String", # Required. The url of the repository. |
| 610 | }, |
| 611 | "yum": { # Represents a single yum package repository. These are added to a repo file that is managed at `/etc/yum.repos.d/google_osconfig.repo`. # A Yum Repository. |
| 612 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 613 | "displayName": "A String", # The display name of the repository. |
| 614 | "gpgKeys": [ # URIs of GPG keys. |
| 615 | "A String", |
| 616 | ], |
| 617 | "id": "A String", # Required. A one word, unique name for this repository. This is the `repo id` in the yum config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for resource conflicts. |
| 618 | }, |
| 619 | "zypper": { # Represents a single zypper package repository. These are added to a repo file that is managed at `/etc/zypp/repos.d/google_osconfig.repo`. # A Zypper Repository. |
| 620 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 621 | "displayName": "A String", # The display name of the repository. |
| 622 | "gpgKeys": [ # URIs of GPG keys. |
| 623 | "A String", |
| 624 | ], |
| 625 | "id": "A String", # Required. A one word, unique name for this repository. This is the `repo id` in the zypper config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for GuestPolicy conflicts. |
| 626 | }, |
| 627 | }, |
| 628 | }, |
| 629 | ], |
| 630 | }, |
| 631 | ], |
| 632 | }, |
| 633 | ], |
| 634 | "reconciling": True or False, # Output only. Indicates that reconciliation is in progress for the revision. This value is `true` when the `rollout_state` is one of: * IN_PROGRESS * CANCELLING |
| 635 | "revisionCreateTime": "A String", # Output only. The timestamp that the revision was created. |
| 636 | "revisionId": "A String", # Output only. The assignment revision ID A new revision is committed whenever a rollout is triggered for a OS policy assignment |
| 637 | "rollout": { # Message to configure the rollout at the zonal level for the OS policy assignment. # Required. Rollout to deploy the OS policy assignment. A rollout is triggered in the following situations: 1) OSPolicyAssignment is created. 2) OSPolicyAssignment is updated and the update contains changes to one of the following fields: - instance_filter - os_policies 3) OSPolicyAssignment is deleted. |
| 638 | "disruptionBudget": { # Message encapsulating a value that can be either absolute ("fixed") or relative ("percent") to a value. # Required. The maximum number (or percentage) of VMs per zone to disrupt at any given moment. |
| 639 | "fixed": 42, # Specifies a fixed value. |
| 640 | "percent": 42, # Specifies the relative value defined as a percentage, which will be multiplied by a reference value. |
| 641 | }, |
| 642 | "minWaitDuration": "A String", # Required. This determines the minimum duration of time to wait after the configuration changes are applied through the current rollout. A VM continues to count towards the `disruption_budget` at least until this duration of time has passed after configuration changes are applied. |
| 643 | }, |
| 644 | "rolloutState": "A String", # Output only. OS policy assignment rollout state |
| 645 | "uid": "A String", # Output only. Server generated unique id for the OS policy assignment resource. |
| 646 | }</pre> |
| 647 | </div> |
| 648 | |
| 649 | <div class="method"> |
| 650 | <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code> |
| 651 | <pre>List the OS policy assignments under the parent resource. For each OS policy assignment, the latest revision is returned. |
| 652 | |
| 653 | Args: |
| 654 | parent: string, Required. The parent resource name. (required) |
| 655 | pageSize: integer, The maximum number of assignments to return. |
| 656 | pageToken: string, A pagination token returned from a previous call to `ListOSPolicyAssignments` that indicates where this listing should continue from. |
| 657 | x__xgafv: string, V1 error format. |
| 658 | Allowed values |
| 659 | 1 - v1 error format |
| 660 | 2 - v2 error format |
| 661 | |
| 662 | Returns: |
| 663 | An object of the form: |
| 664 | |
| 665 | { # A response message for listing all assignments under given parent. |
| 666 | "nextPageToken": "A String", # The pagination token to retrieve the next page of OS policy assignments. |
| 667 | "osPolicyAssignments": [ # The list of assignments |
| 668 | { # OS policy assignment is an API resource that is used to apply a set of OS policies to a dynamically targeted group of Compute Engine VM instances. An OS policy is used to define the desired state configuration for a Compute Engine VM instance through a set of configuration resources that provide capabilities such as installing or removing software packages, or executing a script. For more information, see [OS policy and OS policy assignment](https://cloud.google.com/compute/docs/os-configuration-management/working-with-os-policies). |
| 669 | "baseline": True or False, # Output only. Indicates that this revision has been successfully rolled out in this zone and new VMs will be assigned OS policies from this revision. For a given OS policy assignment, there is only one revision with a value of `true` for this field. |
| 670 | "deleted": True or False, # Output only. Indicates that this revision deletes the OS policy assignment. |
| 671 | "description": "A String", # OS policy assignment description. Length of the description is limited to 1024 characters. |
| 672 | "etag": "A String", # The etag for this OS policy assignment. If this is provided on update, it must match the server's etag. |
| 673 | "instanceFilter": { # Filters to select target VMs for an assignment. If more than one filter criteria is specified below, a VM will be selected if and only if it satisfies all of them. # Required. Filter to select VMs. |
| 674 | "all": True or False, # Target all VMs in the project. If true, no other criteria is permitted. |
| 675 | "exclusionLabels": [ # List of label sets used for VM exclusion. If the list has more than one label set, the VM is excluded if any of the label sets are applicable for the VM. |
| 676 | { # Message representing label set. * A label is a key value pair set for a VM. * A LabelSet is a set of labels. * Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet. * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will only be applicable for those VMs with both labels present. |
| 677 | "labels": { # Labels are identified by key/value pairs in this map. A VM should contain all the key/value pairs specified in this map to be selected. |
| 678 | "a_key": "A String", |
| 679 | }, |
| 680 | }, |
| 681 | ], |
| 682 | "inclusionLabels": [ # List of label sets used for VM inclusion. If the list has more than one `LabelSet`, the VM is included if any of the label sets are applicable for the VM. |
| 683 | { # Message representing label set. * A label is a key value pair set for a VM. * A LabelSet is a set of labels. * Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet. * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will only be applicable for those VMs with both labels present. |
| 684 | "labels": { # Labels are identified by key/value pairs in this map. A VM should contain all the key/value pairs specified in this map to be selected. |
| 685 | "a_key": "A String", |
| 686 | }, |
| 687 | }, |
| 688 | ], |
| 689 | "inventories": [ # List of inventories to select VMs. A VM is selected if its inventory data matches at least one of the following inventories. |
| 690 | { # VM inventory details. |
| 691 | "osShortName": "A String", # Required. The OS short name |
| 692 | "osVersion": "A String", # The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions. |
| 693 | }, |
| 694 | ], |
| 695 | }, |
| 696 | "name": "A String", # Resource name. Format: `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}` This field is ignored when you create an OS policy assignment. |
| 697 | "osPolicies": [ # Required. List of OS policies to be applied to the VMs. |
| 698 | { # An OS policy defines the desired state configuration for a VM. |
| 699 | "allowNoResourceGroupMatch": True or False, # This flag determines the OS policy compliance status when none of the resource groups within the policy are applicable for a VM. Set this value to `true` if the policy needs to be reported as compliant even if the policy has nothing to validate or enforce. |
| 700 | "description": "A String", # Policy description. Length of the description is limited to 1024 characters. |
| 701 | "id": "A String", # Required. The id of the OS policy with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the assignment. |
| 702 | "mode": "A String", # Required. Policy mode |
| 703 | "resourceGroups": [ # Required. List of resource groups for the policy. For a particular VM, resource groups are evaluated in the order specified and the first resource group that is applicable is selected and the rest are ignored. If none of the resource groups are applicable for a VM, the VM is considered to be non-compliant w.r.t this policy. This behavior can be toggled by the flag `allow_no_resource_group_match` |
| 704 | { # Resource groups provide a mechanism to group OS policy resources. Resource groups enable OS policy authors to create a single OS policy to be applied to VMs running different operating Systems. When the OS policy is applied to a target VM, the appropriate resource group within the OS policy is selected based on the `OSFilter` specified within the resource group. |
| 705 | "inventoryFilters": [ # List of inventory filters for the resource group. The resources in this resource group are applied to the target VM if it satisfies at least one of the following inventory filters. For example, to apply this resource group to VMs running either `RHEL` or `CentOS` operating systems, specify 2 items for the list with following values: inventory_filters[0].os_short_name='rhel' and inventory_filters[1].os_short_name='centos' If the list is empty, this resource group will be applied to the target VM unconditionally. |
| 706 | { # Filtering criteria to select VMs based on inventory details. |
| 707 | "osShortName": "A String", # Required. The OS short name |
| 708 | "osVersion": "A String", # The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions. |
| 709 | }, |
| 710 | ], |
| 711 | "resources": [ # Required. List of resources configured for this resource group. The resources are executed in the exact order specified here. |
| 712 | { # An OS policy resource is used to define the desired state configuration and provides a specific functionality like installing/removing packages, executing a script etc. The system ensures that resources are always in their desired state by taking necessary actions if they have drifted from their desired state. |
| 713 | "exec": { # A resource that allows executing scripts on the VM. The `ExecResource` has 2 stages: `validate` and `enforce` and both stages accept a script as an argument to execute. When the `ExecResource` is applied by the agent, it first executes the script in the `validate` stage. The `validate` stage can signal that the `ExecResource` is already in the desired state by returning an exit code of `100`. If the `ExecResource` is not in the desired state, it should return an exit code of `101`. Any other exit code returned by this stage is considered an error. If the `ExecResource` is not in the desired state based on the exit code from the `validate` stage, the agent proceeds to execute the script from the `enforce` stage. If the `ExecResource` is already in the desired state, the `enforce` stage will not be run. Similar to `validate` stage, the `enforce` stage should return an exit code of `100` to indicate that the resource in now in its desired state. Any other exit code is considered an error. NOTE: An exit code of `100` was chosen over `0` (and `101` vs `1`) to have an explicit indicator of `in desired state`, `not in desired state` and errors. Because, for example, Powershell will always return an exit code of `0` unless an `exit` statement is provided in the script. So, for reasons of consistency and being explicit, exit codes `100` and `101` were chosen. # Exec resource |
| 714 | "enforce": { # A file or script to execute. # What to run to bring this resource into the desired state. An exit code of 100 indicates "success", any other exit code indicates a failure running enforce. |
| 715 | "args": [ # Optional arguments to pass to the source during execution. |
| 716 | "A String", |
| 717 | ], |
| 718 | "file": { # A remote or local file. # A remote or local file. |
| 719 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 720 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 721 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 722 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 723 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 724 | }, |
| 725 | "localPath": "A String", # A local path within the VM to use. |
| 726 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 727 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 728 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 729 | }, |
| 730 | }, |
| 731 | "interpreter": "A String", # Required. The script interpreter to use. |
| 732 | "outputFilePath": "A String", # Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. |
| 733 | "script": "A String", # An inline script. The size of the script is limited to 1024 characters. |
| 734 | }, |
| 735 | "validate": { # A file or script to execute. # Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates "in desired state", and exit code of 101 indicates "not in desired state". Any other exit code indicates a failure running validate. |
| 736 | "args": [ # Optional arguments to pass to the source during execution. |
| 737 | "A String", |
| 738 | ], |
| 739 | "file": { # A remote or local file. # A remote or local file. |
| 740 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 741 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 742 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 743 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 744 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 745 | }, |
| 746 | "localPath": "A String", # A local path within the VM to use. |
| 747 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 748 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 749 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 750 | }, |
| 751 | }, |
| 752 | "interpreter": "A String", # Required. The script interpreter to use. |
| 753 | "outputFilePath": "A String", # Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. |
| 754 | "script": "A String", # An inline script. The size of the script is limited to 1024 characters. |
| 755 | }, |
| 756 | }, |
| 757 | "file": { # A resource that manages the state of a file. # File resource |
| 758 | "content": "A String", # A a file with this content. The size of the content is limited to 1024 characters. |
| 759 | "file": { # A remote or local file. # A remote or local source. |
| 760 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 761 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 762 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 763 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 764 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 765 | }, |
| 766 | "localPath": "A String", # A local path within the VM to use. |
| 767 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 768 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 769 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 770 | }, |
| 771 | }, |
| 772 | "path": "A String", # Required. The absolute path of the file within the VM. |
| 773 | "permissions": "A String", # Consists of three octal digits which represent, in order, the permissions of the owner, group, and other users for the file (similarly to the numeric mode used in the linux chmod utility). Each digit represents a three bit number with the 4 bit corresponding to the read permissions, the 2 bit corresponds to the write bit, and the one bit corresponds to the execute permission. Default behavior is 755. Below are some examples of permissions and their associated values: read, write, and execute: 7 read and execute: 5 read and write: 6 read only: 4 |
| 774 | "state": "A String", # Required. Desired state of the file. |
| 775 | }, |
| 776 | "id": "A String", # Required. The id of the resource with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the OS policy. |
| 777 | "pkg": { # A resource that manages a system package. # Package resource |
| 778 | "apt": { # A package managed by APT. - install: `apt-get update && apt-get -y install [name]` - remove: `apt-get -y remove [name]` # A package managed by Apt. |
| 779 | "name": "A String", # Required. Package name. |
| 780 | }, |
| 781 | "deb": { # A deb package file. dpkg packages only support INSTALLED state. # A deb package file. |
| 782 | "pullDeps": True or False, # Whether dependencies should also be installed. - install when false: `dpkg -i package` - install when true: `apt-get update && apt-get -y install package.deb` |
| 783 | "source": { # A remote or local file. # Required. A deb package. |
| 784 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 785 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 786 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 787 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 788 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 789 | }, |
| 790 | "localPath": "A String", # A local path within the VM to use. |
| 791 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 792 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 793 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 794 | }, |
| 795 | }, |
| 796 | }, |
| 797 | "desiredState": "A String", # Required. The desired state the agent should maintain for this package. |
| 798 | "googet": { # A package managed by GooGet. - install: `googet -noconfirm install package` - remove: `googet -noconfirm remove package` # A package managed by GooGet. |
| 799 | "name": "A String", # Required. Package name. |
| 800 | }, |
| 801 | "msi": { # An MSI package. MSI packages only support INSTALLED state. # An MSI package. |
| 802 | "properties": [ # Additional properties to use during installation. This should be in the format of Property=Setting. Appended to the defaults of `ACTION=INSTALL REBOOT=ReallySuppress`. |
| 803 | "A String", |
| 804 | ], |
| 805 | "source": { # A remote or local file. # Required. The MSI package. |
| 806 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 807 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 808 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 809 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 810 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 811 | }, |
| 812 | "localPath": "A String", # A local path within the VM to use. |
| 813 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 814 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 815 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 816 | }, |
| 817 | }, |
| 818 | }, |
| 819 | "rpm": { # An RPM package file. RPM packages only support INSTALLED state. # An rpm package file. |
| 820 | "pullDeps": True or False, # Whether dependencies should also be installed. - install when false: `rpm --upgrade --replacepkgs package.rpm` - install when true: `yum -y install package.rpm` or `zypper -y install package.rpm` |
| 821 | "source": { # A remote or local file. # Required. An rpm package. |
| 822 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 823 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 824 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 825 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 826 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 827 | }, |
| 828 | "localPath": "A String", # A local path within the VM to use. |
| 829 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 830 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 831 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 832 | }, |
| 833 | }, |
| 834 | }, |
| 835 | "yum": { # A package managed by YUM. - install: `yum -y install package` - remove: `yum -y remove package` # A package managed by YUM. |
| 836 | "name": "A String", # Required. Package name. |
| 837 | }, |
| 838 | "zypper": { # A package managed by Zypper. - install: `zypper -y install package` - remove: `zypper -y rm package` # A package managed by Zypper. |
| 839 | "name": "A String", # Required. Package name. |
| 840 | }, |
| 841 | }, |
| 842 | "repository": { # A resource that manages a package repository. # Package repository resource |
| 843 | "apt": { # Represents a single apt package repository. These will be added to a repo file that will be managed at `/etc/apt/sources.list.d/google_osconfig.list`. # An Apt Repository. |
| 844 | "archiveType": "A String", # Required. Type of archive files in this repository. |
| 845 | "components": [ # Required. List of components for this repository. Must contain at least one item. |
| 846 | "A String", |
| 847 | ], |
| 848 | "distribution": "A String", # Required. Distribution of this repository. |
| 849 | "gpgKey": "A String", # URI of the key file for this repository. The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`. |
| 850 | "uri": "A String", # Required. URI for this repository. |
| 851 | }, |
| 852 | "goo": { # Represents a Goo package repository. These are added to a repo file that is managed at `C:/ProgramData/GooGet/repos/google_osconfig.repo`. # A Goo Repository. |
| 853 | "name": "A String", # Required. The name of the repository. |
| 854 | "url": "A String", # Required. The url of the repository. |
| 855 | }, |
| 856 | "yum": { # Represents a single yum package repository. These are added to a repo file that is managed at `/etc/yum.repos.d/google_osconfig.repo`. # A Yum Repository. |
| 857 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 858 | "displayName": "A String", # The display name of the repository. |
| 859 | "gpgKeys": [ # URIs of GPG keys. |
| 860 | "A String", |
| 861 | ], |
| 862 | "id": "A String", # Required. A one word, unique name for this repository. This is the `repo id` in the yum config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for resource conflicts. |
| 863 | }, |
| 864 | "zypper": { # Represents a single zypper package repository. These are added to a repo file that is managed at `/etc/zypp/repos.d/google_osconfig.repo`. # A Zypper Repository. |
| 865 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 866 | "displayName": "A String", # The display name of the repository. |
| 867 | "gpgKeys": [ # URIs of GPG keys. |
| 868 | "A String", |
| 869 | ], |
| 870 | "id": "A String", # Required. A one word, unique name for this repository. This is the `repo id` in the zypper config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for GuestPolicy conflicts. |
| 871 | }, |
| 872 | }, |
| 873 | }, |
| 874 | ], |
| 875 | }, |
| 876 | ], |
| 877 | }, |
| 878 | ], |
| 879 | "reconciling": True or False, # Output only. Indicates that reconciliation is in progress for the revision. This value is `true` when the `rollout_state` is one of: * IN_PROGRESS * CANCELLING |
| 880 | "revisionCreateTime": "A String", # Output only. The timestamp that the revision was created. |
| 881 | "revisionId": "A String", # Output only. The assignment revision ID A new revision is committed whenever a rollout is triggered for a OS policy assignment |
| 882 | "rollout": { # Message to configure the rollout at the zonal level for the OS policy assignment. # Required. Rollout to deploy the OS policy assignment. A rollout is triggered in the following situations: 1) OSPolicyAssignment is created. 2) OSPolicyAssignment is updated and the update contains changes to one of the following fields: - instance_filter - os_policies 3) OSPolicyAssignment is deleted. |
| 883 | "disruptionBudget": { # Message encapsulating a value that can be either absolute ("fixed") or relative ("percent") to a value. # Required. The maximum number (or percentage) of VMs per zone to disrupt at any given moment. |
| 884 | "fixed": 42, # Specifies a fixed value. |
| 885 | "percent": 42, # Specifies the relative value defined as a percentage, which will be multiplied by a reference value. |
| 886 | }, |
| 887 | "minWaitDuration": "A String", # Required. This determines the minimum duration of time to wait after the configuration changes are applied through the current rollout. A VM continues to count towards the `disruption_budget` at least until this duration of time has passed after configuration changes are applied. |
| 888 | }, |
| 889 | "rolloutState": "A String", # Output only. OS policy assignment rollout state |
| 890 | "uid": "A String", # Output only. Server generated unique id for the OS policy assignment resource. |
| 891 | }, |
| 892 | ], |
| 893 | }</pre> |
| 894 | </div> |
| 895 | |
| 896 | <div class="method"> |
| 897 | <code class="details" id="listRevisions">listRevisions(name, pageSize=None, pageToken=None, x__xgafv=None)</code> |
| 898 | <pre>List the OS policy assignment revisions for a given OS policy assignment. |
| 899 | |
| 900 | Args: |
| 901 | name: string, Required. The name of the OS policy assignment to list revisions for. (required) |
| 902 | pageSize: integer, The maximum number of revisions to return. |
| 903 | pageToken: string, A pagination token returned from a previous call to `ListOSPolicyAssignmentRevisions` that indicates where this listing should continue from. |
| 904 | x__xgafv: string, V1 error format. |
| 905 | Allowed values |
| 906 | 1 - v1 error format |
| 907 | 2 - v2 error format |
| 908 | |
| 909 | Returns: |
| 910 | An object of the form: |
| 911 | |
| 912 | { # A response message for listing all revisions for a OS policy assignment. |
| 913 | "nextPageToken": "A String", # The pagination token to retrieve the next page of OS policy assignment revisions. |
| 914 | "osPolicyAssignments": [ # The OS policy assignment revisions |
| 915 | { # OS policy assignment is an API resource that is used to apply a set of OS policies to a dynamically targeted group of Compute Engine VM instances. An OS policy is used to define the desired state configuration for a Compute Engine VM instance through a set of configuration resources that provide capabilities such as installing or removing software packages, or executing a script. For more information, see [OS policy and OS policy assignment](https://cloud.google.com/compute/docs/os-configuration-management/working-with-os-policies). |
| 916 | "baseline": True or False, # Output only. Indicates that this revision has been successfully rolled out in this zone and new VMs will be assigned OS policies from this revision. For a given OS policy assignment, there is only one revision with a value of `true` for this field. |
| 917 | "deleted": True or False, # Output only. Indicates that this revision deletes the OS policy assignment. |
| 918 | "description": "A String", # OS policy assignment description. Length of the description is limited to 1024 characters. |
| 919 | "etag": "A String", # The etag for this OS policy assignment. If this is provided on update, it must match the server's etag. |
| 920 | "instanceFilter": { # Filters to select target VMs for an assignment. If more than one filter criteria is specified below, a VM will be selected if and only if it satisfies all of them. # Required. Filter to select VMs. |
| 921 | "all": True or False, # Target all VMs in the project. If true, no other criteria is permitted. |
| 922 | "exclusionLabels": [ # List of label sets used for VM exclusion. If the list has more than one label set, the VM is excluded if any of the label sets are applicable for the VM. |
| 923 | { # Message representing label set. * A label is a key value pair set for a VM. * A LabelSet is a set of labels. * Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet. * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will only be applicable for those VMs with both labels present. |
| 924 | "labels": { # Labels are identified by key/value pairs in this map. A VM should contain all the key/value pairs specified in this map to be selected. |
| 925 | "a_key": "A String", |
| 926 | }, |
| 927 | }, |
| 928 | ], |
| 929 | "inclusionLabels": [ # List of label sets used for VM inclusion. If the list has more than one `LabelSet`, the VM is included if any of the label sets are applicable for the VM. |
| 930 | { # Message representing label set. * A label is a key value pair set for a VM. * A LabelSet is a set of labels. * Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet. * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will only be applicable for those VMs with both labels present. |
| 931 | "labels": { # Labels are identified by key/value pairs in this map. A VM should contain all the key/value pairs specified in this map to be selected. |
| 932 | "a_key": "A String", |
| 933 | }, |
| 934 | }, |
| 935 | ], |
| 936 | "inventories": [ # List of inventories to select VMs. A VM is selected if its inventory data matches at least one of the following inventories. |
| 937 | { # VM inventory details. |
| 938 | "osShortName": "A String", # Required. The OS short name |
| 939 | "osVersion": "A String", # The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions. |
| 940 | }, |
| 941 | ], |
| 942 | }, |
| 943 | "name": "A String", # Resource name. Format: `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}` This field is ignored when you create an OS policy assignment. |
| 944 | "osPolicies": [ # Required. List of OS policies to be applied to the VMs. |
| 945 | { # An OS policy defines the desired state configuration for a VM. |
| 946 | "allowNoResourceGroupMatch": True or False, # This flag determines the OS policy compliance status when none of the resource groups within the policy are applicable for a VM. Set this value to `true` if the policy needs to be reported as compliant even if the policy has nothing to validate or enforce. |
| 947 | "description": "A String", # Policy description. Length of the description is limited to 1024 characters. |
| 948 | "id": "A String", # Required. The id of the OS policy with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the assignment. |
| 949 | "mode": "A String", # Required. Policy mode |
| 950 | "resourceGroups": [ # Required. List of resource groups for the policy. For a particular VM, resource groups are evaluated in the order specified and the first resource group that is applicable is selected and the rest are ignored. If none of the resource groups are applicable for a VM, the VM is considered to be non-compliant w.r.t this policy. This behavior can be toggled by the flag `allow_no_resource_group_match` |
| 951 | { # Resource groups provide a mechanism to group OS policy resources. Resource groups enable OS policy authors to create a single OS policy to be applied to VMs running different operating Systems. When the OS policy is applied to a target VM, the appropriate resource group within the OS policy is selected based on the `OSFilter` specified within the resource group. |
| 952 | "inventoryFilters": [ # List of inventory filters for the resource group. The resources in this resource group are applied to the target VM if it satisfies at least one of the following inventory filters. For example, to apply this resource group to VMs running either `RHEL` or `CentOS` operating systems, specify 2 items for the list with following values: inventory_filters[0].os_short_name='rhel' and inventory_filters[1].os_short_name='centos' If the list is empty, this resource group will be applied to the target VM unconditionally. |
| 953 | { # Filtering criteria to select VMs based on inventory details. |
| 954 | "osShortName": "A String", # Required. The OS short name |
| 955 | "osVersion": "A String", # The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions. |
| 956 | }, |
| 957 | ], |
| 958 | "resources": [ # Required. List of resources configured for this resource group. The resources are executed in the exact order specified here. |
| 959 | { # An OS policy resource is used to define the desired state configuration and provides a specific functionality like installing/removing packages, executing a script etc. The system ensures that resources are always in their desired state by taking necessary actions if they have drifted from their desired state. |
| 960 | "exec": { # A resource that allows executing scripts on the VM. The `ExecResource` has 2 stages: `validate` and `enforce` and both stages accept a script as an argument to execute. When the `ExecResource` is applied by the agent, it first executes the script in the `validate` stage. The `validate` stage can signal that the `ExecResource` is already in the desired state by returning an exit code of `100`. If the `ExecResource` is not in the desired state, it should return an exit code of `101`. Any other exit code returned by this stage is considered an error. If the `ExecResource` is not in the desired state based on the exit code from the `validate` stage, the agent proceeds to execute the script from the `enforce` stage. If the `ExecResource` is already in the desired state, the `enforce` stage will not be run. Similar to `validate` stage, the `enforce` stage should return an exit code of `100` to indicate that the resource in now in its desired state. Any other exit code is considered an error. NOTE: An exit code of `100` was chosen over `0` (and `101` vs `1`) to have an explicit indicator of `in desired state`, `not in desired state` and errors. Because, for example, Powershell will always return an exit code of `0` unless an `exit` statement is provided in the script. So, for reasons of consistency and being explicit, exit codes `100` and `101` were chosen. # Exec resource |
| 961 | "enforce": { # A file or script to execute. # What to run to bring this resource into the desired state. An exit code of 100 indicates "success", any other exit code indicates a failure running enforce. |
| 962 | "args": [ # Optional arguments to pass to the source during execution. |
| 963 | "A String", |
| 964 | ], |
| 965 | "file": { # A remote or local file. # A remote or local file. |
| 966 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 967 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 968 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 969 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 970 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 971 | }, |
| 972 | "localPath": "A String", # A local path within the VM to use. |
| 973 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 974 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 975 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 976 | }, |
| 977 | }, |
| 978 | "interpreter": "A String", # Required. The script interpreter to use. |
| 979 | "outputFilePath": "A String", # Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. |
| 980 | "script": "A String", # An inline script. The size of the script is limited to 1024 characters. |
| 981 | }, |
| 982 | "validate": { # A file or script to execute. # Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates "in desired state", and exit code of 101 indicates "not in desired state". Any other exit code indicates a failure running validate. |
| 983 | "args": [ # Optional arguments to pass to the source during execution. |
| 984 | "A String", |
| 985 | ], |
| 986 | "file": { # A remote or local file. # A remote or local file. |
| 987 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 988 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 989 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 990 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 991 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 992 | }, |
| 993 | "localPath": "A String", # A local path within the VM to use. |
| 994 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 995 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 996 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 997 | }, |
| 998 | }, |
| 999 | "interpreter": "A String", # Required. The script interpreter to use. |
| 1000 | "outputFilePath": "A String", # Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. |
| 1001 | "script": "A String", # An inline script. The size of the script is limited to 1024 characters. |
| 1002 | }, |
| 1003 | }, |
| 1004 | "file": { # A resource that manages the state of a file. # File resource |
| 1005 | "content": "A String", # A a file with this content. The size of the content is limited to 1024 characters. |
| 1006 | "file": { # A remote or local file. # A remote or local source. |
| 1007 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 1008 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 1009 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 1010 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 1011 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 1012 | }, |
| 1013 | "localPath": "A String", # A local path within the VM to use. |
| 1014 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 1015 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 1016 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 1017 | }, |
| 1018 | }, |
| 1019 | "path": "A String", # Required. The absolute path of the file within the VM. |
| 1020 | "permissions": "A String", # Consists of three octal digits which represent, in order, the permissions of the owner, group, and other users for the file (similarly to the numeric mode used in the linux chmod utility). Each digit represents a three bit number with the 4 bit corresponding to the read permissions, the 2 bit corresponds to the write bit, and the one bit corresponds to the execute permission. Default behavior is 755. Below are some examples of permissions and their associated values: read, write, and execute: 7 read and execute: 5 read and write: 6 read only: 4 |
| 1021 | "state": "A String", # Required. Desired state of the file. |
| 1022 | }, |
| 1023 | "id": "A String", # Required. The id of the resource with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the OS policy. |
| 1024 | "pkg": { # A resource that manages a system package. # Package resource |
| 1025 | "apt": { # A package managed by APT. - install: `apt-get update && apt-get -y install [name]` - remove: `apt-get -y remove [name]` # A package managed by Apt. |
| 1026 | "name": "A String", # Required. Package name. |
| 1027 | }, |
| 1028 | "deb": { # A deb package file. dpkg packages only support INSTALLED state. # A deb package file. |
| 1029 | "pullDeps": True or False, # Whether dependencies should also be installed. - install when false: `dpkg -i package` - install when true: `apt-get update && apt-get -y install package.deb` |
| 1030 | "source": { # A remote or local file. # Required. A deb package. |
| 1031 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 1032 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 1033 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 1034 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 1035 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 1036 | }, |
| 1037 | "localPath": "A String", # A local path within the VM to use. |
| 1038 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 1039 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 1040 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 1041 | }, |
| 1042 | }, |
| 1043 | }, |
| 1044 | "desiredState": "A String", # Required. The desired state the agent should maintain for this package. |
| 1045 | "googet": { # A package managed by GooGet. - install: `googet -noconfirm install package` - remove: `googet -noconfirm remove package` # A package managed by GooGet. |
| 1046 | "name": "A String", # Required. Package name. |
| 1047 | }, |
| 1048 | "msi": { # An MSI package. MSI packages only support INSTALLED state. # An MSI package. |
| 1049 | "properties": [ # Additional properties to use during installation. This should be in the format of Property=Setting. Appended to the defaults of `ACTION=INSTALL REBOOT=ReallySuppress`. |
| 1050 | "A String", |
| 1051 | ], |
| 1052 | "source": { # A remote or local file. # Required. The MSI package. |
| 1053 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 1054 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 1055 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 1056 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 1057 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 1058 | }, |
| 1059 | "localPath": "A String", # A local path within the VM to use. |
| 1060 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 1061 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 1062 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 1063 | }, |
| 1064 | }, |
| 1065 | }, |
| 1066 | "rpm": { # An RPM package file. RPM packages only support INSTALLED state. # An rpm package file. |
| 1067 | "pullDeps": True or False, # Whether dependencies should also be installed. - install when false: `rpm --upgrade --replacepkgs package.rpm` - install when true: `yum -y install package.rpm` or `zypper -y install package.rpm` |
| 1068 | "source": { # A remote or local file. # Required. An rpm package. |
| 1069 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 1070 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 1071 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 1072 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 1073 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 1074 | }, |
| 1075 | "localPath": "A String", # A local path within the VM to use. |
| 1076 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 1077 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 1078 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 1079 | }, |
| 1080 | }, |
| 1081 | }, |
| 1082 | "yum": { # A package managed by YUM. - install: `yum -y install package` - remove: `yum -y remove package` # A package managed by YUM. |
| 1083 | "name": "A String", # Required. Package name. |
| 1084 | }, |
| 1085 | "zypper": { # A package managed by Zypper. - install: `zypper -y install package` - remove: `zypper -y rm package` # A package managed by Zypper. |
| 1086 | "name": "A String", # Required. Package name. |
| 1087 | }, |
| 1088 | }, |
| 1089 | "repository": { # A resource that manages a package repository. # Package repository resource |
| 1090 | "apt": { # Represents a single apt package repository. These will be added to a repo file that will be managed at `/etc/apt/sources.list.d/google_osconfig.list`. # An Apt Repository. |
| 1091 | "archiveType": "A String", # Required. Type of archive files in this repository. |
| 1092 | "components": [ # Required. List of components for this repository. Must contain at least one item. |
| 1093 | "A String", |
| 1094 | ], |
| 1095 | "distribution": "A String", # Required. Distribution of this repository. |
| 1096 | "gpgKey": "A String", # URI of the key file for this repository. The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`. |
| 1097 | "uri": "A String", # Required. URI for this repository. |
| 1098 | }, |
| 1099 | "goo": { # Represents a Goo package repository. These are added to a repo file that is managed at `C:/ProgramData/GooGet/repos/google_osconfig.repo`. # A Goo Repository. |
| 1100 | "name": "A String", # Required. The name of the repository. |
| 1101 | "url": "A String", # Required. The url of the repository. |
| 1102 | }, |
| 1103 | "yum": { # Represents a single yum package repository. These are added to a repo file that is managed at `/etc/yum.repos.d/google_osconfig.repo`. # A Yum Repository. |
| 1104 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 1105 | "displayName": "A String", # The display name of the repository. |
| 1106 | "gpgKeys": [ # URIs of GPG keys. |
| 1107 | "A String", |
| 1108 | ], |
| 1109 | "id": "A String", # Required. A one word, unique name for this repository. This is the `repo id` in the yum config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for resource conflicts. |
| 1110 | }, |
| 1111 | "zypper": { # Represents a single zypper package repository. These are added to a repo file that is managed at `/etc/zypp/repos.d/google_osconfig.repo`. # A Zypper Repository. |
| 1112 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 1113 | "displayName": "A String", # The display name of the repository. |
| 1114 | "gpgKeys": [ # URIs of GPG keys. |
| 1115 | "A String", |
| 1116 | ], |
| 1117 | "id": "A String", # Required. A one word, unique name for this repository. This is the `repo id` in the zypper config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for GuestPolicy conflicts. |
| 1118 | }, |
| 1119 | }, |
| 1120 | }, |
| 1121 | ], |
| 1122 | }, |
| 1123 | ], |
| 1124 | }, |
| 1125 | ], |
| 1126 | "reconciling": True or False, # Output only. Indicates that reconciliation is in progress for the revision. This value is `true` when the `rollout_state` is one of: * IN_PROGRESS * CANCELLING |
| 1127 | "revisionCreateTime": "A String", # Output only. The timestamp that the revision was created. |
| 1128 | "revisionId": "A String", # Output only. The assignment revision ID A new revision is committed whenever a rollout is triggered for a OS policy assignment |
| 1129 | "rollout": { # Message to configure the rollout at the zonal level for the OS policy assignment. # Required. Rollout to deploy the OS policy assignment. A rollout is triggered in the following situations: 1) OSPolicyAssignment is created. 2) OSPolicyAssignment is updated and the update contains changes to one of the following fields: - instance_filter - os_policies 3) OSPolicyAssignment is deleted. |
| 1130 | "disruptionBudget": { # Message encapsulating a value that can be either absolute ("fixed") or relative ("percent") to a value. # Required. The maximum number (or percentage) of VMs per zone to disrupt at any given moment. |
| 1131 | "fixed": 42, # Specifies a fixed value. |
| 1132 | "percent": 42, # Specifies the relative value defined as a percentage, which will be multiplied by a reference value. |
| 1133 | }, |
| 1134 | "minWaitDuration": "A String", # Required. This determines the minimum duration of time to wait after the configuration changes are applied through the current rollout. A VM continues to count towards the `disruption_budget` at least until this duration of time has passed after configuration changes are applied. |
| 1135 | }, |
| 1136 | "rolloutState": "A String", # Output only. OS policy assignment rollout state |
| 1137 | "uid": "A String", # Output only. Server generated unique id for the OS policy assignment resource. |
| 1138 | }, |
| 1139 | ], |
| 1140 | }</pre> |
| 1141 | </div> |
| 1142 | |
| 1143 | <div class="method"> |
| 1144 | <code class="details" id="listRevisions_next">listRevisions_next(previous_request, previous_response)</code> |
| 1145 | <pre>Retrieves the next page of results. |
| 1146 | |
| 1147 | Args: |
| 1148 | previous_request: The request for the previous page. (required) |
| 1149 | previous_response: The response from the request for the previous page. (required) |
| 1150 | |
| 1151 | Returns: |
| 1152 | A request object that you can call 'execute()' on to request the next |
| 1153 | page. Returns None if there are no more items in the collection. |
| 1154 | </pre> |
| 1155 | </div> |
| 1156 | |
| 1157 | <div class="method"> |
| 1158 | <code class="details" id="list_next">list_next(previous_request, previous_response)</code> |
| 1159 | <pre>Retrieves the next page of results. |
| 1160 | |
| 1161 | Args: |
| 1162 | previous_request: The request for the previous page. (required) |
| 1163 | previous_response: The response from the request for the previous page. (required) |
| 1164 | |
| 1165 | Returns: |
| 1166 | A request object that you can call 'execute()' on to request the next |
| 1167 | page. Returns None if there are no more items in the collection. |
| 1168 | </pre> |
| 1169 | </div> |
| 1170 | |
| 1171 | <div class="method"> |
| 1172 | <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code> |
| 1173 | <pre>Update an existing OS policy assignment. This method creates a new revision of the OS policy assignment. This method returns a long running operation (LRO) that contains the rollout details. The rollout can be cancelled by cancelling the LRO. For more information, see [Method: projects.locations.osPolicyAssignments.operations.cancel](https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments.operations/cancel). |
| 1174 | |
| 1175 | Args: |
| 1176 | name: string, Resource name. Format: `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}` This field is ignored when you create an OS policy assignment. (required) |
| 1177 | body: object, The request body. |
| 1178 | The object takes the form of: |
| 1179 | |
| 1180 | { # OS policy assignment is an API resource that is used to apply a set of OS policies to a dynamically targeted group of Compute Engine VM instances. An OS policy is used to define the desired state configuration for a Compute Engine VM instance through a set of configuration resources that provide capabilities such as installing or removing software packages, or executing a script. For more information, see [OS policy and OS policy assignment](https://cloud.google.com/compute/docs/os-configuration-management/working-with-os-policies). |
| 1181 | "baseline": True or False, # Output only. Indicates that this revision has been successfully rolled out in this zone and new VMs will be assigned OS policies from this revision. For a given OS policy assignment, there is only one revision with a value of `true` for this field. |
| 1182 | "deleted": True or False, # Output only. Indicates that this revision deletes the OS policy assignment. |
| 1183 | "description": "A String", # OS policy assignment description. Length of the description is limited to 1024 characters. |
| 1184 | "etag": "A String", # The etag for this OS policy assignment. If this is provided on update, it must match the server's etag. |
| 1185 | "instanceFilter": { # Filters to select target VMs for an assignment. If more than one filter criteria is specified below, a VM will be selected if and only if it satisfies all of them. # Required. Filter to select VMs. |
| 1186 | "all": True or False, # Target all VMs in the project. If true, no other criteria is permitted. |
| 1187 | "exclusionLabels": [ # List of label sets used for VM exclusion. If the list has more than one label set, the VM is excluded if any of the label sets are applicable for the VM. |
| 1188 | { # Message representing label set. * A label is a key value pair set for a VM. * A LabelSet is a set of labels. * Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet. * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will only be applicable for those VMs with both labels present. |
| 1189 | "labels": { # Labels are identified by key/value pairs in this map. A VM should contain all the key/value pairs specified in this map to be selected. |
| 1190 | "a_key": "A String", |
| 1191 | }, |
| 1192 | }, |
| 1193 | ], |
| 1194 | "inclusionLabels": [ # List of label sets used for VM inclusion. If the list has more than one `LabelSet`, the VM is included if any of the label sets are applicable for the VM. |
| 1195 | { # Message representing label set. * A label is a key value pair set for a VM. * A LabelSet is a set of labels. * Labels within a LabelSet are ANDed. In other words, a LabelSet is applicable for a VM only if it matches all the labels in the LabelSet. * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will only be applicable for those VMs with both labels present. |
| 1196 | "labels": { # Labels are identified by key/value pairs in this map. A VM should contain all the key/value pairs specified in this map to be selected. |
| 1197 | "a_key": "A String", |
| 1198 | }, |
| 1199 | }, |
| 1200 | ], |
| 1201 | "inventories": [ # List of inventories to select VMs. A VM is selected if its inventory data matches at least one of the following inventories. |
| 1202 | { # VM inventory details. |
| 1203 | "osShortName": "A String", # Required. The OS short name |
| 1204 | "osVersion": "A String", # The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions. |
| 1205 | }, |
| 1206 | ], |
| 1207 | }, |
| 1208 | "name": "A String", # Resource name. Format: `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}` This field is ignored when you create an OS policy assignment. |
| 1209 | "osPolicies": [ # Required. List of OS policies to be applied to the VMs. |
| 1210 | { # An OS policy defines the desired state configuration for a VM. |
| 1211 | "allowNoResourceGroupMatch": True or False, # This flag determines the OS policy compliance status when none of the resource groups within the policy are applicable for a VM. Set this value to `true` if the policy needs to be reported as compliant even if the policy has nothing to validate or enforce. |
| 1212 | "description": "A String", # Policy description. Length of the description is limited to 1024 characters. |
| 1213 | "id": "A String", # Required. The id of the OS policy with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the assignment. |
| 1214 | "mode": "A String", # Required. Policy mode |
| 1215 | "resourceGroups": [ # Required. List of resource groups for the policy. For a particular VM, resource groups are evaluated in the order specified and the first resource group that is applicable is selected and the rest are ignored. If none of the resource groups are applicable for a VM, the VM is considered to be non-compliant w.r.t this policy. This behavior can be toggled by the flag `allow_no_resource_group_match` |
| 1216 | { # Resource groups provide a mechanism to group OS policy resources. Resource groups enable OS policy authors to create a single OS policy to be applied to VMs running different operating Systems. When the OS policy is applied to a target VM, the appropriate resource group within the OS policy is selected based on the `OSFilter` specified within the resource group. |
| 1217 | "inventoryFilters": [ # List of inventory filters for the resource group. The resources in this resource group are applied to the target VM if it satisfies at least one of the following inventory filters. For example, to apply this resource group to VMs running either `RHEL` or `CentOS` operating systems, specify 2 items for the list with following values: inventory_filters[0].os_short_name='rhel' and inventory_filters[1].os_short_name='centos' If the list is empty, this resource group will be applied to the target VM unconditionally. |
| 1218 | { # Filtering criteria to select VMs based on inventory details. |
| 1219 | "osShortName": "A String", # Required. The OS short name |
| 1220 | "osVersion": "A String", # The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions. |
| 1221 | }, |
| 1222 | ], |
| 1223 | "resources": [ # Required. List of resources configured for this resource group. The resources are executed in the exact order specified here. |
| 1224 | { # An OS policy resource is used to define the desired state configuration and provides a specific functionality like installing/removing packages, executing a script etc. The system ensures that resources are always in their desired state by taking necessary actions if they have drifted from their desired state. |
| 1225 | "exec": { # A resource that allows executing scripts on the VM. The `ExecResource` has 2 stages: `validate` and `enforce` and both stages accept a script as an argument to execute. When the `ExecResource` is applied by the agent, it first executes the script in the `validate` stage. The `validate` stage can signal that the `ExecResource` is already in the desired state by returning an exit code of `100`. If the `ExecResource` is not in the desired state, it should return an exit code of `101`. Any other exit code returned by this stage is considered an error. If the `ExecResource` is not in the desired state based on the exit code from the `validate` stage, the agent proceeds to execute the script from the `enforce` stage. If the `ExecResource` is already in the desired state, the `enforce` stage will not be run. Similar to `validate` stage, the `enforce` stage should return an exit code of `100` to indicate that the resource in now in its desired state. Any other exit code is considered an error. NOTE: An exit code of `100` was chosen over `0` (and `101` vs `1`) to have an explicit indicator of `in desired state`, `not in desired state` and errors. Because, for example, Powershell will always return an exit code of `0` unless an `exit` statement is provided in the script. So, for reasons of consistency and being explicit, exit codes `100` and `101` were chosen. # Exec resource |
| 1226 | "enforce": { # A file or script to execute. # What to run to bring this resource into the desired state. An exit code of 100 indicates "success", any other exit code indicates a failure running enforce. |
| 1227 | "args": [ # Optional arguments to pass to the source during execution. |
| 1228 | "A String", |
| 1229 | ], |
| 1230 | "file": { # A remote or local file. # A remote or local file. |
| 1231 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 1232 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 1233 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 1234 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 1235 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 1236 | }, |
| 1237 | "localPath": "A String", # A local path within the VM to use. |
| 1238 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 1239 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 1240 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 1241 | }, |
| 1242 | }, |
| 1243 | "interpreter": "A String", # Required. The script interpreter to use. |
| 1244 | "outputFilePath": "A String", # Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. |
| 1245 | "script": "A String", # An inline script. The size of the script is limited to 1024 characters. |
| 1246 | }, |
| 1247 | "validate": { # A file or script to execute. # Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates "in desired state", and exit code of 101 indicates "not in desired state". Any other exit code indicates a failure running validate. |
| 1248 | "args": [ # Optional arguments to pass to the source during execution. |
| 1249 | "A String", |
| 1250 | ], |
| 1251 | "file": { # A remote or local file. # A remote or local file. |
| 1252 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 1253 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 1254 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 1255 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 1256 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 1257 | }, |
| 1258 | "localPath": "A String", # A local path within the VM to use. |
| 1259 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 1260 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 1261 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 1262 | }, |
| 1263 | }, |
| 1264 | "interpreter": "A String", # Required. The script interpreter to use. |
| 1265 | "outputFilePath": "A String", # Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. |
| 1266 | "script": "A String", # An inline script. The size of the script is limited to 1024 characters. |
| 1267 | }, |
| 1268 | }, |
| 1269 | "file": { # A resource that manages the state of a file. # File resource |
| 1270 | "content": "A String", # A a file with this content. The size of the content is limited to 1024 characters. |
| 1271 | "file": { # A remote or local file. # A remote or local source. |
| 1272 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 1273 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 1274 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 1275 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 1276 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 1277 | }, |
| 1278 | "localPath": "A String", # A local path within the VM to use. |
| 1279 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 1280 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 1281 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 1282 | }, |
| 1283 | }, |
| 1284 | "path": "A String", # Required. The absolute path of the file within the VM. |
| 1285 | "permissions": "A String", # Consists of three octal digits which represent, in order, the permissions of the owner, group, and other users for the file (similarly to the numeric mode used in the linux chmod utility). Each digit represents a three bit number with the 4 bit corresponding to the read permissions, the 2 bit corresponds to the write bit, and the one bit corresponds to the execute permission. Default behavior is 755. Below are some examples of permissions and their associated values: read, write, and execute: 7 read and execute: 5 read and write: 6 read only: 4 |
| 1286 | "state": "A String", # Required. Desired state of the file. |
| 1287 | }, |
| 1288 | "id": "A String", # Required. The id of the resource with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the OS policy. |
| 1289 | "pkg": { # A resource that manages a system package. # Package resource |
| 1290 | "apt": { # A package managed by APT. - install: `apt-get update && apt-get -y install [name]` - remove: `apt-get -y remove [name]` # A package managed by Apt. |
| 1291 | "name": "A String", # Required. Package name. |
| 1292 | }, |
| 1293 | "deb": { # A deb package file. dpkg packages only support INSTALLED state. # A deb package file. |
| 1294 | "pullDeps": True or False, # Whether dependencies should also be installed. - install when false: `dpkg -i package` - install when true: `apt-get update && apt-get -y install package.deb` |
| 1295 | "source": { # A remote or local file. # Required. A deb package. |
| 1296 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 1297 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 1298 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 1299 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 1300 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 1301 | }, |
| 1302 | "localPath": "A String", # A local path within the VM to use. |
| 1303 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 1304 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 1305 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 1306 | }, |
| 1307 | }, |
| 1308 | }, |
| 1309 | "desiredState": "A String", # Required. The desired state the agent should maintain for this package. |
| 1310 | "googet": { # A package managed by GooGet. - install: `googet -noconfirm install package` - remove: `googet -noconfirm remove package` # A package managed by GooGet. |
| 1311 | "name": "A String", # Required. Package name. |
| 1312 | }, |
| 1313 | "msi": { # An MSI package. MSI packages only support INSTALLED state. # An MSI package. |
| 1314 | "properties": [ # Additional properties to use during installation. This should be in the format of Property=Setting. Appended to the defaults of `ACTION=INSTALL REBOOT=ReallySuppress`. |
| 1315 | "A String", |
| 1316 | ], |
| 1317 | "source": { # A remote or local file. # Required. The MSI package. |
| 1318 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 1319 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 1320 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 1321 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 1322 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 1323 | }, |
| 1324 | "localPath": "A String", # A local path within the VM to use. |
| 1325 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 1326 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 1327 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 1328 | }, |
| 1329 | }, |
| 1330 | }, |
| 1331 | "rpm": { # An RPM package file. RPM packages only support INSTALLED state. # An rpm package file. |
| 1332 | "pullDeps": True or False, # Whether dependencies should also be installed. - install when false: `rpm --upgrade --replacepkgs package.rpm` - install when true: `yum -y install package.rpm` or `zypper -y install package.rpm` |
| 1333 | "source": { # A remote or local file. # Required. An rpm package. |
| 1334 | "allowInsecure": True or False, # Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. |
| 1335 | "gcs": { # Specifies a file available as a Cloud Storage Object. # A Cloud Storage object. |
| 1336 | "bucket": "A String", # Required. Bucket of the Cloud Storage object. |
| 1337 | "generation": "A String", # Generation number of the Cloud Storage object. |
| 1338 | "object": "A String", # Required. Name of the Cloud Storage object. |
| 1339 | }, |
| 1340 | "localPath": "A String", # A local path within the VM to use. |
| 1341 | "remote": { # Specifies a file available via some URI. # A generic remote file. |
| 1342 | "sha256Checksum": "A String", # SHA256 checksum of the remote file. |
| 1343 | "uri": "A String", # Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. |
| 1344 | }, |
| 1345 | }, |
| 1346 | }, |
| 1347 | "yum": { # A package managed by YUM. - install: `yum -y install package` - remove: `yum -y remove package` # A package managed by YUM. |
| 1348 | "name": "A String", # Required. Package name. |
| 1349 | }, |
| 1350 | "zypper": { # A package managed by Zypper. - install: `zypper -y install package` - remove: `zypper -y rm package` # A package managed by Zypper. |
| 1351 | "name": "A String", # Required. Package name. |
| 1352 | }, |
| 1353 | }, |
| 1354 | "repository": { # A resource that manages a package repository. # Package repository resource |
| 1355 | "apt": { # Represents a single apt package repository. These will be added to a repo file that will be managed at `/etc/apt/sources.list.d/google_osconfig.list`. # An Apt Repository. |
| 1356 | "archiveType": "A String", # Required. Type of archive files in this repository. |
| 1357 | "components": [ # Required. List of components for this repository. Must contain at least one item. |
| 1358 | "A String", |
| 1359 | ], |
| 1360 | "distribution": "A String", # Required. Distribution of this repository. |
| 1361 | "gpgKey": "A String", # URI of the key file for this repository. The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`. |
| 1362 | "uri": "A String", # Required. URI for this repository. |
| 1363 | }, |
| 1364 | "goo": { # Represents a Goo package repository. These are added to a repo file that is managed at `C:/ProgramData/GooGet/repos/google_osconfig.repo`. # A Goo Repository. |
| 1365 | "name": "A String", # Required. The name of the repository. |
| 1366 | "url": "A String", # Required. The url of the repository. |
| 1367 | }, |
| 1368 | "yum": { # Represents a single yum package repository. These are added to a repo file that is managed at `/etc/yum.repos.d/google_osconfig.repo`. # A Yum Repository. |
| 1369 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 1370 | "displayName": "A String", # The display name of the repository. |
| 1371 | "gpgKeys": [ # URIs of GPG keys. |
| 1372 | "A String", |
| 1373 | ], |
| 1374 | "id": "A String", # Required. A one word, unique name for this repository. This is the `repo id` in the yum config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for resource conflicts. |
| 1375 | }, |
| 1376 | "zypper": { # Represents a single zypper package repository. These are added to a repo file that is managed at `/etc/zypp/repos.d/google_osconfig.repo`. # A Zypper Repository. |
| 1377 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 1378 | "displayName": "A String", # The display name of the repository. |
| 1379 | "gpgKeys": [ # URIs of GPG keys. |
| 1380 | "A String", |
| 1381 | ], |
| 1382 | "id": "A String", # Required. A one word, unique name for this repository. This is the `repo id` in the zypper config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for GuestPolicy conflicts. |
| 1383 | }, |
| 1384 | }, |
| 1385 | }, |
| 1386 | ], |
| 1387 | }, |
| 1388 | ], |
| 1389 | }, |
| 1390 | ], |
| 1391 | "reconciling": True or False, # Output only. Indicates that reconciliation is in progress for the revision. This value is `true` when the `rollout_state` is one of: * IN_PROGRESS * CANCELLING |
| 1392 | "revisionCreateTime": "A String", # Output only. The timestamp that the revision was created. |
| 1393 | "revisionId": "A String", # Output only. The assignment revision ID A new revision is committed whenever a rollout is triggered for a OS policy assignment |
| 1394 | "rollout": { # Message to configure the rollout at the zonal level for the OS policy assignment. # Required. Rollout to deploy the OS policy assignment. A rollout is triggered in the following situations: 1) OSPolicyAssignment is created. 2) OSPolicyAssignment is updated and the update contains changes to one of the following fields: - instance_filter - os_policies 3) OSPolicyAssignment is deleted. |
| 1395 | "disruptionBudget": { # Message encapsulating a value that can be either absolute ("fixed") or relative ("percent") to a value. # Required. The maximum number (or percentage) of VMs per zone to disrupt at any given moment. |
| 1396 | "fixed": 42, # Specifies a fixed value. |
| 1397 | "percent": 42, # Specifies the relative value defined as a percentage, which will be multiplied by a reference value. |
| 1398 | }, |
| 1399 | "minWaitDuration": "A String", # Required. This determines the minimum duration of time to wait after the configuration changes are applied through the current rollout. A VM continues to count towards the `disruption_budget` at least until this duration of time has passed after configuration changes are applied. |
| 1400 | }, |
| 1401 | "rolloutState": "A String", # Output only. OS policy assignment rollout state |
| 1402 | "uid": "A String", # Output only. Server generated unique id for the OS policy assignment resource. |
| 1403 | } |
| 1404 | |
| 1405 | updateMask: string, Optional. Field mask that controls which fields of the assignment should be updated. |
| 1406 | x__xgafv: string, V1 error format. |
| 1407 | Allowed values |
| 1408 | 1 - v1 error format |
| 1409 | 2 - v2 error format |
| 1410 | |
| 1411 | Returns: |
| 1412 | An object of the form: |
| 1413 | |
| 1414 | { # This resource represents a long-running operation that is the result of a network API call. |
| 1415 | "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. |
| 1416 | "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation. |
| 1417 | "code": 42, # The status code, which should be an enum value of google.rpc.Code. |
| 1418 | "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use. |
| 1419 | { |
| 1420 | "a_key": "", # Properties of the object. Contains field @type with type URL. |
| 1421 | }, |
| 1422 | ], |
| 1423 | "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. |
| 1424 | }, |
| 1425 | "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. |
| 1426 | "a_key": "", # Properties of the object. Contains field @type with type URL. |
| 1427 | }, |
| 1428 | "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`. |
| 1429 | "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. |
| 1430 | "a_key": "", # Properties of the object. Contains field @type with type URL. |
| 1431 | }, |
| 1432 | }</pre> |
| 1433 | </div> |
| 1434 | |
| 1435 | </body></html> |