blob: 5752ba5c151ef7bda1482ecdcf3a76301edf9bf7 [file] [log] [blame]
Bu Sun Kim65020912020-05-20 12:08:20 -07001<html><body>
2<style>
3
4body, h1, h2, h3, div, span, p, pre, a {
5 margin: 0;
6 padding: 0;
7 border: 0;
8 font-weight: inherit;
9 font-style: inherit;
10 font-size: 100%;
11 font-family: inherit;
12 vertical-align: baseline;
13}
14
15body {
16 font-size: 13px;
17 padding: 1em;
18}
19
20h1 {
21 font-size: 26px;
22 margin-bottom: 1em;
23}
24
25h2 {
26 font-size: 24px;
27 margin-bottom: 1em;
28}
29
30h3 {
31 font-size: 20px;
32 margin-bottom: 1em;
33 margin-top: 1em;
34}
35
36pre, code {
37 line-height: 1.5;
38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
39}
40
41pre {
42 margin-top: 0.5em;
43}
44
45h1, h2, h3, p {
46 font-family: Arial, sans serif;
47}
48
49h1, h2, h3 {
50 border-bottom: solid #CCC 1px;
51}
52
53.toc_element {
54 margin-top: 0.5em;
55}
56
57.firstline {
58 margin-left: 2 em;
59}
60
61.method {
62 margin-top: 1em;
63 border: solid 1px #CCC;
64 padding: 1em;
65 background: #EEE;
66}
67
68.details {
69 font-weight: bold;
70 font-size: 14px;
71}
72
73</style>
74
75<h1><a href="osconfig_v1beta.html">Cloud OS Config API</a> . <a href="osconfig_v1beta.projects.html">projects</a> . <a href="osconfig_v1beta.projects.guestPolicies.html">guestPolicies</a></h1>
76<h2>Instance Methods</h2>
77<p class="toc_element">
78 <code><a href="#create">create(parent, body=None, guestPolicyId=None, x__xgafv=None)</a></code></p>
79<p class="firstline">Create an OS Config guest policy.</p>
80<p class="toc_element">
81 <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
82<p class="firstline">Delete an OS Config guest policy.</p>
83<p class="toc_element">
84 <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
85<p class="firstline">Get an OS Config guest policy.</p>
86<p class="toc_element">
87 <code><a href="#list">list(parent, pageToken=None, pageSize=None, x__xgafv=None)</a></code></p>
88<p class="firstline">Get a page of OS Config guest policies.</p>
89<p class="toc_element">
90 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
91<p class="firstline">Retrieves the next page of results.</p>
92<p class="toc_element">
93 <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
94<p class="firstline">Update an OS Config guest policy.</p>
95<h3>Method Details</h3>
96<div class="method">
97 <code class="details" id="create">create(parent, body=None, guestPolicyId=None, x__xgafv=None)</code>
98 <pre>Create an OS Config guest policy.
99
100Args:
101 parent: string, Required. The resource name of the parent using one of the following forms:
102`projects/{project_number}`. (required)
103 body: object, The request body.
104 The object takes the form of:
105
106{ # An OS Config resource representing a guest configuration policy. These
107 # policies represent the desired state for VM instance guest environments
108 # including packages to install or remove, package repository configurations,
109 # and software to install.
110 &quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
111 { # A software recipe is a set of instructions for installing and configuring a
112 # piece of software. It consists of a set of artifacts that are
113 # downloaded, and a set of steps that install, configure, and/or update the
114 # software.
115 #
116 # Recipes support installing and updating software from artifacts in the
117 # following formats:
118 # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
119 #
120 # Additionally, recipes support executing a script (either defined in a file or
121 # directly in this api) in bash, sh, cmd, and powershell.
122 #
123 # Updating a software recipe
124 #
125 # If a recipe is assigned to an instance and there is a recipe with the same
126 # name but a lower version already installed and the assigned state
127 # of the recipe is `UPDATED`, then the recipe is updated to
128 # the new version.
129 #
130 # Script Working Directories
131 #
132 # Each script or execution step is run in its own temporary directory which
133 # is deleted after completing the step.
134 &quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
135 # installed on an instance.
136 #
137 # Names are also used to identify resources which helps to determine whether
138 # guest policies have conflicts. This means that requests to create multiple
139 # recipes with the same name and version are rejected since they
140 # could potentially have conflicting assignments.
141 &quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
142 # executing steps and does not attempt another update for this recipe. Any
143 # steps taken (including partially completed steps) are not rolled back.
144 { # An action that can be taken as part of installing or updating a recipe.
145 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
146 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
147 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
148 # false and the file already exists the file is not overwritten
149 # and the step is considered a success. Defaults to false.
150 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
151 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
152 # order, the permissions of the owner, group, and other users for the
153 # file (similarly to the numeric mode used in the linux chmod utility).
154 # Each digit represents a three bit number with the 4 bit
155 # corresponding to the read permissions, the 2 bit corresponds to the
156 # write bit, and the one bit corresponds to the execute permission.
157 # Default behavior is 755.
158 #
159 # Below are some examples of permissions and their associated values:
160 # read, write, and execute: 7
161 # read and execute: 5
162 # read and write: 6
163 # read only: 4
164 },
165 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
166 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
167 },
168 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
169 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
170 # can return to indicate a success.
171 42,
172 ],
173 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
174 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
175 &quot;A String&quot;,
176 ],
177 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
178 },
179 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
180 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
181 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
182 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
183 # Defaults to `/` on Linux or `C:\` on Windows.
184 },
185 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
186 &quot;flags&quot;: [ # The flags to use when installing the MSI
187 # defaults to [&quot;/i&quot;] (i.e. the install flag).
188 &quot;A String&quot;,
189 ],
190 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
191 # successfully. Behaviour defaults to [0]
192 42,
193 ],
194 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
195 },
196 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
197 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
198 # successfully. Behaviour defaults to [0]
199 42,
200 ],
201 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
202 # specified the script is executed directly, which likely
203 # only succeed for scripts with
204 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
205 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
206 },
207 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
208 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
209 },
210 },
211 ],
212 &quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
213 # recipe.
214 #
215 # INSTALLED: The software recipe is installed on the instance but
216 # won&#x27;t be updated to new versions.
217 # UPDATED: The software recipe is installed on the instance. The recipe is
218 # updated to a higher version, if a higher version of the recipe is
219 # assigned to this instance.
220 # REMOVE: Remove is unsupported for software recipes and attempts to
221 # create or update a recipe to the REMOVE state is rejected.
222 &quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
223 # separated numbers (e.g. 12.34.56.78).
224 &quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
225 { # Specifies a resource to be used in the recipe.
226 &quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
227 &quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
228 # SHA256 checksum in hex format, to compare to the checksum of the
229 # artifact. If the checksum is not empty and it doesn&#x27;t match the
230 # artifact then the recipe installation fails before running any of the
231 # steps.
232 &quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
233 # and path following the format {protocol}://{location}.
234 },
235 &quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
236 &quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
237 # Generation number of the Google Cloud Storage object.
238 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
239 # this value would be `1234567`.
240 &quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
241 # Given an example URL:
242 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
243 # this value would be `my-bucket`.
244 &quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
245 # As specified [here]
246 # (https://cloud.google.com/storage/docs/naming#objectnames)
247 # Given an example URL:
248 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
249 # this value would be `foo/bar`.
250 },
251 &quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
252 # recipe can reference. Artifacts in a recipe cannot have the same id.
253 &quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
254 # based on the artifact type:
255 #
256 # Remote: A checksum must be specified, and only protocols with
257 # transport-layer security are permitted.
258 # GCS: An object generation number must be specified.
259 },
260 ],
261 &quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
262 # executing steps and does not attempt another installation. Any steps taken
263 # (including partially completed steps) are not rolled back.
264 { # An action that can be taken as part of installing or updating a recipe.
265 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
266 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
267 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
268 # false and the file already exists the file is not overwritten
269 # and the step is considered a success. Defaults to false.
270 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
271 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
272 # order, the permissions of the owner, group, and other users for the
273 # file (similarly to the numeric mode used in the linux chmod utility).
274 # Each digit represents a three bit number with the 4 bit
275 # corresponding to the read permissions, the 2 bit corresponds to the
276 # write bit, and the one bit corresponds to the execute permission.
277 # Default behavior is 755.
278 #
279 # Below are some examples of permissions and their associated values:
280 # read, write, and execute: 7
281 # read and execute: 5
282 # read and write: 6
283 # read only: 4
284 },
285 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
286 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
287 },
288 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
289 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
290 # can return to indicate a success.
291 42,
292 ],
293 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
294 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
295 &quot;A String&quot;,
296 ],
297 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
298 },
299 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
300 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
301 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
302 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
303 # Defaults to `/` on Linux or `C:\` on Windows.
304 },
305 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
306 &quot;flags&quot;: [ # The flags to use when installing the MSI
307 # defaults to [&quot;/i&quot;] (i.e. the install flag).
308 &quot;A String&quot;,
309 ],
310 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
311 # successfully. Behaviour defaults to [0]
312 42,
313 ],
314 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
315 },
316 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
317 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
318 # successfully. Behaviour defaults to [0]
319 42,
320 ],
321 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
322 # specified the script is executed directly, which likely
323 # only succeed for scripts with
324 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
325 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
326 },
327 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
328 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
329 },
330 },
331 ],
332 },
333 ],
334 &quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
335 # you to target sets or groups of VM instances by different parameters such
336 # as labels, names, OS, or zones.
337 #
338 # If left empty, all VM instances underneath this policy are targeted.
339 #
340 # At the same level in the resource hierarchy (that is within a project), the
341 # service prevents the creation of multiple policies that conflict with
342 # each other. For more information, see how the service [handles assignment
343 # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
344 # applies to.
345 #
346 # If an assignment is empty, it applies to all VM instances. Otherwise, the
347 # targeted VM instances must meet all the criteria specified. So if both
348 # labels and zones are specified, the policy applies to VM instances with those
349 # labels and in those zones.
350 &quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
351 # an assignment to target disparate groups, for example &quot;env=prod or
352 # env=staging&quot;.
353 { # Represents a group of VM intances that can be identified as having all
354 # these labels, for example &quot;env=prod and app=web&quot;.
355 &quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
356 # instance to be included in this assignment group.
357 &quot;a_key&quot;: &quot;A String&quot;,
358 },
359 },
360 ],
361 &quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
362 #
363 # VM instances must match all supplied criteria for a given OsType to be
364 # included.
365 { # Defines the criteria for selecting VM Instances by OS type.
366 &quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
367 # OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
368 &quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
369 # OS architecture.
370 &quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
371 # following OS version.
372 },
373 ],
374 &quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
375 # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
376 #
377 # Instance targeting is uncommon and is supported to facilitate the
378 # management of changes by the instance or to target specific VM instances
379 # for development and testing.
380 #
381 # Only supported for project-level policies and must reference instances
382 # within this project.
383 &quot;A String&quot;,
384 ],
385 &quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
386 #
387 # Like labels, this is another way to group VM instances when targeting
388 # configs, for example prefix=&quot;prod-&quot;.
389 #
390 # Only supported for project-level policies.
391 &quot;A String&quot;,
392 ],
393 &quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
394 # in any zone.
395 #
396 # Zonal targeting is uncommon and is supported to facilitate the management
397 # of changes by zone.
398 &quot;A String&quot;,
399 ],
400 },
401 &quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
402 # to 1024 characters.
403 &quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
404 # done before any other configs are applied so they can use these repos.
405 # Package repositories are only configured if the corresponding package
406 # manager(s) are available.
407 { # A package repository.
408 &quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
409 # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
410 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
411 # the `repo id` in the zypper config file and also the `display_name` if
412 # `display_name` is omitted. This id is also used as the unique identifier
413 # when checking for guest policy conflicts.
414 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
415 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
416 &quot;A String&quot;,
417 ],
418 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
419 },
420 &quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
421 # a repo file that is stored at
422 # `/etc/apt/sources.list.d/google_osconfig.list`.
423 &quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
424 &quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
425 &quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
426 # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
427 # all the keys in any applied guest policy.
428 &quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
429 &quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
430 &quot;A String&quot;,
431 ],
432 },
433 &quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
434 # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
435 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
436 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
437 # the `repo id` in the Yum config file and also the `display_name` if
438 # `display_name` is omitted. This id is also used as the unique identifier
439 # when checking for guest policy conflicts.
440 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
441 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
442 &quot;A String&quot;,
443 ],
444 },
445 &quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
446 # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
447 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
448 &quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
449 },
450 },
451 ],
452 &quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
453 # If this is provided on update, it must match the server&#x27;s etag.
454 &quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
455 &quot;packages&quot;: [ # The software packages to be managed by this policy.
456 { # Package is a reference to the software package to be installed or removed.
457 # The agent on the VM instance uses the system package manager to apply the
458 # config.
459 #
460 #
461 # These are the commands that the agent uses to install or remove
462 # packages.
463 #
464 # Apt
465 # install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
466 # remove: `apt-get -y remove package1 package2 package3`
467 #
468 # Yum
469 # install: `yum -y install package1 package2 package3`
470 # remove: `yum -y remove package1 package2 package3`
471 #
472 # Zypper
473 # install: `zypper install package1 package2 package3`
474 # remove: `zypper rm package1 package2`
475 #
476 # Googet
477 # install: `googet -noconfirm install package1 package2 package3`
478 # remove: `googet -noconfirm remove package1 package2 package3`
479 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
480 # validation by checking the package name and the manager(s) that the
481 # package targets.
482 &quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
483 # If a system does not have the package manager, the package is not
484 # installed or removed no error message is returned. By default,
485 # or if you specify `ANY`,
486 # the agent attempts to install and remove this package using the default
487 # package manager. This is useful when creating a policy that applies to
488 # different types of systems.
489 #
490 # The default behavior is ANY.
491 &quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
492 # default is to ensure the package is installed.
493 },
494 ],
495 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
496 &quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
497 # forms:
498 # `projects/{project_number}/guestPolicies/{guest_policy_id}`.
499}
500
501 guestPolicyId: string, Required. The logical name of the guest policy in the project
502with the following restrictions:
503
504* Must contain only lowercase letters, numbers, and hyphens.
505* Must start with a letter.
506* Must be between 1-63 characters.
507* Must end with a number or a letter.
508* Must be unique within the project.
509 x__xgafv: string, V1 error format.
510 Allowed values
511 1 - v1 error format
512 2 - v2 error format
513
514Returns:
515 An object of the form:
516
517 { # An OS Config resource representing a guest configuration policy. These
518 # policies represent the desired state for VM instance guest environments
519 # including packages to install or remove, package repository configurations,
520 # and software to install.
521 &quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
522 { # A software recipe is a set of instructions for installing and configuring a
523 # piece of software. It consists of a set of artifacts that are
524 # downloaded, and a set of steps that install, configure, and/or update the
525 # software.
526 #
527 # Recipes support installing and updating software from artifacts in the
528 # following formats:
529 # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
530 #
531 # Additionally, recipes support executing a script (either defined in a file or
532 # directly in this api) in bash, sh, cmd, and powershell.
533 #
534 # Updating a software recipe
535 #
536 # If a recipe is assigned to an instance and there is a recipe with the same
537 # name but a lower version already installed and the assigned state
538 # of the recipe is `UPDATED`, then the recipe is updated to
539 # the new version.
540 #
541 # Script Working Directories
542 #
543 # Each script or execution step is run in its own temporary directory which
544 # is deleted after completing the step.
545 &quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
546 # installed on an instance.
547 #
548 # Names are also used to identify resources which helps to determine whether
549 # guest policies have conflicts. This means that requests to create multiple
550 # recipes with the same name and version are rejected since they
551 # could potentially have conflicting assignments.
552 &quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
553 # executing steps and does not attempt another update for this recipe. Any
554 # steps taken (including partially completed steps) are not rolled back.
555 { # An action that can be taken as part of installing or updating a recipe.
556 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
557 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
558 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
559 # false and the file already exists the file is not overwritten
560 # and the step is considered a success. Defaults to false.
561 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
562 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
563 # order, the permissions of the owner, group, and other users for the
564 # file (similarly to the numeric mode used in the linux chmod utility).
565 # Each digit represents a three bit number with the 4 bit
566 # corresponding to the read permissions, the 2 bit corresponds to the
567 # write bit, and the one bit corresponds to the execute permission.
568 # Default behavior is 755.
569 #
570 # Below are some examples of permissions and their associated values:
571 # read, write, and execute: 7
572 # read and execute: 5
573 # read and write: 6
574 # read only: 4
575 },
576 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
577 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
578 },
579 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
580 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
581 # can return to indicate a success.
582 42,
583 ],
584 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
585 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
586 &quot;A String&quot;,
587 ],
588 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
589 },
590 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
591 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
592 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
593 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
594 # Defaults to `/` on Linux or `C:\` on Windows.
595 },
596 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
597 &quot;flags&quot;: [ # The flags to use when installing the MSI
598 # defaults to [&quot;/i&quot;] (i.e. the install flag).
599 &quot;A String&quot;,
600 ],
601 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
602 # successfully. Behaviour defaults to [0]
603 42,
604 ],
605 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
606 },
607 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
608 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
609 # successfully. Behaviour defaults to [0]
610 42,
611 ],
612 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
613 # specified the script is executed directly, which likely
614 # only succeed for scripts with
615 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
616 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
617 },
618 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
619 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
620 },
621 },
622 ],
623 &quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
624 # recipe.
625 #
626 # INSTALLED: The software recipe is installed on the instance but
627 # won&#x27;t be updated to new versions.
628 # UPDATED: The software recipe is installed on the instance. The recipe is
629 # updated to a higher version, if a higher version of the recipe is
630 # assigned to this instance.
631 # REMOVE: Remove is unsupported for software recipes and attempts to
632 # create or update a recipe to the REMOVE state is rejected.
633 &quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
634 # separated numbers (e.g. 12.34.56.78).
635 &quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
636 { # Specifies a resource to be used in the recipe.
637 &quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
638 &quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
639 # SHA256 checksum in hex format, to compare to the checksum of the
640 # artifact. If the checksum is not empty and it doesn&#x27;t match the
641 # artifact then the recipe installation fails before running any of the
642 # steps.
643 &quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
644 # and path following the format {protocol}://{location}.
645 },
646 &quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
647 &quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
648 # Generation number of the Google Cloud Storage object.
649 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
650 # this value would be `1234567`.
651 &quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
652 # Given an example URL:
653 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
654 # this value would be `my-bucket`.
655 &quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
656 # As specified [here]
657 # (https://cloud.google.com/storage/docs/naming#objectnames)
658 # Given an example URL:
659 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
660 # this value would be `foo/bar`.
661 },
662 &quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
663 # recipe can reference. Artifacts in a recipe cannot have the same id.
664 &quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
665 # based on the artifact type:
666 #
667 # Remote: A checksum must be specified, and only protocols with
668 # transport-layer security are permitted.
669 # GCS: An object generation number must be specified.
670 },
671 ],
672 &quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
673 # executing steps and does not attempt another installation. Any steps taken
674 # (including partially completed steps) are not rolled back.
675 { # An action that can be taken as part of installing or updating a recipe.
676 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
677 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
678 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
679 # false and the file already exists the file is not overwritten
680 # and the step is considered a success. Defaults to false.
681 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
682 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
683 # order, the permissions of the owner, group, and other users for the
684 # file (similarly to the numeric mode used in the linux chmod utility).
685 # Each digit represents a three bit number with the 4 bit
686 # corresponding to the read permissions, the 2 bit corresponds to the
687 # write bit, and the one bit corresponds to the execute permission.
688 # Default behavior is 755.
689 #
690 # Below are some examples of permissions and their associated values:
691 # read, write, and execute: 7
692 # read and execute: 5
693 # read and write: 6
694 # read only: 4
695 },
696 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
697 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
698 },
699 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
700 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
701 # can return to indicate a success.
702 42,
703 ],
704 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
705 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
706 &quot;A String&quot;,
707 ],
708 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
709 },
710 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
711 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
712 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
713 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
714 # Defaults to `/` on Linux or `C:\` on Windows.
715 },
716 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
717 &quot;flags&quot;: [ # The flags to use when installing the MSI
718 # defaults to [&quot;/i&quot;] (i.e. the install flag).
719 &quot;A String&quot;,
720 ],
721 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
722 # successfully. Behaviour defaults to [0]
723 42,
724 ],
725 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
726 },
727 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
728 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
729 # successfully. Behaviour defaults to [0]
730 42,
731 ],
732 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
733 # specified the script is executed directly, which likely
734 # only succeed for scripts with
735 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
736 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
737 },
738 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
739 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
740 },
741 },
742 ],
743 },
744 ],
745 &quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
746 # you to target sets or groups of VM instances by different parameters such
747 # as labels, names, OS, or zones.
748 #
749 # If left empty, all VM instances underneath this policy are targeted.
750 #
751 # At the same level in the resource hierarchy (that is within a project), the
752 # service prevents the creation of multiple policies that conflict with
753 # each other. For more information, see how the service [handles assignment
754 # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
755 # applies to.
756 #
757 # If an assignment is empty, it applies to all VM instances. Otherwise, the
758 # targeted VM instances must meet all the criteria specified. So if both
759 # labels and zones are specified, the policy applies to VM instances with those
760 # labels and in those zones.
761 &quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
762 # an assignment to target disparate groups, for example &quot;env=prod or
763 # env=staging&quot;.
764 { # Represents a group of VM intances that can be identified as having all
765 # these labels, for example &quot;env=prod and app=web&quot;.
766 &quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
767 # instance to be included in this assignment group.
768 &quot;a_key&quot;: &quot;A String&quot;,
769 },
770 },
771 ],
772 &quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
773 #
774 # VM instances must match all supplied criteria for a given OsType to be
775 # included.
776 { # Defines the criteria for selecting VM Instances by OS type.
777 &quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
778 # OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
779 &quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
780 # OS architecture.
781 &quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
782 # following OS version.
783 },
784 ],
785 &quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
786 # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
787 #
788 # Instance targeting is uncommon and is supported to facilitate the
789 # management of changes by the instance or to target specific VM instances
790 # for development and testing.
791 #
792 # Only supported for project-level policies and must reference instances
793 # within this project.
794 &quot;A String&quot;,
795 ],
796 &quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
797 #
798 # Like labels, this is another way to group VM instances when targeting
799 # configs, for example prefix=&quot;prod-&quot;.
800 #
801 # Only supported for project-level policies.
802 &quot;A String&quot;,
803 ],
804 &quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
805 # in any zone.
806 #
807 # Zonal targeting is uncommon and is supported to facilitate the management
808 # of changes by zone.
809 &quot;A String&quot;,
810 ],
811 },
812 &quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
813 # to 1024 characters.
814 &quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
815 # done before any other configs are applied so they can use these repos.
816 # Package repositories are only configured if the corresponding package
817 # manager(s) are available.
818 { # A package repository.
819 &quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
820 # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
821 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
822 # the `repo id` in the zypper config file and also the `display_name` if
823 # `display_name` is omitted. This id is also used as the unique identifier
824 # when checking for guest policy conflicts.
825 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
826 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
827 &quot;A String&quot;,
828 ],
829 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
830 },
831 &quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
832 # a repo file that is stored at
833 # `/etc/apt/sources.list.d/google_osconfig.list`.
834 &quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
835 &quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
836 &quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
837 # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
838 # all the keys in any applied guest policy.
839 &quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
840 &quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
841 &quot;A String&quot;,
842 ],
843 },
844 &quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
845 # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
846 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
847 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
848 # the `repo id` in the Yum config file and also the `display_name` if
849 # `display_name` is omitted. This id is also used as the unique identifier
850 # when checking for guest policy conflicts.
851 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
852 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
853 &quot;A String&quot;,
854 ],
855 },
856 &quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
857 # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
858 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
859 &quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
860 },
861 },
862 ],
863 &quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
864 # If this is provided on update, it must match the server&#x27;s etag.
865 &quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
866 &quot;packages&quot;: [ # The software packages to be managed by this policy.
867 { # Package is a reference to the software package to be installed or removed.
868 # The agent on the VM instance uses the system package manager to apply the
869 # config.
870 #
871 #
872 # These are the commands that the agent uses to install or remove
873 # packages.
874 #
875 # Apt
876 # install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
877 # remove: `apt-get -y remove package1 package2 package3`
878 #
879 # Yum
880 # install: `yum -y install package1 package2 package3`
881 # remove: `yum -y remove package1 package2 package3`
882 #
883 # Zypper
884 # install: `zypper install package1 package2 package3`
885 # remove: `zypper rm package1 package2`
886 #
887 # Googet
888 # install: `googet -noconfirm install package1 package2 package3`
889 # remove: `googet -noconfirm remove package1 package2 package3`
890 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
891 # validation by checking the package name and the manager(s) that the
892 # package targets.
893 &quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
894 # If a system does not have the package manager, the package is not
895 # installed or removed no error message is returned. By default,
896 # or if you specify `ANY`,
897 # the agent attempts to install and remove this package using the default
898 # package manager. This is useful when creating a policy that applies to
899 # different types of systems.
900 #
901 # The default behavior is ANY.
902 &quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
903 # default is to ensure the package is installed.
904 },
905 ],
906 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
907 &quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
908 # forms:
909 # `projects/{project_number}/guestPolicies/{guest_policy_id}`.
910 }</pre>
911</div>
912
913<div class="method">
914 <code class="details" id="delete">delete(name, x__xgafv=None)</code>
915 <pre>Delete an OS Config guest policy.
916
917Args:
918 name: string, Required. The resource name of the guest policy using one of the following forms:
919`projects/{project_number}/guestPolicies/{guest_policy_id}`. (required)
920 x__xgafv: string, V1 error format.
921 Allowed values
922 1 - v1 error format
923 2 - v2 error format
924
925Returns:
926 An object of the form:
927
928 { # A generic empty message that you can re-use to avoid defining duplicated
929 # empty messages in your APIs. A typical example is to use it as the request
930 # or the response type of an API method. For instance:
931 #
932 # service Foo {
933 # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
934 # }
935 #
936 # The JSON representation for `Empty` is empty JSON object `{}`.
937 }</pre>
938</div>
939
940<div class="method">
941 <code class="details" id="get">get(name, x__xgafv=None)</code>
942 <pre>Get an OS Config guest policy.
943
944Args:
945 name: string, Required. The resource name of the guest policy using one of the following forms:
946`projects/{project_number}/guestPolicies/{guest_policy_id}`. (required)
947 x__xgafv: string, V1 error format.
948 Allowed values
949 1 - v1 error format
950 2 - v2 error format
951
952Returns:
953 An object of the form:
954
955 { # An OS Config resource representing a guest configuration policy. These
956 # policies represent the desired state for VM instance guest environments
957 # including packages to install or remove, package repository configurations,
958 # and software to install.
959 &quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
960 { # A software recipe is a set of instructions for installing and configuring a
961 # piece of software. It consists of a set of artifacts that are
962 # downloaded, and a set of steps that install, configure, and/or update the
963 # software.
964 #
965 # Recipes support installing and updating software from artifacts in the
966 # following formats:
967 # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
968 #
969 # Additionally, recipes support executing a script (either defined in a file or
970 # directly in this api) in bash, sh, cmd, and powershell.
971 #
972 # Updating a software recipe
973 #
974 # If a recipe is assigned to an instance and there is a recipe with the same
975 # name but a lower version already installed and the assigned state
976 # of the recipe is `UPDATED`, then the recipe is updated to
977 # the new version.
978 #
979 # Script Working Directories
980 #
981 # Each script or execution step is run in its own temporary directory which
982 # is deleted after completing the step.
983 &quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
984 # installed on an instance.
985 #
986 # Names are also used to identify resources which helps to determine whether
987 # guest policies have conflicts. This means that requests to create multiple
988 # recipes with the same name and version are rejected since they
989 # could potentially have conflicting assignments.
990 &quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
991 # executing steps and does not attempt another update for this recipe. Any
992 # steps taken (including partially completed steps) are not rolled back.
993 { # An action that can be taken as part of installing or updating a recipe.
994 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
995 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
996 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
997 # false and the file already exists the file is not overwritten
998 # and the step is considered a success. Defaults to false.
999 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
1000 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
1001 # order, the permissions of the owner, group, and other users for the
1002 # file (similarly to the numeric mode used in the linux chmod utility).
1003 # Each digit represents a three bit number with the 4 bit
1004 # corresponding to the read permissions, the 2 bit corresponds to the
1005 # write bit, and the one bit corresponds to the execute permission.
1006 # Default behavior is 755.
1007 #
1008 # Below are some examples of permissions and their associated values:
1009 # read, write, and execute: 7
1010 # read and execute: 5
1011 # read and write: 6
1012 # read only: 4
1013 },
1014 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
1015 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1016 },
1017 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
1018 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
1019 # can return to indicate a success.
1020 42,
1021 ],
1022 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
1023 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
1024 &quot;A String&quot;,
1025 ],
1026 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
1027 },
1028 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
1029 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
1030 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1031 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
1032 # Defaults to `/` on Linux or `C:\` on Windows.
1033 },
1034 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
1035 &quot;flags&quot;: [ # The flags to use when installing the MSI
1036 # defaults to [&quot;/i&quot;] (i.e. the install flag).
1037 &quot;A String&quot;,
1038 ],
1039 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
1040 # successfully. Behaviour defaults to [0]
1041 42,
1042 ],
1043 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1044 },
1045 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
1046 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
1047 # successfully. Behaviour defaults to [0]
1048 42,
1049 ],
1050 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
1051 # specified the script is executed directly, which likely
1052 # only succeed for scripts with
1053 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
1054 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
1055 },
1056 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
1057 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1058 },
1059 },
1060 ],
1061 &quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
1062 # recipe.
1063 #
1064 # INSTALLED: The software recipe is installed on the instance but
1065 # won&#x27;t be updated to new versions.
1066 # UPDATED: The software recipe is installed on the instance. The recipe is
1067 # updated to a higher version, if a higher version of the recipe is
1068 # assigned to this instance.
1069 # REMOVE: Remove is unsupported for software recipes and attempts to
1070 # create or update a recipe to the REMOVE state is rejected.
1071 &quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
1072 # separated numbers (e.g. 12.34.56.78).
1073 &quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
1074 { # Specifies a resource to be used in the recipe.
1075 &quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
1076 &quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
1077 # SHA256 checksum in hex format, to compare to the checksum of the
1078 # artifact. If the checksum is not empty and it doesn&#x27;t match the
1079 # artifact then the recipe installation fails before running any of the
1080 # steps.
1081 &quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
1082 # and path following the format {protocol}://{location}.
1083 },
1084 &quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
1085 &quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
1086 # Generation number of the Google Cloud Storage object.
1087 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
1088 # this value would be `1234567`.
1089 &quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
1090 # Given an example URL:
1091 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
1092 # this value would be `my-bucket`.
1093 &quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
1094 # As specified [here]
1095 # (https://cloud.google.com/storage/docs/naming#objectnames)
1096 # Given an example URL:
1097 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
1098 # this value would be `foo/bar`.
1099 },
1100 &quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
1101 # recipe can reference. Artifacts in a recipe cannot have the same id.
1102 &quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
1103 # based on the artifact type:
1104 #
1105 # Remote: A checksum must be specified, and only protocols with
1106 # transport-layer security are permitted.
1107 # GCS: An object generation number must be specified.
1108 },
1109 ],
1110 &quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
1111 # executing steps and does not attempt another installation. Any steps taken
1112 # (including partially completed steps) are not rolled back.
1113 { # An action that can be taken as part of installing or updating a recipe.
1114 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
1115 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1116 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
1117 # false and the file already exists the file is not overwritten
1118 # and the step is considered a success. Defaults to false.
1119 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
1120 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
1121 # order, the permissions of the owner, group, and other users for the
1122 # file (similarly to the numeric mode used in the linux chmod utility).
1123 # Each digit represents a three bit number with the 4 bit
1124 # corresponding to the read permissions, the 2 bit corresponds to the
1125 # write bit, and the one bit corresponds to the execute permission.
1126 # Default behavior is 755.
1127 #
1128 # Below are some examples of permissions and their associated values:
1129 # read, write, and execute: 7
1130 # read and execute: 5
1131 # read and write: 6
1132 # read only: 4
1133 },
1134 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
1135 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1136 },
1137 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
1138 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
1139 # can return to indicate a success.
1140 42,
1141 ],
1142 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
1143 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
1144 &quot;A String&quot;,
1145 ],
1146 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
1147 },
1148 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
1149 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
1150 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1151 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
1152 # Defaults to `/` on Linux or `C:\` on Windows.
1153 },
1154 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
1155 &quot;flags&quot;: [ # The flags to use when installing the MSI
1156 # defaults to [&quot;/i&quot;] (i.e. the install flag).
1157 &quot;A String&quot;,
1158 ],
1159 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
1160 # successfully. Behaviour defaults to [0]
1161 42,
1162 ],
1163 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1164 },
1165 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
1166 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
1167 # successfully. Behaviour defaults to [0]
1168 42,
1169 ],
1170 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
1171 # specified the script is executed directly, which likely
1172 # only succeed for scripts with
1173 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
1174 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
1175 },
1176 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
1177 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1178 },
1179 },
1180 ],
1181 },
1182 ],
1183 &quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
1184 # you to target sets or groups of VM instances by different parameters such
1185 # as labels, names, OS, or zones.
1186 #
1187 # If left empty, all VM instances underneath this policy are targeted.
1188 #
1189 # At the same level in the resource hierarchy (that is within a project), the
1190 # service prevents the creation of multiple policies that conflict with
1191 # each other. For more information, see how the service [handles assignment
1192 # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
1193 # applies to.
1194 #
1195 # If an assignment is empty, it applies to all VM instances. Otherwise, the
1196 # targeted VM instances must meet all the criteria specified. So if both
1197 # labels and zones are specified, the policy applies to VM instances with those
1198 # labels and in those zones.
1199 &quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
1200 # an assignment to target disparate groups, for example &quot;env=prod or
1201 # env=staging&quot;.
1202 { # Represents a group of VM intances that can be identified as having all
1203 # these labels, for example &quot;env=prod and app=web&quot;.
1204 &quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
1205 # instance to be included in this assignment group.
1206 &quot;a_key&quot;: &quot;A String&quot;,
1207 },
1208 },
1209 ],
1210 &quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
1211 #
1212 # VM instances must match all supplied criteria for a given OsType to be
1213 # included.
1214 { # Defines the criteria for selecting VM Instances by OS type.
1215 &quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
1216 # OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
1217 &quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
1218 # OS architecture.
1219 &quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
1220 # following OS version.
1221 },
1222 ],
1223 &quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
1224 # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
1225 #
1226 # Instance targeting is uncommon and is supported to facilitate the
1227 # management of changes by the instance or to target specific VM instances
1228 # for development and testing.
1229 #
1230 # Only supported for project-level policies and must reference instances
1231 # within this project.
1232 &quot;A String&quot;,
1233 ],
1234 &quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
1235 #
1236 # Like labels, this is another way to group VM instances when targeting
1237 # configs, for example prefix=&quot;prod-&quot;.
1238 #
1239 # Only supported for project-level policies.
1240 &quot;A String&quot;,
1241 ],
1242 &quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
1243 # in any zone.
1244 #
1245 # Zonal targeting is uncommon and is supported to facilitate the management
1246 # of changes by zone.
1247 &quot;A String&quot;,
1248 ],
1249 },
1250 &quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
1251 # to 1024 characters.
1252 &quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
1253 # done before any other configs are applied so they can use these repos.
1254 # Package repositories are only configured if the corresponding package
1255 # manager(s) are available.
1256 { # A package repository.
1257 &quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
1258 # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
1259 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
1260 # the `repo id` in the zypper config file and also the `display_name` if
1261 # `display_name` is omitted. This id is also used as the unique identifier
1262 # when checking for guest policy conflicts.
1263 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
1264 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
1265 &quot;A String&quot;,
1266 ],
1267 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
1268 },
1269 &quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
1270 # a repo file that is stored at
1271 # `/etc/apt/sources.list.d/google_osconfig.list`.
1272 &quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
1273 &quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
1274 &quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
1275 # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
1276 # all the keys in any applied guest policy.
1277 &quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
1278 &quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
1279 &quot;A String&quot;,
1280 ],
1281 },
1282 &quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
1283 # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
1284 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
1285 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
1286 # the `repo id` in the Yum config file and also the `display_name` if
1287 # `display_name` is omitted. This id is also used as the unique identifier
1288 # when checking for guest policy conflicts.
1289 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
1290 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
1291 &quot;A String&quot;,
1292 ],
1293 },
1294 &quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
1295 # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
1296 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
1297 &quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
1298 },
1299 },
1300 ],
1301 &quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
1302 # If this is provided on update, it must match the server&#x27;s etag.
1303 &quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
1304 &quot;packages&quot;: [ # The software packages to be managed by this policy.
1305 { # Package is a reference to the software package to be installed or removed.
1306 # The agent on the VM instance uses the system package manager to apply the
1307 # config.
1308 #
1309 #
1310 # These are the commands that the agent uses to install or remove
1311 # packages.
1312 #
1313 # Apt
1314 # install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
1315 # remove: `apt-get -y remove package1 package2 package3`
1316 #
1317 # Yum
1318 # install: `yum -y install package1 package2 package3`
1319 # remove: `yum -y remove package1 package2 package3`
1320 #
1321 # Zypper
1322 # install: `zypper install package1 package2 package3`
1323 # remove: `zypper rm package1 package2`
1324 #
1325 # Googet
1326 # install: `googet -noconfirm install package1 package2 package3`
1327 # remove: `googet -noconfirm remove package1 package2 package3`
1328 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
1329 # validation by checking the package name and the manager(s) that the
1330 # package targets.
1331 &quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
1332 # If a system does not have the package manager, the package is not
1333 # installed or removed no error message is returned. By default,
1334 # or if you specify `ANY`,
1335 # the agent attempts to install and remove this package using the default
1336 # package manager. This is useful when creating a policy that applies to
1337 # different types of systems.
1338 #
1339 # The default behavior is ANY.
1340 &quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
1341 # default is to ensure the package is installed.
1342 },
1343 ],
1344 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
1345 &quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
1346 # forms:
1347 # `projects/{project_number}/guestPolicies/{guest_policy_id}`.
1348 }</pre>
1349</div>
1350
1351<div class="method">
1352 <code class="details" id="list">list(parent, pageToken=None, pageSize=None, x__xgafv=None)</code>
1353 <pre>Get a page of OS Config guest policies.
1354
1355Args:
1356 parent: string, Required. The resource name of the parent using one of the following forms:
1357`projects/{project_number}`. (required)
1358 pageToken: string, A pagination token returned from a previous call to `ListGuestPolicies`
1359that indicates where this listing should continue from.
1360 pageSize: integer, The maximum number of guest policies to return.
1361 x__xgafv: string, V1 error format.
1362 Allowed values
1363 1 - v1 error format
1364 2 - v2 error format
1365
1366Returns:
1367 An object of the form:
1368
1369 { # A response message for listing guest policies.
1370 &quot;nextPageToken&quot;: &quot;A String&quot;, # A pagination token that can be used to get the next page
1371 # of guest policies.
1372 &quot;guestPolicies&quot;: [ # The list of GuestPolicies.
1373 { # An OS Config resource representing a guest configuration policy. These
1374 # policies represent the desired state for VM instance guest environments
1375 # including packages to install or remove, package repository configurations,
1376 # and software to install.
1377 &quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
1378 { # A software recipe is a set of instructions for installing and configuring a
1379 # piece of software. It consists of a set of artifacts that are
1380 # downloaded, and a set of steps that install, configure, and/or update the
1381 # software.
1382 #
1383 # Recipes support installing and updating software from artifacts in the
1384 # following formats:
1385 # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
1386 #
1387 # Additionally, recipes support executing a script (either defined in a file or
1388 # directly in this api) in bash, sh, cmd, and powershell.
1389 #
1390 # Updating a software recipe
1391 #
1392 # If a recipe is assigned to an instance and there is a recipe with the same
1393 # name but a lower version already installed and the assigned state
1394 # of the recipe is `UPDATED`, then the recipe is updated to
1395 # the new version.
1396 #
1397 # Script Working Directories
1398 #
1399 # Each script or execution step is run in its own temporary directory which
1400 # is deleted after completing the step.
1401 &quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
1402 # installed on an instance.
1403 #
1404 # Names are also used to identify resources which helps to determine whether
1405 # guest policies have conflicts. This means that requests to create multiple
1406 # recipes with the same name and version are rejected since they
1407 # could potentially have conflicting assignments.
1408 &quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
1409 # executing steps and does not attempt another update for this recipe. Any
1410 # steps taken (including partially completed steps) are not rolled back.
1411 { # An action that can be taken as part of installing or updating a recipe.
1412 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
1413 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1414 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
1415 # false and the file already exists the file is not overwritten
1416 # and the step is considered a success. Defaults to false.
1417 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
1418 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
1419 # order, the permissions of the owner, group, and other users for the
1420 # file (similarly to the numeric mode used in the linux chmod utility).
1421 # Each digit represents a three bit number with the 4 bit
1422 # corresponding to the read permissions, the 2 bit corresponds to the
1423 # write bit, and the one bit corresponds to the execute permission.
1424 # Default behavior is 755.
1425 #
1426 # Below are some examples of permissions and their associated values:
1427 # read, write, and execute: 7
1428 # read and execute: 5
1429 # read and write: 6
1430 # read only: 4
1431 },
1432 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
1433 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1434 },
1435 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
1436 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
1437 # can return to indicate a success.
1438 42,
1439 ],
1440 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
1441 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
1442 &quot;A String&quot;,
1443 ],
1444 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
1445 },
1446 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
1447 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
1448 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1449 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
1450 # Defaults to `/` on Linux or `C:\` on Windows.
1451 },
1452 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
1453 &quot;flags&quot;: [ # The flags to use when installing the MSI
1454 # defaults to [&quot;/i&quot;] (i.e. the install flag).
1455 &quot;A String&quot;,
1456 ],
1457 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
1458 # successfully. Behaviour defaults to [0]
1459 42,
1460 ],
1461 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1462 },
1463 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
1464 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
1465 # successfully. Behaviour defaults to [0]
1466 42,
1467 ],
1468 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
1469 # specified the script is executed directly, which likely
1470 # only succeed for scripts with
1471 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
1472 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
1473 },
1474 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
1475 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1476 },
1477 },
1478 ],
1479 &quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
1480 # recipe.
1481 #
1482 # INSTALLED: The software recipe is installed on the instance but
1483 # won&#x27;t be updated to new versions.
1484 # UPDATED: The software recipe is installed on the instance. The recipe is
1485 # updated to a higher version, if a higher version of the recipe is
1486 # assigned to this instance.
1487 # REMOVE: Remove is unsupported for software recipes and attempts to
1488 # create or update a recipe to the REMOVE state is rejected.
1489 &quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
1490 # separated numbers (e.g. 12.34.56.78).
1491 &quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
1492 { # Specifies a resource to be used in the recipe.
1493 &quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
1494 &quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
1495 # SHA256 checksum in hex format, to compare to the checksum of the
1496 # artifact. If the checksum is not empty and it doesn&#x27;t match the
1497 # artifact then the recipe installation fails before running any of the
1498 # steps.
1499 &quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
1500 # and path following the format {protocol}://{location}.
1501 },
1502 &quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
1503 &quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
1504 # Generation number of the Google Cloud Storage object.
1505 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
1506 # this value would be `1234567`.
1507 &quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
1508 # Given an example URL:
1509 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
1510 # this value would be `my-bucket`.
1511 &quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
1512 # As specified [here]
1513 # (https://cloud.google.com/storage/docs/naming#objectnames)
1514 # Given an example URL:
1515 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
1516 # this value would be `foo/bar`.
1517 },
1518 &quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
1519 # recipe can reference. Artifacts in a recipe cannot have the same id.
1520 &quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
1521 # based on the artifact type:
1522 #
1523 # Remote: A checksum must be specified, and only protocols with
1524 # transport-layer security are permitted.
1525 # GCS: An object generation number must be specified.
1526 },
1527 ],
1528 &quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
1529 # executing steps and does not attempt another installation. Any steps taken
1530 # (including partially completed steps) are not rolled back.
1531 { # An action that can be taken as part of installing or updating a recipe.
1532 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
1533 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1534 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
1535 # false and the file already exists the file is not overwritten
1536 # and the step is considered a success. Defaults to false.
1537 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
1538 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
1539 # order, the permissions of the owner, group, and other users for the
1540 # file (similarly to the numeric mode used in the linux chmod utility).
1541 # Each digit represents a three bit number with the 4 bit
1542 # corresponding to the read permissions, the 2 bit corresponds to the
1543 # write bit, and the one bit corresponds to the execute permission.
1544 # Default behavior is 755.
1545 #
1546 # Below are some examples of permissions and their associated values:
1547 # read, write, and execute: 7
1548 # read and execute: 5
1549 # read and write: 6
1550 # read only: 4
1551 },
1552 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
1553 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1554 },
1555 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
1556 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
1557 # can return to indicate a success.
1558 42,
1559 ],
1560 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
1561 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
1562 &quot;A String&quot;,
1563 ],
1564 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
1565 },
1566 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
1567 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
1568 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1569 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
1570 # Defaults to `/` on Linux or `C:\` on Windows.
1571 },
1572 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
1573 &quot;flags&quot;: [ # The flags to use when installing the MSI
1574 # defaults to [&quot;/i&quot;] (i.e. the install flag).
1575 &quot;A String&quot;,
1576 ],
1577 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
1578 # successfully. Behaviour defaults to [0]
1579 42,
1580 ],
1581 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1582 },
1583 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
1584 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
1585 # successfully. Behaviour defaults to [0]
1586 42,
1587 ],
1588 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
1589 # specified the script is executed directly, which likely
1590 # only succeed for scripts with
1591 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
1592 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
1593 },
1594 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
1595 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1596 },
1597 },
1598 ],
1599 },
1600 ],
1601 &quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
1602 # you to target sets or groups of VM instances by different parameters such
1603 # as labels, names, OS, or zones.
1604 #
1605 # If left empty, all VM instances underneath this policy are targeted.
1606 #
1607 # At the same level in the resource hierarchy (that is within a project), the
1608 # service prevents the creation of multiple policies that conflict with
1609 # each other. For more information, see how the service [handles assignment
1610 # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
1611 # applies to.
1612 #
1613 # If an assignment is empty, it applies to all VM instances. Otherwise, the
1614 # targeted VM instances must meet all the criteria specified. So if both
1615 # labels and zones are specified, the policy applies to VM instances with those
1616 # labels and in those zones.
1617 &quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
1618 # an assignment to target disparate groups, for example &quot;env=prod or
1619 # env=staging&quot;.
1620 { # Represents a group of VM intances that can be identified as having all
1621 # these labels, for example &quot;env=prod and app=web&quot;.
1622 &quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
1623 # instance to be included in this assignment group.
1624 &quot;a_key&quot;: &quot;A String&quot;,
1625 },
1626 },
1627 ],
1628 &quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
1629 #
1630 # VM instances must match all supplied criteria for a given OsType to be
1631 # included.
1632 { # Defines the criteria for selecting VM Instances by OS type.
1633 &quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
1634 # OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
1635 &quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
1636 # OS architecture.
1637 &quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
1638 # following OS version.
1639 },
1640 ],
1641 &quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
1642 # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
1643 #
1644 # Instance targeting is uncommon and is supported to facilitate the
1645 # management of changes by the instance or to target specific VM instances
1646 # for development and testing.
1647 #
1648 # Only supported for project-level policies and must reference instances
1649 # within this project.
1650 &quot;A String&quot;,
1651 ],
1652 &quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
1653 #
1654 # Like labels, this is another way to group VM instances when targeting
1655 # configs, for example prefix=&quot;prod-&quot;.
1656 #
1657 # Only supported for project-level policies.
1658 &quot;A String&quot;,
1659 ],
1660 &quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
1661 # in any zone.
1662 #
1663 # Zonal targeting is uncommon and is supported to facilitate the management
1664 # of changes by zone.
1665 &quot;A String&quot;,
1666 ],
1667 },
1668 &quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
1669 # to 1024 characters.
1670 &quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
1671 # done before any other configs are applied so they can use these repos.
1672 # Package repositories are only configured if the corresponding package
1673 # manager(s) are available.
1674 { # A package repository.
1675 &quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
1676 # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
1677 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
1678 # the `repo id` in the zypper config file and also the `display_name` if
1679 # `display_name` is omitted. This id is also used as the unique identifier
1680 # when checking for guest policy conflicts.
1681 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
1682 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
1683 &quot;A String&quot;,
1684 ],
1685 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
1686 },
1687 &quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
1688 # a repo file that is stored at
1689 # `/etc/apt/sources.list.d/google_osconfig.list`.
1690 &quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
1691 &quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
1692 &quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
1693 # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
1694 # all the keys in any applied guest policy.
1695 &quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
1696 &quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
1697 &quot;A String&quot;,
1698 ],
1699 },
1700 &quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
1701 # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
1702 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
1703 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
1704 # the `repo id` in the Yum config file and also the `display_name` if
1705 # `display_name` is omitted. This id is also used as the unique identifier
1706 # when checking for guest policy conflicts.
1707 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
1708 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
1709 &quot;A String&quot;,
1710 ],
1711 },
1712 &quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
1713 # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
1714 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
1715 &quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
1716 },
1717 },
1718 ],
1719 &quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
1720 # If this is provided on update, it must match the server&#x27;s etag.
1721 &quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
1722 &quot;packages&quot;: [ # The software packages to be managed by this policy.
1723 { # Package is a reference to the software package to be installed or removed.
1724 # The agent on the VM instance uses the system package manager to apply the
1725 # config.
1726 #
1727 #
1728 # These are the commands that the agent uses to install or remove
1729 # packages.
1730 #
1731 # Apt
1732 # install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
1733 # remove: `apt-get -y remove package1 package2 package3`
1734 #
1735 # Yum
1736 # install: `yum -y install package1 package2 package3`
1737 # remove: `yum -y remove package1 package2 package3`
1738 #
1739 # Zypper
1740 # install: `zypper install package1 package2 package3`
1741 # remove: `zypper rm package1 package2`
1742 #
1743 # Googet
1744 # install: `googet -noconfirm install package1 package2 package3`
1745 # remove: `googet -noconfirm remove package1 package2 package3`
1746 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
1747 # validation by checking the package name and the manager(s) that the
1748 # package targets.
1749 &quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
1750 # If a system does not have the package manager, the package is not
1751 # installed or removed no error message is returned. By default,
1752 # or if you specify `ANY`,
1753 # the agent attempts to install and remove this package using the default
1754 # package manager. This is useful when creating a policy that applies to
1755 # different types of systems.
1756 #
1757 # The default behavior is ANY.
1758 &quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
1759 # default is to ensure the package is installed.
1760 },
1761 ],
1762 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
1763 &quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
1764 # forms:
1765 # `projects/{project_number}/guestPolicies/{guest_policy_id}`.
1766 },
1767 ],
1768 }</pre>
1769</div>
1770
1771<div class="method">
1772 <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
1773 <pre>Retrieves the next page of results.
1774
1775Args:
1776 previous_request: The request for the previous page. (required)
1777 previous_response: The response from the request for the previous page. (required)
1778
1779Returns:
1780 A request object that you can call &#x27;execute()&#x27; on to request the next
1781 page. Returns None if there are no more items in the collection.
1782 </pre>
1783</div>
1784
1785<div class="method">
1786 <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
1787 <pre>Update an OS Config guest policy.
1788
1789Args:
1790 name: string, Required. Unique name of the resource in this project using one of the following
1791forms:
1792`projects/{project_number}/guestPolicies/{guest_policy_id}`. (required)
1793 body: object, The request body.
1794 The object takes the form of:
1795
1796{ # An OS Config resource representing a guest configuration policy. These
1797 # policies represent the desired state for VM instance guest environments
1798 # including packages to install or remove, package repository configurations,
1799 # and software to install.
1800 &quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
1801 { # A software recipe is a set of instructions for installing and configuring a
1802 # piece of software. It consists of a set of artifacts that are
1803 # downloaded, and a set of steps that install, configure, and/or update the
1804 # software.
1805 #
1806 # Recipes support installing and updating software from artifacts in the
1807 # following formats:
1808 # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
1809 #
1810 # Additionally, recipes support executing a script (either defined in a file or
1811 # directly in this api) in bash, sh, cmd, and powershell.
1812 #
1813 # Updating a software recipe
1814 #
1815 # If a recipe is assigned to an instance and there is a recipe with the same
1816 # name but a lower version already installed and the assigned state
1817 # of the recipe is `UPDATED`, then the recipe is updated to
1818 # the new version.
1819 #
1820 # Script Working Directories
1821 #
1822 # Each script or execution step is run in its own temporary directory which
1823 # is deleted after completing the step.
1824 &quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
1825 # installed on an instance.
1826 #
1827 # Names are also used to identify resources which helps to determine whether
1828 # guest policies have conflicts. This means that requests to create multiple
1829 # recipes with the same name and version are rejected since they
1830 # could potentially have conflicting assignments.
1831 &quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
1832 # executing steps and does not attempt another update for this recipe. Any
1833 # steps taken (including partially completed steps) are not rolled back.
1834 { # An action that can be taken as part of installing or updating a recipe.
1835 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
1836 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1837 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
1838 # false and the file already exists the file is not overwritten
1839 # and the step is considered a success. Defaults to false.
1840 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
1841 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
1842 # order, the permissions of the owner, group, and other users for the
1843 # file (similarly to the numeric mode used in the linux chmod utility).
1844 # Each digit represents a three bit number with the 4 bit
1845 # corresponding to the read permissions, the 2 bit corresponds to the
1846 # write bit, and the one bit corresponds to the execute permission.
1847 # Default behavior is 755.
1848 #
1849 # Below are some examples of permissions and their associated values:
1850 # read, write, and execute: 7
1851 # read and execute: 5
1852 # read and write: 6
1853 # read only: 4
1854 },
1855 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
1856 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1857 },
1858 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
1859 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
1860 # can return to indicate a success.
1861 42,
1862 ],
1863 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
1864 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
1865 &quot;A String&quot;,
1866 ],
1867 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
1868 },
1869 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
1870 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
1871 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1872 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
1873 # Defaults to `/` on Linux or `C:\` on Windows.
1874 },
1875 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
1876 &quot;flags&quot;: [ # The flags to use when installing the MSI
1877 # defaults to [&quot;/i&quot;] (i.e. the install flag).
1878 &quot;A String&quot;,
1879 ],
1880 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
1881 # successfully. Behaviour defaults to [0]
1882 42,
1883 ],
1884 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1885 },
1886 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
1887 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
1888 # successfully. Behaviour defaults to [0]
1889 42,
1890 ],
1891 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
1892 # specified the script is executed directly, which likely
1893 # only succeed for scripts with
1894 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
1895 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
1896 },
1897 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
1898 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1899 },
1900 },
1901 ],
1902 &quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
1903 # recipe.
1904 #
1905 # INSTALLED: The software recipe is installed on the instance but
1906 # won&#x27;t be updated to new versions.
1907 # UPDATED: The software recipe is installed on the instance. The recipe is
1908 # updated to a higher version, if a higher version of the recipe is
1909 # assigned to this instance.
1910 # REMOVE: Remove is unsupported for software recipes and attempts to
1911 # create or update a recipe to the REMOVE state is rejected.
1912 &quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
1913 # separated numbers (e.g. 12.34.56.78).
1914 &quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
1915 { # Specifies a resource to be used in the recipe.
1916 &quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
1917 &quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
1918 # SHA256 checksum in hex format, to compare to the checksum of the
1919 # artifact. If the checksum is not empty and it doesn&#x27;t match the
1920 # artifact then the recipe installation fails before running any of the
1921 # steps.
1922 &quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
1923 # and path following the format {protocol}://{location}.
1924 },
1925 &quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
1926 &quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
1927 # Generation number of the Google Cloud Storage object.
1928 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
1929 # this value would be `1234567`.
1930 &quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
1931 # Given an example URL:
1932 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
1933 # this value would be `my-bucket`.
1934 &quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
1935 # As specified [here]
1936 # (https://cloud.google.com/storage/docs/naming#objectnames)
1937 # Given an example URL:
1938 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
1939 # this value would be `foo/bar`.
1940 },
1941 &quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
1942 # recipe can reference. Artifacts in a recipe cannot have the same id.
1943 &quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
1944 # based on the artifact type:
1945 #
1946 # Remote: A checksum must be specified, and only protocols with
1947 # transport-layer security are permitted.
1948 # GCS: An object generation number must be specified.
1949 },
1950 ],
1951 &quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
1952 # executing steps and does not attempt another installation. Any steps taken
1953 # (including partially completed steps) are not rolled back.
1954 { # An action that can be taken as part of installing or updating a recipe.
1955 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
1956 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1957 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
1958 # false and the file already exists the file is not overwritten
1959 # and the step is considered a success. Defaults to false.
1960 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
1961 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
1962 # order, the permissions of the owner, group, and other users for the
1963 # file (similarly to the numeric mode used in the linux chmod utility).
1964 # Each digit represents a three bit number with the 4 bit
1965 # corresponding to the read permissions, the 2 bit corresponds to the
1966 # write bit, and the one bit corresponds to the execute permission.
1967 # Default behavior is 755.
1968 #
1969 # Below are some examples of permissions and their associated values:
1970 # read, write, and execute: 7
1971 # read and execute: 5
1972 # read and write: 6
1973 # read only: 4
1974 },
1975 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
1976 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1977 },
1978 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
1979 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
1980 # can return to indicate a success.
1981 42,
1982 ],
1983 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
1984 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
1985 &quot;A String&quot;,
1986 ],
1987 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
1988 },
1989 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
1990 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
1991 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
1992 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
1993 # Defaults to `/` on Linux or `C:\` on Windows.
1994 },
1995 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
1996 &quot;flags&quot;: [ # The flags to use when installing the MSI
1997 # defaults to [&quot;/i&quot;] (i.e. the install flag).
1998 &quot;A String&quot;,
1999 ],
2000 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
2001 # successfully. Behaviour defaults to [0]
2002 42,
2003 ],
2004 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2005 },
2006 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
2007 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
2008 # successfully. Behaviour defaults to [0]
2009 42,
2010 ],
2011 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
2012 # specified the script is executed directly, which likely
2013 # only succeed for scripts with
2014 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
2015 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
2016 },
2017 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
2018 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2019 },
2020 },
2021 ],
2022 },
2023 ],
2024 &quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
2025 # you to target sets or groups of VM instances by different parameters such
2026 # as labels, names, OS, or zones.
2027 #
2028 # If left empty, all VM instances underneath this policy are targeted.
2029 #
2030 # At the same level in the resource hierarchy (that is within a project), the
2031 # service prevents the creation of multiple policies that conflict with
2032 # each other. For more information, see how the service [handles assignment
2033 # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
2034 # applies to.
2035 #
2036 # If an assignment is empty, it applies to all VM instances. Otherwise, the
2037 # targeted VM instances must meet all the criteria specified. So if both
2038 # labels and zones are specified, the policy applies to VM instances with those
2039 # labels and in those zones.
2040 &quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
2041 # an assignment to target disparate groups, for example &quot;env=prod or
2042 # env=staging&quot;.
2043 { # Represents a group of VM intances that can be identified as having all
2044 # these labels, for example &quot;env=prod and app=web&quot;.
2045 &quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
2046 # instance to be included in this assignment group.
2047 &quot;a_key&quot;: &quot;A String&quot;,
2048 },
2049 },
2050 ],
2051 &quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
2052 #
2053 # VM instances must match all supplied criteria for a given OsType to be
2054 # included.
2055 { # Defines the criteria for selecting VM Instances by OS type.
2056 &quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
2057 # OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
2058 &quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
2059 # OS architecture.
2060 &quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
2061 # following OS version.
2062 },
2063 ],
2064 &quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
2065 # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
2066 #
2067 # Instance targeting is uncommon and is supported to facilitate the
2068 # management of changes by the instance or to target specific VM instances
2069 # for development and testing.
2070 #
2071 # Only supported for project-level policies and must reference instances
2072 # within this project.
2073 &quot;A String&quot;,
2074 ],
2075 &quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
2076 #
2077 # Like labels, this is another way to group VM instances when targeting
2078 # configs, for example prefix=&quot;prod-&quot;.
2079 #
2080 # Only supported for project-level policies.
2081 &quot;A String&quot;,
2082 ],
2083 &quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
2084 # in any zone.
2085 #
2086 # Zonal targeting is uncommon and is supported to facilitate the management
2087 # of changes by zone.
2088 &quot;A String&quot;,
2089 ],
2090 },
2091 &quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
2092 # to 1024 characters.
2093 &quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
2094 # done before any other configs are applied so they can use these repos.
2095 # Package repositories are only configured if the corresponding package
2096 # manager(s) are available.
2097 { # A package repository.
2098 &quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
2099 # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
2100 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
2101 # the `repo id` in the zypper config file and also the `display_name` if
2102 # `display_name` is omitted. This id is also used as the unique identifier
2103 # when checking for guest policy conflicts.
2104 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
2105 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
2106 &quot;A String&quot;,
2107 ],
2108 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
2109 },
2110 &quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
2111 # a repo file that is stored at
2112 # `/etc/apt/sources.list.d/google_osconfig.list`.
2113 &quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
2114 &quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
2115 &quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
2116 # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
2117 # all the keys in any applied guest policy.
2118 &quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
2119 &quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
2120 &quot;A String&quot;,
2121 ],
2122 },
2123 &quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
2124 # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
2125 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
2126 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
2127 # the `repo id` in the Yum config file and also the `display_name` if
2128 # `display_name` is omitted. This id is also used as the unique identifier
2129 # when checking for guest policy conflicts.
2130 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
2131 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
2132 &quot;A String&quot;,
2133 ],
2134 },
2135 &quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
2136 # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
2137 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
2138 &quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
2139 },
2140 },
2141 ],
2142 &quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
2143 # If this is provided on update, it must match the server&#x27;s etag.
2144 &quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
2145 &quot;packages&quot;: [ # The software packages to be managed by this policy.
2146 { # Package is a reference to the software package to be installed or removed.
2147 # The agent on the VM instance uses the system package manager to apply the
2148 # config.
2149 #
2150 #
2151 # These are the commands that the agent uses to install or remove
2152 # packages.
2153 #
2154 # Apt
2155 # install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
2156 # remove: `apt-get -y remove package1 package2 package3`
2157 #
2158 # Yum
2159 # install: `yum -y install package1 package2 package3`
2160 # remove: `yum -y remove package1 package2 package3`
2161 #
2162 # Zypper
2163 # install: `zypper install package1 package2 package3`
2164 # remove: `zypper rm package1 package2`
2165 #
2166 # Googet
2167 # install: `googet -noconfirm install package1 package2 package3`
2168 # remove: `googet -noconfirm remove package1 package2 package3`
2169 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
2170 # validation by checking the package name and the manager(s) that the
2171 # package targets.
2172 &quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
2173 # If a system does not have the package manager, the package is not
2174 # installed or removed no error message is returned. By default,
2175 # or if you specify `ANY`,
2176 # the agent attempts to install and remove this package using the default
2177 # package manager. This is useful when creating a policy that applies to
2178 # different types of systems.
2179 #
2180 # The default behavior is ANY.
2181 &quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
2182 # default is to ensure the package is installed.
2183 },
2184 ],
2185 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
2186 &quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
2187 # forms:
2188 # `projects/{project_number}/guestPolicies/{guest_policy_id}`.
2189}
2190
2191 updateMask: string, Field mask that controls which fields of the guest policy should be
2192updated.
2193 x__xgafv: string, V1 error format.
2194 Allowed values
2195 1 - v1 error format
2196 2 - v2 error format
2197
2198Returns:
2199 An object of the form:
2200
2201 { # An OS Config resource representing a guest configuration policy. These
2202 # policies represent the desired state for VM instance guest environments
2203 # including packages to install or remove, package repository configurations,
2204 # and software to install.
2205 &quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
2206 { # A software recipe is a set of instructions for installing and configuring a
2207 # piece of software. It consists of a set of artifacts that are
2208 # downloaded, and a set of steps that install, configure, and/or update the
2209 # software.
2210 #
2211 # Recipes support installing and updating software from artifacts in the
2212 # following formats:
2213 # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
2214 #
2215 # Additionally, recipes support executing a script (either defined in a file or
2216 # directly in this api) in bash, sh, cmd, and powershell.
2217 #
2218 # Updating a software recipe
2219 #
2220 # If a recipe is assigned to an instance and there is a recipe with the same
2221 # name but a lower version already installed and the assigned state
2222 # of the recipe is `UPDATED`, then the recipe is updated to
2223 # the new version.
2224 #
2225 # Script Working Directories
2226 #
2227 # Each script or execution step is run in its own temporary directory which
2228 # is deleted after completing the step.
2229 &quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
2230 # installed on an instance.
2231 #
2232 # Names are also used to identify resources which helps to determine whether
2233 # guest policies have conflicts. This means that requests to create multiple
2234 # recipes with the same name and version are rejected since they
2235 # could potentially have conflicting assignments.
2236 &quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
2237 # executing steps and does not attempt another update for this recipe. Any
2238 # steps taken (including partially completed steps) are not rolled back.
2239 { # An action that can be taken as part of installing or updating a recipe.
2240 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
2241 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2242 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
2243 # false and the file already exists the file is not overwritten
2244 # and the step is considered a success. Defaults to false.
2245 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
2246 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
2247 # order, the permissions of the owner, group, and other users for the
2248 # file (similarly to the numeric mode used in the linux chmod utility).
2249 # Each digit represents a three bit number with the 4 bit
2250 # corresponding to the read permissions, the 2 bit corresponds to the
2251 # write bit, and the one bit corresponds to the execute permission.
2252 # Default behavior is 755.
2253 #
2254 # Below are some examples of permissions and their associated values:
2255 # read, write, and execute: 7
2256 # read and execute: 5
2257 # read and write: 6
2258 # read only: 4
2259 },
2260 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
2261 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2262 },
2263 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
2264 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
2265 # can return to indicate a success.
2266 42,
2267 ],
2268 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
2269 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
2270 &quot;A String&quot;,
2271 ],
2272 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
2273 },
2274 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
2275 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
2276 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2277 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
2278 # Defaults to `/` on Linux or `C:\` on Windows.
2279 },
2280 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
2281 &quot;flags&quot;: [ # The flags to use when installing the MSI
2282 # defaults to [&quot;/i&quot;] (i.e. the install flag).
2283 &quot;A String&quot;,
2284 ],
2285 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
2286 # successfully. Behaviour defaults to [0]
2287 42,
2288 ],
2289 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2290 },
2291 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
2292 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
2293 # successfully. Behaviour defaults to [0]
2294 42,
2295 ],
2296 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
2297 # specified the script is executed directly, which likely
2298 # only succeed for scripts with
2299 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
2300 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
2301 },
2302 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
2303 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2304 },
2305 },
2306 ],
2307 &quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
2308 # recipe.
2309 #
2310 # INSTALLED: The software recipe is installed on the instance but
2311 # won&#x27;t be updated to new versions.
2312 # UPDATED: The software recipe is installed on the instance. The recipe is
2313 # updated to a higher version, if a higher version of the recipe is
2314 # assigned to this instance.
2315 # REMOVE: Remove is unsupported for software recipes and attempts to
2316 # create or update a recipe to the REMOVE state is rejected.
2317 &quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
2318 # separated numbers (e.g. 12.34.56.78).
2319 &quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
2320 { # Specifies a resource to be used in the recipe.
2321 &quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
2322 &quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
2323 # SHA256 checksum in hex format, to compare to the checksum of the
2324 # artifact. If the checksum is not empty and it doesn&#x27;t match the
2325 # artifact then the recipe installation fails before running any of the
2326 # steps.
2327 &quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
2328 # and path following the format {protocol}://{location}.
2329 },
2330 &quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
2331 &quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
2332 # Generation number of the Google Cloud Storage object.
2333 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
2334 # this value would be `1234567`.
2335 &quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
2336 # Given an example URL:
2337 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
2338 # this value would be `my-bucket`.
2339 &quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
2340 # As specified [here]
2341 # (https://cloud.google.com/storage/docs/naming#objectnames)
2342 # Given an example URL:
2343 # `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
2344 # this value would be `foo/bar`.
2345 },
2346 &quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
2347 # recipe can reference. Artifacts in a recipe cannot have the same id.
2348 &quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
2349 # based on the artifact type:
2350 #
2351 # Remote: A checksum must be specified, and only protocols with
2352 # transport-layer security are permitted.
2353 # GCS: An object generation number must be specified.
2354 },
2355 ],
2356 &quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
2357 # executing steps and does not attempt another installation. Any steps taken
2358 # (including partially completed steps) are not rolled back.
2359 { # An action that can be taken as part of installing or updating a recipe.
2360 &quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
2361 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2362 &quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
2363 # false and the file already exists the file is not overwritten
2364 # and the step is considered a success. Defaults to false.
2365 &quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
2366 &quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
2367 # order, the permissions of the owner, group, and other users for the
2368 # file (similarly to the numeric mode used in the linux chmod utility).
2369 # Each digit represents a three bit number with the 4 bit
2370 # corresponding to the read permissions, the 2 bit corresponds to the
2371 # write bit, and the one bit corresponds to the execute permission.
2372 # Default behavior is 755.
2373 #
2374 # Below are some examples of permissions and their associated values:
2375 # read, write, and execute: 7
2376 # read and execute: 5
2377 # read and write: 6
2378 # read only: 4
2379 },
2380 &quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
2381 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2382 },
2383 &quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
2384 &quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
2385 # can return to indicate a success.
2386 42,
2387 ],
2388 &quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
2389 &quot;args&quot;: [ # Arguments to be passed to the provided executable.
2390 &quot;A String&quot;,
2391 ],
2392 &quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
2393 },
2394 &quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
2395 &quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
2396 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2397 &quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
2398 # Defaults to `/` on Linux or `C:\` on Windows.
2399 },
2400 &quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
2401 &quot;flags&quot;: [ # The flags to use when installing the MSI
2402 # defaults to [&quot;/i&quot;] (i.e. the install flag).
2403 &quot;A String&quot;,
2404 ],
2405 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
2406 # successfully. Behaviour defaults to [0]
2407 42,
2408 ],
2409 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2410 },
2411 &quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
2412 &quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
2413 # successfully. Behaviour defaults to [0]
2414 42,
2415 ],
2416 &quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
2417 # specified the script is executed directly, which likely
2418 # only succeed for scripts with
2419 # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
2420 &quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
2421 },
2422 &quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
2423 &quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
2424 },
2425 },
2426 ],
2427 },
2428 ],
2429 &quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
2430 # you to target sets or groups of VM instances by different parameters such
2431 # as labels, names, OS, or zones.
2432 #
2433 # If left empty, all VM instances underneath this policy are targeted.
2434 #
2435 # At the same level in the resource hierarchy (that is within a project), the
2436 # service prevents the creation of multiple policies that conflict with
2437 # each other. For more information, see how the service [handles assignment
2438 # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
2439 # applies to.
2440 #
2441 # If an assignment is empty, it applies to all VM instances. Otherwise, the
2442 # targeted VM instances must meet all the criteria specified. So if both
2443 # labels and zones are specified, the policy applies to VM instances with those
2444 # labels and in those zones.
2445 &quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
2446 # an assignment to target disparate groups, for example &quot;env=prod or
2447 # env=staging&quot;.
2448 { # Represents a group of VM intances that can be identified as having all
2449 # these labels, for example &quot;env=prod and app=web&quot;.
2450 &quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
2451 # instance to be included in this assignment group.
2452 &quot;a_key&quot;: &quot;A String&quot;,
2453 },
2454 },
2455 ],
2456 &quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
2457 #
2458 # VM instances must match all supplied criteria for a given OsType to be
2459 # included.
2460 { # Defines the criteria for selecting VM Instances by OS type.
2461 &quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
2462 # OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
2463 &quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
2464 # OS architecture.
2465 &quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
2466 # following OS version.
2467 },
2468 ],
2469 &quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
2470 # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
2471 #
2472 # Instance targeting is uncommon and is supported to facilitate the
2473 # management of changes by the instance or to target specific VM instances
2474 # for development and testing.
2475 #
2476 # Only supported for project-level policies and must reference instances
2477 # within this project.
2478 &quot;A String&quot;,
2479 ],
2480 &quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
2481 #
2482 # Like labels, this is another way to group VM instances when targeting
2483 # configs, for example prefix=&quot;prod-&quot;.
2484 #
2485 # Only supported for project-level policies.
2486 &quot;A String&quot;,
2487 ],
2488 &quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
2489 # in any zone.
2490 #
2491 # Zonal targeting is uncommon and is supported to facilitate the management
2492 # of changes by zone.
2493 &quot;A String&quot;,
2494 ],
2495 },
2496 &quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
2497 # to 1024 characters.
2498 &quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
2499 # done before any other configs are applied so they can use these repos.
2500 # Package repositories are only configured if the corresponding package
2501 # manager(s) are available.
2502 { # A package repository.
2503 &quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
2504 # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
2505 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
2506 # the `repo id` in the zypper config file and also the `display_name` if
2507 # `display_name` is omitted. This id is also used as the unique identifier
2508 # when checking for guest policy conflicts.
2509 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
2510 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
2511 &quot;A String&quot;,
2512 ],
2513 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
2514 },
2515 &quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
2516 # a repo file that is stored at
2517 # `/etc/apt/sources.list.d/google_osconfig.list`.
2518 &quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
2519 &quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
2520 &quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
2521 # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
2522 # all the keys in any applied guest policy.
2523 &quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
2524 &quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
2525 &quot;A String&quot;,
2526 ],
2527 },
2528 &quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
2529 # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
2530 &quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
2531 &quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
2532 # the `repo id` in the Yum config file and also the `display_name` if
2533 # `display_name` is omitted. This id is also used as the unique identifier
2534 # when checking for guest policy conflicts.
2535 &quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
2536 &quot;gpgKeys&quot;: [ # URIs of GPG keys.
2537 &quot;A String&quot;,
2538 ],
2539 },
2540 &quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
2541 # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
2542 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
2543 &quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
2544 },
2545 },
2546 ],
2547 &quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
2548 # If this is provided on update, it must match the server&#x27;s etag.
2549 &quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
2550 &quot;packages&quot;: [ # The software packages to be managed by this policy.
2551 { # Package is a reference to the software package to be installed or removed.
2552 # The agent on the VM instance uses the system package manager to apply the
2553 # config.
2554 #
2555 #
2556 # These are the commands that the agent uses to install or remove
2557 # packages.
2558 #
2559 # Apt
2560 # install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
2561 # remove: `apt-get -y remove package1 package2 package3`
2562 #
2563 # Yum
2564 # install: `yum -y install package1 package2 package3`
2565 # remove: `yum -y remove package1 package2 package3`
2566 #
2567 # Zypper
2568 # install: `zypper install package1 package2 package3`
2569 # remove: `zypper rm package1 package2`
2570 #
2571 # Googet
2572 # install: `googet -noconfirm install package1 package2 package3`
2573 # remove: `googet -noconfirm remove package1 package2 package3`
2574 &quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
2575 # validation by checking the package name and the manager(s) that the
2576 # package targets.
2577 &quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
2578 # If a system does not have the package manager, the package is not
2579 # installed or removed no error message is returned. By default,
2580 # or if you specify `ANY`,
2581 # the agent attempts to install and remove this package using the default
2582 # package manager. This is useful when creating a policy that applies to
2583 # different types of systems.
2584 #
2585 # The default behavior is ANY.
2586 &quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
2587 # default is to ensure the package is installed.
2588 },
2589 ],
2590 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
2591 &quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
2592 # forms:
2593 # `projects/{project_number}/guestPolicies/{guest_policy_id}`.
2594 }</pre>
2595</div>
2596
2597</body></html>