Bu Sun Kim | 6502091 | 2020-05-20 12:08:20 -0700 | [diff] [blame] | 1 | <html><body> |
| 2 | <style> |
| 3 | |
| 4 | body, h1, h2, h3, div, span, p, pre, a { |
| 5 | margin: 0; |
| 6 | padding: 0; |
| 7 | border: 0; |
| 8 | font-weight: inherit; |
| 9 | font-style: inherit; |
| 10 | font-size: 100%; |
| 11 | font-family: inherit; |
| 12 | vertical-align: baseline; |
| 13 | } |
| 14 | |
| 15 | body { |
| 16 | font-size: 13px; |
| 17 | padding: 1em; |
| 18 | } |
| 19 | |
| 20 | h1 { |
| 21 | font-size: 26px; |
| 22 | margin-bottom: 1em; |
| 23 | } |
| 24 | |
| 25 | h2 { |
| 26 | font-size: 24px; |
| 27 | margin-bottom: 1em; |
| 28 | } |
| 29 | |
| 30 | h3 { |
| 31 | font-size: 20px; |
| 32 | margin-bottom: 1em; |
| 33 | margin-top: 1em; |
| 34 | } |
| 35 | |
| 36 | pre, code { |
| 37 | line-height: 1.5; |
| 38 | font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; |
| 39 | } |
| 40 | |
| 41 | pre { |
| 42 | margin-top: 0.5em; |
| 43 | } |
| 44 | |
| 45 | h1, h2, h3, p { |
| 46 | font-family: Arial, sans serif; |
| 47 | } |
| 48 | |
| 49 | h1, h2, h3 { |
| 50 | border-bottom: solid #CCC 1px; |
| 51 | } |
| 52 | |
| 53 | .toc_element { |
| 54 | margin-top: 0.5em; |
| 55 | } |
| 56 | |
| 57 | .firstline { |
| 58 | margin-left: 2 em; |
| 59 | } |
| 60 | |
| 61 | .method { |
| 62 | margin-top: 1em; |
| 63 | border: solid 1px #CCC; |
| 64 | padding: 1em; |
| 65 | background: #EEE; |
| 66 | } |
| 67 | |
| 68 | .details { |
| 69 | font-weight: bold; |
| 70 | font-size: 14px; |
| 71 | } |
| 72 | |
| 73 | </style> |
| 74 | |
| 75 | <h1><a href="osconfig_v1beta.html">Cloud OS Config API</a> . <a href="osconfig_v1beta.projects.html">projects</a> . <a href="osconfig_v1beta.projects.guestPolicies.html">guestPolicies</a></h1> |
| 76 | <h2>Instance Methods</h2> |
| 77 | <p class="toc_element"> |
| 78 | <code><a href="#create">create(parent, body=None, guestPolicyId=None, x__xgafv=None)</a></code></p> |
| 79 | <p class="firstline">Create an OS Config guest policy.</p> |
| 80 | <p class="toc_element"> |
| 81 | <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p> |
| 82 | <p class="firstline">Delete an OS Config guest policy.</p> |
| 83 | <p class="toc_element"> |
| 84 | <code><a href="#get">get(name, x__xgafv=None)</a></code></p> |
| 85 | <p class="firstline">Get an OS Config guest policy.</p> |
| 86 | <p class="toc_element"> |
| 87 | <code><a href="#list">list(parent, pageToken=None, pageSize=None, x__xgafv=None)</a></code></p> |
| 88 | <p class="firstline">Get a page of OS Config guest policies.</p> |
| 89 | <p class="toc_element"> |
| 90 | <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p> |
| 91 | <p class="firstline">Retrieves the next page of results.</p> |
| 92 | <p class="toc_element"> |
| 93 | <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p> |
| 94 | <p class="firstline">Update an OS Config guest policy.</p> |
| 95 | <h3>Method Details</h3> |
| 96 | <div class="method"> |
| 97 | <code class="details" id="create">create(parent, body=None, guestPolicyId=None, x__xgafv=None)</code> |
| 98 | <pre>Create an OS Config guest policy. |
| 99 | |
| 100 | Args: |
| 101 | parent: string, Required. The resource name of the parent using one of the following forms: |
| 102 | `projects/{project_number}`. (required) |
| 103 | body: object, The request body. |
| 104 | The object takes the form of: |
| 105 | |
| 106 | { # An OS Config resource representing a guest configuration policy. These |
| 107 | # policies represent the desired state for VM instance guest environments |
| 108 | # including packages to install or remove, package repository configurations, |
| 109 | # and software to install. |
| 110 | "recipes": [ # A list of Recipes to install on the VM instance. |
| 111 | { # A software recipe is a set of instructions for installing and configuring a |
| 112 | # piece of software. It consists of a set of artifacts that are |
| 113 | # downloaded, and a set of steps that install, configure, and/or update the |
| 114 | # software. |
| 115 | # |
| 116 | # Recipes support installing and updating software from artifacts in the |
| 117 | # following formats: |
| 118 | # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package. |
| 119 | # |
| 120 | # Additionally, recipes support executing a script (either defined in a file or |
| 121 | # directly in this api) in bash, sh, cmd, and powershell. |
| 122 | # |
| 123 | # Updating a software recipe |
| 124 | # |
| 125 | # If a recipe is assigned to an instance and there is a recipe with the same |
| 126 | # name but a lower version already installed and the assigned state |
| 127 | # of the recipe is `UPDATED`, then the recipe is updated to |
| 128 | # the new version. |
| 129 | # |
| 130 | # Script Working Directories |
| 131 | # |
| 132 | # Each script or execution step is run in its own temporary directory which |
| 133 | # is deleted after completing the step. |
| 134 | "name": "A String", # Required. Unique identifier for the recipe. Only one recipe with a given name is |
| 135 | # installed on an instance. |
| 136 | # |
| 137 | # Names are also used to identify resources which helps to determine whether |
| 138 | # guest policies have conflicts. This means that requests to create multiple |
| 139 | # recipes with the same name and version are rejected since they |
| 140 | # could potentially have conflicting assignments. |
| 141 | "updateSteps": [ # Actions to be taken for updating this recipe. On failure it stops |
| 142 | # executing steps and does not attempt another update for this recipe. Any |
| 143 | # steps taken (including partially completed steps) are not rolled back. |
| 144 | { # An action that can be taken as part of installing or updating a recipe. |
| 145 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 146 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 147 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 148 | # false and the file already exists the file is not overwritten |
| 149 | # and the step is considered a success. Defaults to false. |
| 150 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 151 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 152 | # order, the permissions of the owner, group, and other users for the |
| 153 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 154 | # Each digit represents a three bit number with the 4 bit |
| 155 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 156 | # write bit, and the one bit corresponds to the execute permission. |
| 157 | # Default behavior is 755. |
| 158 | # |
| 159 | # Below are some examples of permissions and their associated values: |
| 160 | # read, write, and execute: 7 |
| 161 | # read and execute: 5 |
| 162 | # read and write: 6 |
| 163 | # read only: 4 |
| 164 | }, |
| 165 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 166 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 167 | }, |
| 168 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 169 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 170 | # can return to indicate a success. |
| 171 | 42, |
| 172 | ], |
| 173 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 174 | "args": [ # Arguments to be passed to the provided executable. |
| 175 | "A String", |
| 176 | ], |
| 177 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 178 | }, |
| 179 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 180 | "type": "A String", # Required. The type of the archive to extract. |
| 181 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 182 | "destination": "A String", # Directory to extract archive to. |
| 183 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 184 | }, |
| 185 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 186 | "flags": [ # The flags to use when installing the MSI |
| 187 | # defaults to ["/i"] (i.e. the install flag). |
| 188 | "A String", |
| 189 | ], |
| 190 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 191 | # successfully. Behaviour defaults to [0] |
| 192 | 42, |
| 193 | ], |
| 194 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 195 | }, |
| 196 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 197 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 198 | # successfully. Behaviour defaults to [0] |
| 199 | 42, |
| 200 | ], |
| 201 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 202 | # specified the script is executed directly, which likely |
| 203 | # only succeed for scripts with |
| 204 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 205 | "script": "A String", # Required. The shell script to be executed. |
| 206 | }, |
| 207 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 208 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 209 | }, |
| 210 | }, |
| 211 | ], |
| 212 | "desiredState": "A String", # Default is INSTALLED. The desired state the agent should maintain for this |
| 213 | # recipe. |
| 214 | # |
| 215 | # INSTALLED: The software recipe is installed on the instance but |
| 216 | # won't be updated to new versions. |
| 217 | # UPDATED: The software recipe is installed on the instance. The recipe is |
| 218 | # updated to a higher version, if a higher version of the recipe is |
| 219 | # assigned to this instance. |
| 220 | # REMOVE: Remove is unsupported for software recipes and attempts to |
| 221 | # create or update a recipe to the REMOVE state is rejected. |
| 222 | "version": "A String", # The version of this software recipe. Version can be up to 4 period |
| 223 | # separated numbers (e.g. 12.34.56.78). |
| 224 | "artifacts": [ # Resources available to be used in the steps in the recipe. |
| 225 | { # Specifies a resource to be used in the recipe. |
| 226 | "remote": { # Specifies an artifact available via some URI. # A generic remote artifact. |
| 227 | "checksum": "A String", # Must be provided if `allow_insecure` is `false`. |
| 228 | # SHA256 checksum in hex format, to compare to the checksum of the |
| 229 | # artifact. If the checksum is not empty and it doesn't match the |
| 230 | # artifact then the recipe installation fails before running any of the |
| 231 | # steps. |
| 232 | "uri": "A String", # URI from which to fetch the object. It should contain both the protocol |
| 233 | # and path following the format {protocol}://{location}. |
| 234 | }, |
| 235 | "gcs": { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact. |
| 236 | "generation": "A String", # Must be provided if allow_insecure is false. |
| 237 | # Generation number of the Google Cloud Storage object. |
| 238 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 239 | # this value would be `1234567`. |
| 240 | "bucket": "A String", # Bucket of the Google Cloud Storage object. |
| 241 | # Given an example URL: |
| 242 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 243 | # this value would be `my-bucket`. |
| 244 | "object": "A String", # Name of the Google Cloud Storage object. |
| 245 | # As specified [here] |
| 246 | # (https://cloud.google.com/storage/docs/naming#objectnames) |
| 247 | # Given an example URL: |
| 248 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 249 | # this value would be `foo/bar`. |
| 250 | }, |
| 251 | "id": "A String", # Required. Id of the artifact, which the installation and update steps of this |
| 252 | # recipe can reference. Artifacts in a recipe cannot have the same id. |
| 253 | "allowInsecure": True or False, # Defaults to false. When false, recipes are subject to validations |
| 254 | # based on the artifact type: |
| 255 | # |
| 256 | # Remote: A checksum must be specified, and only protocols with |
| 257 | # transport-layer security are permitted. |
| 258 | # GCS: An object generation number must be specified. |
| 259 | }, |
| 260 | ], |
| 261 | "installSteps": [ # Actions to be taken for installing this recipe. On failure it stops |
| 262 | # executing steps and does not attempt another installation. Any steps taken |
| 263 | # (including partially completed steps) are not rolled back. |
| 264 | { # An action that can be taken as part of installing or updating a recipe. |
| 265 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 266 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 267 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 268 | # false and the file already exists the file is not overwritten |
| 269 | # and the step is considered a success. Defaults to false. |
| 270 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 271 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 272 | # order, the permissions of the owner, group, and other users for the |
| 273 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 274 | # Each digit represents a three bit number with the 4 bit |
| 275 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 276 | # write bit, and the one bit corresponds to the execute permission. |
| 277 | # Default behavior is 755. |
| 278 | # |
| 279 | # Below are some examples of permissions and their associated values: |
| 280 | # read, write, and execute: 7 |
| 281 | # read and execute: 5 |
| 282 | # read and write: 6 |
| 283 | # read only: 4 |
| 284 | }, |
| 285 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 286 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 287 | }, |
| 288 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 289 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 290 | # can return to indicate a success. |
| 291 | 42, |
| 292 | ], |
| 293 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 294 | "args": [ # Arguments to be passed to the provided executable. |
| 295 | "A String", |
| 296 | ], |
| 297 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 298 | }, |
| 299 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 300 | "type": "A String", # Required. The type of the archive to extract. |
| 301 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 302 | "destination": "A String", # Directory to extract archive to. |
| 303 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 304 | }, |
| 305 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 306 | "flags": [ # The flags to use when installing the MSI |
| 307 | # defaults to ["/i"] (i.e. the install flag). |
| 308 | "A String", |
| 309 | ], |
| 310 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 311 | # successfully. Behaviour defaults to [0] |
| 312 | 42, |
| 313 | ], |
| 314 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 315 | }, |
| 316 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 317 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 318 | # successfully. Behaviour defaults to [0] |
| 319 | 42, |
| 320 | ], |
| 321 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 322 | # specified the script is executed directly, which likely |
| 323 | # only succeed for scripts with |
| 324 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 325 | "script": "A String", # Required. The shell script to be executed. |
| 326 | }, |
| 327 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 328 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 329 | }, |
| 330 | }, |
| 331 | ], |
| 332 | }, |
| 333 | ], |
| 334 | "assignment": { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows |
| 335 | # you to target sets or groups of VM instances by different parameters such |
| 336 | # as labels, names, OS, or zones. |
| 337 | # |
| 338 | # If left empty, all VM instances underneath this policy are targeted. |
| 339 | # |
| 340 | # At the same level in the resource hierarchy (that is within a project), the |
| 341 | # service prevents the creation of multiple policies that conflict with |
| 342 | # each other. For more information, see how the service [handles assignment |
| 343 | # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts). |
| 344 | # applies to. |
| 345 | # |
| 346 | # If an assignment is empty, it applies to all VM instances. Otherwise, the |
| 347 | # targeted VM instances must meet all the criteria specified. So if both |
| 348 | # labels and zones are specified, the policy applies to VM instances with those |
| 349 | # labels and in those zones. |
| 350 | "groupLabels": [ # Targets instances matching at least one of these label sets. This allows |
| 351 | # an assignment to target disparate groups, for example "env=prod or |
| 352 | # env=staging". |
| 353 | { # Represents a group of VM intances that can be identified as having all |
| 354 | # these labels, for example "env=prod and app=web". |
| 355 | "labels": { # Google Compute Engine instance labels that must be present for an |
| 356 | # instance to be included in this assignment group. |
| 357 | "a_key": "A String", |
| 358 | }, |
| 359 | }, |
| 360 | ], |
| 361 | "osTypes": [ # Targets VM instances matching at least one of the following OS types. |
| 362 | # |
| 363 | # VM instances must match all supplied criteria for a given OsType to be |
| 364 | # included. |
| 365 | { # Defines the criteria for selecting VM Instances by OS type. |
| 366 | "osShortName": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 367 | # OS short name, for example "debian" or "windows". |
| 368 | "osArchitecture": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 369 | # OS architecture. |
| 370 | "osVersion": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 371 | # following OS version. |
| 372 | }, |
| 373 | ], |
| 374 | "instances": [ # Targets any of the instances specified. Instances are specified by their |
| 375 | # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`. |
| 376 | # |
| 377 | # Instance targeting is uncommon and is supported to facilitate the |
| 378 | # management of changes by the instance or to target specific VM instances |
| 379 | # for development and testing. |
| 380 | # |
| 381 | # Only supported for project-level policies and must reference instances |
| 382 | # within this project. |
| 383 | "A String", |
| 384 | ], |
| 385 | "instanceNamePrefixes": [ # Targets VM instances whose name starts with one of these prefixes. |
| 386 | # |
| 387 | # Like labels, this is another way to group VM instances when targeting |
| 388 | # configs, for example prefix="prod-". |
| 389 | # |
| 390 | # Only supported for project-level policies. |
| 391 | "A String", |
| 392 | ], |
| 393 | "zones": [ # Targets instances in any of these zones. Leave empty to target instances |
| 394 | # in any zone. |
| 395 | # |
| 396 | # Zonal targeting is uncommon and is supported to facilitate the management |
| 397 | # of changes by zone. |
| 398 | "A String", |
| 399 | ], |
| 400 | }, |
| 401 | "description": "A String", # Description of the guest policy. Length of the description is limited |
| 402 | # to 1024 characters. |
| 403 | "packageRepositories": [ # A list of package repositories to configure on the VM instance. This is |
| 404 | # done before any other configs are applied so they can use these repos. |
| 405 | # Package repositories are only configured if the corresponding package |
| 406 | # manager(s) are available. |
| 407 | { # A package repository. |
| 408 | "zypper": { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository. |
| 409 | # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`. |
| 410 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 411 | # the `repo id` in the zypper config file and also the `display_name` if |
| 412 | # `display_name` is omitted. This id is also used as the unique identifier |
| 413 | # when checking for guest policy conflicts. |
| 414 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 415 | "gpgKeys": [ # URIs of GPG keys. |
| 416 | "A String", |
| 417 | ], |
| 418 | "displayName": "A String", # The display name of the repository. |
| 419 | }, |
| 420 | "apt": { # Represents a single Apt package repository. This repository is added to # An Apt Repository. |
| 421 | # a repo file that is stored at |
| 422 | # `/etc/apt/sources.list.d/google_osconfig.list`. |
| 423 | "archiveType": "A String", # Type of archive files in this repository. The default behavior is DEB. |
| 424 | "uri": "A String", # Required. URI for this repository. |
| 425 | "gpgKey": "A String", # URI of the key file for this repository. The agent maintains |
| 426 | # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing |
| 427 | # all the keys in any applied guest policy. |
| 428 | "distribution": "A String", # Required. Distribution of this repository. |
| 429 | "components": [ # Required. List of components for this repository. Must contain at least one item. |
| 430 | "A String", |
| 431 | ], |
| 432 | }, |
| 433 | "yum": { # Represents a single Yum package repository. This repository is added to a # A Yum Repository. |
| 434 | # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`. |
| 435 | "displayName": "A String", # The display name of the repository. |
| 436 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 437 | # the `repo id` in the Yum config file and also the `display_name` if |
| 438 | # `display_name` is omitted. This id is also used as the unique identifier |
| 439 | # when checking for guest policy conflicts. |
| 440 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 441 | "gpgKeys": [ # URIs of GPG keys. |
| 442 | "A String", |
| 443 | ], |
| 444 | }, |
| 445 | "goo": { # Represents a Goo package repository. These is added to a repo file # A Goo Repository. |
| 446 | # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo. |
| 447 | "name": "A String", # Required. The name of the repository. |
| 448 | "url": "A String", # Required. The url of the repository. |
| 449 | }, |
| 450 | }, |
| 451 | ], |
| 452 | "etag": "A String", # The etag for this guest policy. |
| 453 | # If this is provided on update, it must match the server's etag. |
| 454 | "createTime": "A String", # Output only. Time this guest policy was created. |
| 455 | "packages": [ # The software packages to be managed by this policy. |
| 456 | { # Package is a reference to the software package to be installed or removed. |
| 457 | # The agent on the VM instance uses the system package manager to apply the |
| 458 | # config. |
| 459 | # |
| 460 | # |
| 461 | # These are the commands that the agent uses to install or remove |
| 462 | # packages. |
| 463 | # |
| 464 | # Apt |
| 465 | # install: `apt-get update && apt-get -y install package1 package2 package3` |
| 466 | # remove: `apt-get -y remove package1 package2 package3` |
| 467 | # |
| 468 | # Yum |
| 469 | # install: `yum -y install package1 package2 package3` |
| 470 | # remove: `yum -y remove package1 package2 package3` |
| 471 | # |
| 472 | # Zypper |
| 473 | # install: `zypper install package1 package2 package3` |
| 474 | # remove: `zypper rm package1 package2` |
| 475 | # |
| 476 | # Googet |
| 477 | # install: `googet -noconfirm install package1 package2 package3` |
| 478 | # remove: `googet -noconfirm remove package1 package2 package3` |
| 479 | "name": "A String", # Required. The name of the package. A package is uniquely identified for conflict |
| 480 | # validation by checking the package name and the manager(s) that the |
| 481 | # package targets. |
| 482 | "manager": "A String", # Type of package manager that can be used to install this package. |
| 483 | # If a system does not have the package manager, the package is not |
| 484 | # installed or removed no error message is returned. By default, |
| 485 | # or if you specify `ANY`, |
| 486 | # the agent attempts to install and remove this package using the default |
| 487 | # package manager. This is useful when creating a policy that applies to |
| 488 | # different types of systems. |
| 489 | # |
| 490 | # The default behavior is ANY. |
| 491 | "desiredState": "A String", # The desired_state the agent should maintain for this package. The |
| 492 | # default is to ensure the package is installed. |
| 493 | }, |
| 494 | ], |
| 495 | "updateTime": "A String", # Output only. Last time this guest policy was updated. |
| 496 | "name": "A String", # Required. Unique name of the resource in this project using one of the following |
| 497 | # forms: |
| 498 | # `projects/{project_number}/guestPolicies/{guest_policy_id}`. |
| 499 | } |
| 500 | |
| 501 | guestPolicyId: string, Required. The logical name of the guest policy in the project |
| 502 | with the following restrictions: |
| 503 | |
| 504 | * Must contain only lowercase letters, numbers, and hyphens. |
| 505 | * Must start with a letter. |
| 506 | * Must be between 1-63 characters. |
| 507 | * Must end with a number or a letter. |
| 508 | * Must be unique within the project. |
| 509 | x__xgafv: string, V1 error format. |
| 510 | Allowed values |
| 511 | 1 - v1 error format |
| 512 | 2 - v2 error format |
| 513 | |
| 514 | Returns: |
| 515 | An object of the form: |
| 516 | |
| 517 | { # An OS Config resource representing a guest configuration policy. These |
| 518 | # policies represent the desired state for VM instance guest environments |
| 519 | # including packages to install or remove, package repository configurations, |
| 520 | # and software to install. |
| 521 | "recipes": [ # A list of Recipes to install on the VM instance. |
| 522 | { # A software recipe is a set of instructions for installing and configuring a |
| 523 | # piece of software. It consists of a set of artifacts that are |
| 524 | # downloaded, and a set of steps that install, configure, and/or update the |
| 525 | # software. |
| 526 | # |
| 527 | # Recipes support installing and updating software from artifacts in the |
| 528 | # following formats: |
| 529 | # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package. |
| 530 | # |
| 531 | # Additionally, recipes support executing a script (either defined in a file or |
| 532 | # directly in this api) in bash, sh, cmd, and powershell. |
| 533 | # |
| 534 | # Updating a software recipe |
| 535 | # |
| 536 | # If a recipe is assigned to an instance and there is a recipe with the same |
| 537 | # name but a lower version already installed and the assigned state |
| 538 | # of the recipe is `UPDATED`, then the recipe is updated to |
| 539 | # the new version. |
| 540 | # |
| 541 | # Script Working Directories |
| 542 | # |
| 543 | # Each script or execution step is run in its own temporary directory which |
| 544 | # is deleted after completing the step. |
| 545 | "name": "A String", # Required. Unique identifier for the recipe. Only one recipe with a given name is |
| 546 | # installed on an instance. |
| 547 | # |
| 548 | # Names are also used to identify resources which helps to determine whether |
| 549 | # guest policies have conflicts. This means that requests to create multiple |
| 550 | # recipes with the same name and version are rejected since they |
| 551 | # could potentially have conflicting assignments. |
| 552 | "updateSteps": [ # Actions to be taken for updating this recipe. On failure it stops |
| 553 | # executing steps and does not attempt another update for this recipe. Any |
| 554 | # steps taken (including partially completed steps) are not rolled back. |
| 555 | { # An action that can be taken as part of installing or updating a recipe. |
| 556 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 557 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 558 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 559 | # false and the file already exists the file is not overwritten |
| 560 | # and the step is considered a success. Defaults to false. |
| 561 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 562 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 563 | # order, the permissions of the owner, group, and other users for the |
| 564 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 565 | # Each digit represents a three bit number with the 4 bit |
| 566 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 567 | # write bit, and the one bit corresponds to the execute permission. |
| 568 | # Default behavior is 755. |
| 569 | # |
| 570 | # Below are some examples of permissions and their associated values: |
| 571 | # read, write, and execute: 7 |
| 572 | # read and execute: 5 |
| 573 | # read and write: 6 |
| 574 | # read only: 4 |
| 575 | }, |
| 576 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 577 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 578 | }, |
| 579 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 580 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 581 | # can return to indicate a success. |
| 582 | 42, |
| 583 | ], |
| 584 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 585 | "args": [ # Arguments to be passed to the provided executable. |
| 586 | "A String", |
| 587 | ], |
| 588 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 589 | }, |
| 590 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 591 | "type": "A String", # Required. The type of the archive to extract. |
| 592 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 593 | "destination": "A String", # Directory to extract archive to. |
| 594 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 595 | }, |
| 596 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 597 | "flags": [ # The flags to use when installing the MSI |
| 598 | # defaults to ["/i"] (i.e. the install flag). |
| 599 | "A String", |
| 600 | ], |
| 601 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 602 | # successfully. Behaviour defaults to [0] |
| 603 | 42, |
| 604 | ], |
| 605 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 606 | }, |
| 607 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 608 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 609 | # successfully. Behaviour defaults to [0] |
| 610 | 42, |
| 611 | ], |
| 612 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 613 | # specified the script is executed directly, which likely |
| 614 | # only succeed for scripts with |
| 615 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 616 | "script": "A String", # Required. The shell script to be executed. |
| 617 | }, |
| 618 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 619 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 620 | }, |
| 621 | }, |
| 622 | ], |
| 623 | "desiredState": "A String", # Default is INSTALLED. The desired state the agent should maintain for this |
| 624 | # recipe. |
| 625 | # |
| 626 | # INSTALLED: The software recipe is installed on the instance but |
| 627 | # won't be updated to new versions. |
| 628 | # UPDATED: The software recipe is installed on the instance. The recipe is |
| 629 | # updated to a higher version, if a higher version of the recipe is |
| 630 | # assigned to this instance. |
| 631 | # REMOVE: Remove is unsupported for software recipes and attempts to |
| 632 | # create or update a recipe to the REMOVE state is rejected. |
| 633 | "version": "A String", # The version of this software recipe. Version can be up to 4 period |
| 634 | # separated numbers (e.g. 12.34.56.78). |
| 635 | "artifacts": [ # Resources available to be used in the steps in the recipe. |
| 636 | { # Specifies a resource to be used in the recipe. |
| 637 | "remote": { # Specifies an artifact available via some URI. # A generic remote artifact. |
| 638 | "checksum": "A String", # Must be provided if `allow_insecure` is `false`. |
| 639 | # SHA256 checksum in hex format, to compare to the checksum of the |
| 640 | # artifact. If the checksum is not empty and it doesn't match the |
| 641 | # artifact then the recipe installation fails before running any of the |
| 642 | # steps. |
| 643 | "uri": "A String", # URI from which to fetch the object. It should contain both the protocol |
| 644 | # and path following the format {protocol}://{location}. |
| 645 | }, |
| 646 | "gcs": { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact. |
| 647 | "generation": "A String", # Must be provided if allow_insecure is false. |
| 648 | # Generation number of the Google Cloud Storage object. |
| 649 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 650 | # this value would be `1234567`. |
| 651 | "bucket": "A String", # Bucket of the Google Cloud Storage object. |
| 652 | # Given an example URL: |
| 653 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 654 | # this value would be `my-bucket`. |
| 655 | "object": "A String", # Name of the Google Cloud Storage object. |
| 656 | # As specified [here] |
| 657 | # (https://cloud.google.com/storage/docs/naming#objectnames) |
| 658 | # Given an example URL: |
| 659 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 660 | # this value would be `foo/bar`. |
| 661 | }, |
| 662 | "id": "A String", # Required. Id of the artifact, which the installation and update steps of this |
| 663 | # recipe can reference. Artifacts in a recipe cannot have the same id. |
| 664 | "allowInsecure": True or False, # Defaults to false. When false, recipes are subject to validations |
| 665 | # based on the artifact type: |
| 666 | # |
| 667 | # Remote: A checksum must be specified, and only protocols with |
| 668 | # transport-layer security are permitted. |
| 669 | # GCS: An object generation number must be specified. |
| 670 | }, |
| 671 | ], |
| 672 | "installSteps": [ # Actions to be taken for installing this recipe. On failure it stops |
| 673 | # executing steps and does not attempt another installation. Any steps taken |
| 674 | # (including partially completed steps) are not rolled back. |
| 675 | { # An action that can be taken as part of installing or updating a recipe. |
| 676 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 677 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 678 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 679 | # false and the file already exists the file is not overwritten |
| 680 | # and the step is considered a success. Defaults to false. |
| 681 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 682 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 683 | # order, the permissions of the owner, group, and other users for the |
| 684 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 685 | # Each digit represents a three bit number with the 4 bit |
| 686 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 687 | # write bit, and the one bit corresponds to the execute permission. |
| 688 | # Default behavior is 755. |
| 689 | # |
| 690 | # Below are some examples of permissions and their associated values: |
| 691 | # read, write, and execute: 7 |
| 692 | # read and execute: 5 |
| 693 | # read and write: 6 |
| 694 | # read only: 4 |
| 695 | }, |
| 696 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 697 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 698 | }, |
| 699 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 700 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 701 | # can return to indicate a success. |
| 702 | 42, |
| 703 | ], |
| 704 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 705 | "args": [ # Arguments to be passed to the provided executable. |
| 706 | "A String", |
| 707 | ], |
| 708 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 709 | }, |
| 710 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 711 | "type": "A String", # Required. The type of the archive to extract. |
| 712 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 713 | "destination": "A String", # Directory to extract archive to. |
| 714 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 715 | }, |
| 716 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 717 | "flags": [ # The flags to use when installing the MSI |
| 718 | # defaults to ["/i"] (i.e. the install flag). |
| 719 | "A String", |
| 720 | ], |
| 721 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 722 | # successfully. Behaviour defaults to [0] |
| 723 | 42, |
| 724 | ], |
| 725 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 726 | }, |
| 727 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 728 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 729 | # successfully. Behaviour defaults to [0] |
| 730 | 42, |
| 731 | ], |
| 732 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 733 | # specified the script is executed directly, which likely |
| 734 | # only succeed for scripts with |
| 735 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 736 | "script": "A String", # Required. The shell script to be executed. |
| 737 | }, |
| 738 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 739 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 740 | }, |
| 741 | }, |
| 742 | ], |
| 743 | }, |
| 744 | ], |
| 745 | "assignment": { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows |
| 746 | # you to target sets or groups of VM instances by different parameters such |
| 747 | # as labels, names, OS, or zones. |
| 748 | # |
| 749 | # If left empty, all VM instances underneath this policy are targeted. |
| 750 | # |
| 751 | # At the same level in the resource hierarchy (that is within a project), the |
| 752 | # service prevents the creation of multiple policies that conflict with |
| 753 | # each other. For more information, see how the service [handles assignment |
| 754 | # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts). |
| 755 | # applies to. |
| 756 | # |
| 757 | # If an assignment is empty, it applies to all VM instances. Otherwise, the |
| 758 | # targeted VM instances must meet all the criteria specified. So if both |
| 759 | # labels and zones are specified, the policy applies to VM instances with those |
| 760 | # labels and in those zones. |
| 761 | "groupLabels": [ # Targets instances matching at least one of these label sets. This allows |
| 762 | # an assignment to target disparate groups, for example "env=prod or |
| 763 | # env=staging". |
| 764 | { # Represents a group of VM intances that can be identified as having all |
| 765 | # these labels, for example "env=prod and app=web". |
| 766 | "labels": { # Google Compute Engine instance labels that must be present for an |
| 767 | # instance to be included in this assignment group. |
| 768 | "a_key": "A String", |
| 769 | }, |
| 770 | }, |
| 771 | ], |
| 772 | "osTypes": [ # Targets VM instances matching at least one of the following OS types. |
| 773 | # |
| 774 | # VM instances must match all supplied criteria for a given OsType to be |
| 775 | # included. |
| 776 | { # Defines the criteria for selecting VM Instances by OS type. |
| 777 | "osShortName": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 778 | # OS short name, for example "debian" or "windows". |
| 779 | "osArchitecture": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 780 | # OS architecture. |
| 781 | "osVersion": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 782 | # following OS version. |
| 783 | }, |
| 784 | ], |
| 785 | "instances": [ # Targets any of the instances specified. Instances are specified by their |
| 786 | # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`. |
| 787 | # |
| 788 | # Instance targeting is uncommon and is supported to facilitate the |
| 789 | # management of changes by the instance or to target specific VM instances |
| 790 | # for development and testing. |
| 791 | # |
| 792 | # Only supported for project-level policies and must reference instances |
| 793 | # within this project. |
| 794 | "A String", |
| 795 | ], |
| 796 | "instanceNamePrefixes": [ # Targets VM instances whose name starts with one of these prefixes. |
| 797 | # |
| 798 | # Like labels, this is another way to group VM instances when targeting |
| 799 | # configs, for example prefix="prod-". |
| 800 | # |
| 801 | # Only supported for project-level policies. |
| 802 | "A String", |
| 803 | ], |
| 804 | "zones": [ # Targets instances in any of these zones. Leave empty to target instances |
| 805 | # in any zone. |
| 806 | # |
| 807 | # Zonal targeting is uncommon and is supported to facilitate the management |
| 808 | # of changes by zone. |
| 809 | "A String", |
| 810 | ], |
| 811 | }, |
| 812 | "description": "A String", # Description of the guest policy. Length of the description is limited |
| 813 | # to 1024 characters. |
| 814 | "packageRepositories": [ # A list of package repositories to configure on the VM instance. This is |
| 815 | # done before any other configs are applied so they can use these repos. |
| 816 | # Package repositories are only configured if the corresponding package |
| 817 | # manager(s) are available. |
| 818 | { # A package repository. |
| 819 | "zypper": { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository. |
| 820 | # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`. |
| 821 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 822 | # the `repo id` in the zypper config file and also the `display_name` if |
| 823 | # `display_name` is omitted. This id is also used as the unique identifier |
| 824 | # when checking for guest policy conflicts. |
| 825 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 826 | "gpgKeys": [ # URIs of GPG keys. |
| 827 | "A String", |
| 828 | ], |
| 829 | "displayName": "A String", # The display name of the repository. |
| 830 | }, |
| 831 | "apt": { # Represents a single Apt package repository. This repository is added to # An Apt Repository. |
| 832 | # a repo file that is stored at |
| 833 | # `/etc/apt/sources.list.d/google_osconfig.list`. |
| 834 | "archiveType": "A String", # Type of archive files in this repository. The default behavior is DEB. |
| 835 | "uri": "A String", # Required. URI for this repository. |
| 836 | "gpgKey": "A String", # URI of the key file for this repository. The agent maintains |
| 837 | # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing |
| 838 | # all the keys in any applied guest policy. |
| 839 | "distribution": "A String", # Required. Distribution of this repository. |
| 840 | "components": [ # Required. List of components for this repository. Must contain at least one item. |
| 841 | "A String", |
| 842 | ], |
| 843 | }, |
| 844 | "yum": { # Represents a single Yum package repository. This repository is added to a # A Yum Repository. |
| 845 | # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`. |
| 846 | "displayName": "A String", # The display name of the repository. |
| 847 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 848 | # the `repo id` in the Yum config file and also the `display_name` if |
| 849 | # `display_name` is omitted. This id is also used as the unique identifier |
| 850 | # when checking for guest policy conflicts. |
| 851 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 852 | "gpgKeys": [ # URIs of GPG keys. |
| 853 | "A String", |
| 854 | ], |
| 855 | }, |
| 856 | "goo": { # Represents a Goo package repository. These is added to a repo file # A Goo Repository. |
| 857 | # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo. |
| 858 | "name": "A String", # Required. The name of the repository. |
| 859 | "url": "A String", # Required. The url of the repository. |
| 860 | }, |
| 861 | }, |
| 862 | ], |
| 863 | "etag": "A String", # The etag for this guest policy. |
| 864 | # If this is provided on update, it must match the server's etag. |
| 865 | "createTime": "A String", # Output only. Time this guest policy was created. |
| 866 | "packages": [ # The software packages to be managed by this policy. |
| 867 | { # Package is a reference to the software package to be installed or removed. |
| 868 | # The agent on the VM instance uses the system package manager to apply the |
| 869 | # config. |
| 870 | # |
| 871 | # |
| 872 | # These are the commands that the agent uses to install or remove |
| 873 | # packages. |
| 874 | # |
| 875 | # Apt |
| 876 | # install: `apt-get update && apt-get -y install package1 package2 package3` |
| 877 | # remove: `apt-get -y remove package1 package2 package3` |
| 878 | # |
| 879 | # Yum |
| 880 | # install: `yum -y install package1 package2 package3` |
| 881 | # remove: `yum -y remove package1 package2 package3` |
| 882 | # |
| 883 | # Zypper |
| 884 | # install: `zypper install package1 package2 package3` |
| 885 | # remove: `zypper rm package1 package2` |
| 886 | # |
| 887 | # Googet |
| 888 | # install: `googet -noconfirm install package1 package2 package3` |
| 889 | # remove: `googet -noconfirm remove package1 package2 package3` |
| 890 | "name": "A String", # Required. The name of the package. A package is uniquely identified for conflict |
| 891 | # validation by checking the package name and the manager(s) that the |
| 892 | # package targets. |
| 893 | "manager": "A String", # Type of package manager that can be used to install this package. |
| 894 | # If a system does not have the package manager, the package is not |
| 895 | # installed or removed no error message is returned. By default, |
| 896 | # or if you specify `ANY`, |
| 897 | # the agent attempts to install and remove this package using the default |
| 898 | # package manager. This is useful when creating a policy that applies to |
| 899 | # different types of systems. |
| 900 | # |
| 901 | # The default behavior is ANY. |
| 902 | "desiredState": "A String", # The desired_state the agent should maintain for this package. The |
| 903 | # default is to ensure the package is installed. |
| 904 | }, |
| 905 | ], |
| 906 | "updateTime": "A String", # Output only. Last time this guest policy was updated. |
| 907 | "name": "A String", # Required. Unique name of the resource in this project using one of the following |
| 908 | # forms: |
| 909 | # `projects/{project_number}/guestPolicies/{guest_policy_id}`. |
| 910 | }</pre> |
| 911 | </div> |
| 912 | |
| 913 | <div class="method"> |
| 914 | <code class="details" id="delete">delete(name, x__xgafv=None)</code> |
| 915 | <pre>Delete an OS Config guest policy. |
| 916 | |
| 917 | Args: |
| 918 | name: string, Required. The resource name of the guest policy using one of the following forms: |
| 919 | `projects/{project_number}/guestPolicies/{guest_policy_id}`. (required) |
| 920 | x__xgafv: string, V1 error format. |
| 921 | Allowed values |
| 922 | 1 - v1 error format |
| 923 | 2 - v2 error format |
| 924 | |
| 925 | Returns: |
| 926 | An object of the form: |
| 927 | |
| 928 | { # A generic empty message that you can re-use to avoid defining duplicated |
| 929 | # empty messages in your APIs. A typical example is to use it as the request |
| 930 | # or the response type of an API method. For instance: |
| 931 | # |
| 932 | # service Foo { |
| 933 | # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); |
| 934 | # } |
| 935 | # |
| 936 | # The JSON representation for `Empty` is empty JSON object `{}`. |
| 937 | }</pre> |
| 938 | </div> |
| 939 | |
| 940 | <div class="method"> |
| 941 | <code class="details" id="get">get(name, x__xgafv=None)</code> |
| 942 | <pre>Get an OS Config guest policy. |
| 943 | |
| 944 | Args: |
| 945 | name: string, Required. The resource name of the guest policy using one of the following forms: |
| 946 | `projects/{project_number}/guestPolicies/{guest_policy_id}`. (required) |
| 947 | x__xgafv: string, V1 error format. |
| 948 | Allowed values |
| 949 | 1 - v1 error format |
| 950 | 2 - v2 error format |
| 951 | |
| 952 | Returns: |
| 953 | An object of the form: |
| 954 | |
| 955 | { # An OS Config resource representing a guest configuration policy. These |
| 956 | # policies represent the desired state for VM instance guest environments |
| 957 | # including packages to install or remove, package repository configurations, |
| 958 | # and software to install. |
| 959 | "recipes": [ # A list of Recipes to install on the VM instance. |
| 960 | { # A software recipe is a set of instructions for installing and configuring a |
| 961 | # piece of software. It consists of a set of artifacts that are |
| 962 | # downloaded, and a set of steps that install, configure, and/or update the |
| 963 | # software. |
| 964 | # |
| 965 | # Recipes support installing and updating software from artifacts in the |
| 966 | # following formats: |
| 967 | # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package. |
| 968 | # |
| 969 | # Additionally, recipes support executing a script (either defined in a file or |
| 970 | # directly in this api) in bash, sh, cmd, and powershell. |
| 971 | # |
| 972 | # Updating a software recipe |
| 973 | # |
| 974 | # If a recipe is assigned to an instance and there is a recipe with the same |
| 975 | # name but a lower version already installed and the assigned state |
| 976 | # of the recipe is `UPDATED`, then the recipe is updated to |
| 977 | # the new version. |
| 978 | # |
| 979 | # Script Working Directories |
| 980 | # |
| 981 | # Each script or execution step is run in its own temporary directory which |
| 982 | # is deleted after completing the step. |
| 983 | "name": "A String", # Required. Unique identifier for the recipe. Only one recipe with a given name is |
| 984 | # installed on an instance. |
| 985 | # |
| 986 | # Names are also used to identify resources which helps to determine whether |
| 987 | # guest policies have conflicts. This means that requests to create multiple |
| 988 | # recipes with the same name and version are rejected since they |
| 989 | # could potentially have conflicting assignments. |
| 990 | "updateSteps": [ # Actions to be taken for updating this recipe. On failure it stops |
| 991 | # executing steps and does not attempt another update for this recipe. Any |
| 992 | # steps taken (including partially completed steps) are not rolled back. |
| 993 | { # An action that can be taken as part of installing or updating a recipe. |
| 994 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 995 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 996 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 997 | # false and the file already exists the file is not overwritten |
| 998 | # and the step is considered a success. Defaults to false. |
| 999 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 1000 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 1001 | # order, the permissions of the owner, group, and other users for the |
| 1002 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 1003 | # Each digit represents a three bit number with the 4 bit |
| 1004 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 1005 | # write bit, and the one bit corresponds to the execute permission. |
| 1006 | # Default behavior is 755. |
| 1007 | # |
| 1008 | # Below are some examples of permissions and their associated values: |
| 1009 | # read, write, and execute: 7 |
| 1010 | # read and execute: 5 |
| 1011 | # read and write: 6 |
| 1012 | # read only: 4 |
| 1013 | }, |
| 1014 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 1015 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1016 | }, |
| 1017 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 1018 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 1019 | # can return to indicate a success. |
| 1020 | 42, |
| 1021 | ], |
| 1022 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 1023 | "args": [ # Arguments to be passed to the provided executable. |
| 1024 | "A String", |
| 1025 | ], |
| 1026 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 1027 | }, |
| 1028 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 1029 | "type": "A String", # Required. The type of the archive to extract. |
| 1030 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1031 | "destination": "A String", # Directory to extract archive to. |
| 1032 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 1033 | }, |
| 1034 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 1035 | "flags": [ # The flags to use when installing the MSI |
| 1036 | # defaults to ["/i"] (i.e. the install flag). |
| 1037 | "A String", |
| 1038 | ], |
| 1039 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 1040 | # successfully. Behaviour defaults to [0] |
| 1041 | 42, |
| 1042 | ], |
| 1043 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1044 | }, |
| 1045 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 1046 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 1047 | # successfully. Behaviour defaults to [0] |
| 1048 | 42, |
| 1049 | ], |
| 1050 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 1051 | # specified the script is executed directly, which likely |
| 1052 | # only succeed for scripts with |
| 1053 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 1054 | "script": "A String", # Required. The shell script to be executed. |
| 1055 | }, |
| 1056 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 1057 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1058 | }, |
| 1059 | }, |
| 1060 | ], |
| 1061 | "desiredState": "A String", # Default is INSTALLED. The desired state the agent should maintain for this |
| 1062 | # recipe. |
| 1063 | # |
| 1064 | # INSTALLED: The software recipe is installed on the instance but |
| 1065 | # won't be updated to new versions. |
| 1066 | # UPDATED: The software recipe is installed on the instance. The recipe is |
| 1067 | # updated to a higher version, if a higher version of the recipe is |
| 1068 | # assigned to this instance. |
| 1069 | # REMOVE: Remove is unsupported for software recipes and attempts to |
| 1070 | # create or update a recipe to the REMOVE state is rejected. |
| 1071 | "version": "A String", # The version of this software recipe. Version can be up to 4 period |
| 1072 | # separated numbers (e.g. 12.34.56.78). |
| 1073 | "artifacts": [ # Resources available to be used in the steps in the recipe. |
| 1074 | { # Specifies a resource to be used in the recipe. |
| 1075 | "remote": { # Specifies an artifact available via some URI. # A generic remote artifact. |
| 1076 | "checksum": "A String", # Must be provided if `allow_insecure` is `false`. |
| 1077 | # SHA256 checksum in hex format, to compare to the checksum of the |
| 1078 | # artifact. If the checksum is not empty and it doesn't match the |
| 1079 | # artifact then the recipe installation fails before running any of the |
| 1080 | # steps. |
| 1081 | "uri": "A String", # URI from which to fetch the object. It should contain both the protocol |
| 1082 | # and path following the format {protocol}://{location}. |
| 1083 | }, |
| 1084 | "gcs": { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact. |
| 1085 | "generation": "A String", # Must be provided if allow_insecure is false. |
| 1086 | # Generation number of the Google Cloud Storage object. |
| 1087 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 1088 | # this value would be `1234567`. |
| 1089 | "bucket": "A String", # Bucket of the Google Cloud Storage object. |
| 1090 | # Given an example URL: |
| 1091 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 1092 | # this value would be `my-bucket`. |
| 1093 | "object": "A String", # Name of the Google Cloud Storage object. |
| 1094 | # As specified [here] |
| 1095 | # (https://cloud.google.com/storage/docs/naming#objectnames) |
| 1096 | # Given an example URL: |
| 1097 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 1098 | # this value would be `foo/bar`. |
| 1099 | }, |
| 1100 | "id": "A String", # Required. Id of the artifact, which the installation and update steps of this |
| 1101 | # recipe can reference. Artifacts in a recipe cannot have the same id. |
| 1102 | "allowInsecure": True or False, # Defaults to false. When false, recipes are subject to validations |
| 1103 | # based on the artifact type: |
| 1104 | # |
| 1105 | # Remote: A checksum must be specified, and only protocols with |
| 1106 | # transport-layer security are permitted. |
| 1107 | # GCS: An object generation number must be specified. |
| 1108 | }, |
| 1109 | ], |
| 1110 | "installSteps": [ # Actions to be taken for installing this recipe. On failure it stops |
| 1111 | # executing steps and does not attempt another installation. Any steps taken |
| 1112 | # (including partially completed steps) are not rolled back. |
| 1113 | { # An action that can be taken as part of installing or updating a recipe. |
| 1114 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 1115 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1116 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 1117 | # false and the file already exists the file is not overwritten |
| 1118 | # and the step is considered a success. Defaults to false. |
| 1119 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 1120 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 1121 | # order, the permissions of the owner, group, and other users for the |
| 1122 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 1123 | # Each digit represents a three bit number with the 4 bit |
| 1124 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 1125 | # write bit, and the one bit corresponds to the execute permission. |
| 1126 | # Default behavior is 755. |
| 1127 | # |
| 1128 | # Below are some examples of permissions and their associated values: |
| 1129 | # read, write, and execute: 7 |
| 1130 | # read and execute: 5 |
| 1131 | # read and write: 6 |
| 1132 | # read only: 4 |
| 1133 | }, |
| 1134 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 1135 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1136 | }, |
| 1137 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 1138 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 1139 | # can return to indicate a success. |
| 1140 | 42, |
| 1141 | ], |
| 1142 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 1143 | "args": [ # Arguments to be passed to the provided executable. |
| 1144 | "A String", |
| 1145 | ], |
| 1146 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 1147 | }, |
| 1148 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 1149 | "type": "A String", # Required. The type of the archive to extract. |
| 1150 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1151 | "destination": "A String", # Directory to extract archive to. |
| 1152 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 1153 | }, |
| 1154 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 1155 | "flags": [ # The flags to use when installing the MSI |
| 1156 | # defaults to ["/i"] (i.e. the install flag). |
| 1157 | "A String", |
| 1158 | ], |
| 1159 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 1160 | # successfully. Behaviour defaults to [0] |
| 1161 | 42, |
| 1162 | ], |
| 1163 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1164 | }, |
| 1165 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 1166 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 1167 | # successfully. Behaviour defaults to [0] |
| 1168 | 42, |
| 1169 | ], |
| 1170 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 1171 | # specified the script is executed directly, which likely |
| 1172 | # only succeed for scripts with |
| 1173 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 1174 | "script": "A String", # Required. The shell script to be executed. |
| 1175 | }, |
| 1176 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 1177 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1178 | }, |
| 1179 | }, |
| 1180 | ], |
| 1181 | }, |
| 1182 | ], |
| 1183 | "assignment": { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows |
| 1184 | # you to target sets or groups of VM instances by different parameters such |
| 1185 | # as labels, names, OS, or zones. |
| 1186 | # |
| 1187 | # If left empty, all VM instances underneath this policy are targeted. |
| 1188 | # |
| 1189 | # At the same level in the resource hierarchy (that is within a project), the |
| 1190 | # service prevents the creation of multiple policies that conflict with |
| 1191 | # each other. For more information, see how the service [handles assignment |
| 1192 | # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts). |
| 1193 | # applies to. |
| 1194 | # |
| 1195 | # If an assignment is empty, it applies to all VM instances. Otherwise, the |
| 1196 | # targeted VM instances must meet all the criteria specified. So if both |
| 1197 | # labels and zones are specified, the policy applies to VM instances with those |
| 1198 | # labels and in those zones. |
| 1199 | "groupLabels": [ # Targets instances matching at least one of these label sets. This allows |
| 1200 | # an assignment to target disparate groups, for example "env=prod or |
| 1201 | # env=staging". |
| 1202 | { # Represents a group of VM intances that can be identified as having all |
| 1203 | # these labels, for example "env=prod and app=web". |
| 1204 | "labels": { # Google Compute Engine instance labels that must be present for an |
| 1205 | # instance to be included in this assignment group. |
| 1206 | "a_key": "A String", |
| 1207 | }, |
| 1208 | }, |
| 1209 | ], |
| 1210 | "osTypes": [ # Targets VM instances matching at least one of the following OS types. |
| 1211 | # |
| 1212 | # VM instances must match all supplied criteria for a given OsType to be |
| 1213 | # included. |
| 1214 | { # Defines the criteria for selecting VM Instances by OS type. |
| 1215 | "osShortName": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 1216 | # OS short name, for example "debian" or "windows". |
| 1217 | "osArchitecture": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 1218 | # OS architecture. |
| 1219 | "osVersion": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 1220 | # following OS version. |
| 1221 | }, |
| 1222 | ], |
| 1223 | "instances": [ # Targets any of the instances specified. Instances are specified by their |
| 1224 | # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`. |
| 1225 | # |
| 1226 | # Instance targeting is uncommon and is supported to facilitate the |
| 1227 | # management of changes by the instance or to target specific VM instances |
| 1228 | # for development and testing. |
| 1229 | # |
| 1230 | # Only supported for project-level policies and must reference instances |
| 1231 | # within this project. |
| 1232 | "A String", |
| 1233 | ], |
| 1234 | "instanceNamePrefixes": [ # Targets VM instances whose name starts with one of these prefixes. |
| 1235 | # |
| 1236 | # Like labels, this is another way to group VM instances when targeting |
| 1237 | # configs, for example prefix="prod-". |
| 1238 | # |
| 1239 | # Only supported for project-level policies. |
| 1240 | "A String", |
| 1241 | ], |
| 1242 | "zones": [ # Targets instances in any of these zones. Leave empty to target instances |
| 1243 | # in any zone. |
| 1244 | # |
| 1245 | # Zonal targeting is uncommon and is supported to facilitate the management |
| 1246 | # of changes by zone. |
| 1247 | "A String", |
| 1248 | ], |
| 1249 | }, |
| 1250 | "description": "A String", # Description of the guest policy. Length of the description is limited |
| 1251 | # to 1024 characters. |
| 1252 | "packageRepositories": [ # A list of package repositories to configure on the VM instance. This is |
| 1253 | # done before any other configs are applied so they can use these repos. |
| 1254 | # Package repositories are only configured if the corresponding package |
| 1255 | # manager(s) are available. |
| 1256 | { # A package repository. |
| 1257 | "zypper": { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository. |
| 1258 | # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`. |
| 1259 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 1260 | # the `repo id` in the zypper config file and also the `display_name` if |
| 1261 | # `display_name` is omitted. This id is also used as the unique identifier |
| 1262 | # when checking for guest policy conflicts. |
| 1263 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 1264 | "gpgKeys": [ # URIs of GPG keys. |
| 1265 | "A String", |
| 1266 | ], |
| 1267 | "displayName": "A String", # The display name of the repository. |
| 1268 | }, |
| 1269 | "apt": { # Represents a single Apt package repository. This repository is added to # An Apt Repository. |
| 1270 | # a repo file that is stored at |
| 1271 | # `/etc/apt/sources.list.d/google_osconfig.list`. |
| 1272 | "archiveType": "A String", # Type of archive files in this repository. The default behavior is DEB. |
| 1273 | "uri": "A String", # Required. URI for this repository. |
| 1274 | "gpgKey": "A String", # URI of the key file for this repository. The agent maintains |
| 1275 | # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing |
| 1276 | # all the keys in any applied guest policy. |
| 1277 | "distribution": "A String", # Required. Distribution of this repository. |
| 1278 | "components": [ # Required. List of components for this repository. Must contain at least one item. |
| 1279 | "A String", |
| 1280 | ], |
| 1281 | }, |
| 1282 | "yum": { # Represents a single Yum package repository. This repository is added to a # A Yum Repository. |
| 1283 | # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`. |
| 1284 | "displayName": "A String", # The display name of the repository. |
| 1285 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 1286 | # the `repo id` in the Yum config file and also the `display_name` if |
| 1287 | # `display_name` is omitted. This id is also used as the unique identifier |
| 1288 | # when checking for guest policy conflicts. |
| 1289 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 1290 | "gpgKeys": [ # URIs of GPG keys. |
| 1291 | "A String", |
| 1292 | ], |
| 1293 | }, |
| 1294 | "goo": { # Represents a Goo package repository. These is added to a repo file # A Goo Repository. |
| 1295 | # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo. |
| 1296 | "name": "A String", # Required. The name of the repository. |
| 1297 | "url": "A String", # Required. The url of the repository. |
| 1298 | }, |
| 1299 | }, |
| 1300 | ], |
| 1301 | "etag": "A String", # The etag for this guest policy. |
| 1302 | # If this is provided on update, it must match the server's etag. |
| 1303 | "createTime": "A String", # Output only. Time this guest policy was created. |
| 1304 | "packages": [ # The software packages to be managed by this policy. |
| 1305 | { # Package is a reference to the software package to be installed or removed. |
| 1306 | # The agent on the VM instance uses the system package manager to apply the |
| 1307 | # config. |
| 1308 | # |
| 1309 | # |
| 1310 | # These are the commands that the agent uses to install or remove |
| 1311 | # packages. |
| 1312 | # |
| 1313 | # Apt |
| 1314 | # install: `apt-get update && apt-get -y install package1 package2 package3` |
| 1315 | # remove: `apt-get -y remove package1 package2 package3` |
| 1316 | # |
| 1317 | # Yum |
| 1318 | # install: `yum -y install package1 package2 package3` |
| 1319 | # remove: `yum -y remove package1 package2 package3` |
| 1320 | # |
| 1321 | # Zypper |
| 1322 | # install: `zypper install package1 package2 package3` |
| 1323 | # remove: `zypper rm package1 package2` |
| 1324 | # |
| 1325 | # Googet |
| 1326 | # install: `googet -noconfirm install package1 package2 package3` |
| 1327 | # remove: `googet -noconfirm remove package1 package2 package3` |
| 1328 | "name": "A String", # Required. The name of the package. A package is uniquely identified for conflict |
| 1329 | # validation by checking the package name and the manager(s) that the |
| 1330 | # package targets. |
| 1331 | "manager": "A String", # Type of package manager that can be used to install this package. |
| 1332 | # If a system does not have the package manager, the package is not |
| 1333 | # installed or removed no error message is returned. By default, |
| 1334 | # or if you specify `ANY`, |
| 1335 | # the agent attempts to install and remove this package using the default |
| 1336 | # package manager. This is useful when creating a policy that applies to |
| 1337 | # different types of systems. |
| 1338 | # |
| 1339 | # The default behavior is ANY. |
| 1340 | "desiredState": "A String", # The desired_state the agent should maintain for this package. The |
| 1341 | # default is to ensure the package is installed. |
| 1342 | }, |
| 1343 | ], |
| 1344 | "updateTime": "A String", # Output only. Last time this guest policy was updated. |
| 1345 | "name": "A String", # Required. Unique name of the resource in this project using one of the following |
| 1346 | # forms: |
| 1347 | # `projects/{project_number}/guestPolicies/{guest_policy_id}`. |
| 1348 | }</pre> |
| 1349 | </div> |
| 1350 | |
| 1351 | <div class="method"> |
| 1352 | <code class="details" id="list">list(parent, pageToken=None, pageSize=None, x__xgafv=None)</code> |
| 1353 | <pre>Get a page of OS Config guest policies. |
| 1354 | |
| 1355 | Args: |
| 1356 | parent: string, Required. The resource name of the parent using one of the following forms: |
| 1357 | `projects/{project_number}`. (required) |
| 1358 | pageToken: string, A pagination token returned from a previous call to `ListGuestPolicies` |
| 1359 | that indicates where this listing should continue from. |
| 1360 | pageSize: integer, The maximum number of guest policies to return. |
| 1361 | x__xgafv: string, V1 error format. |
| 1362 | Allowed values |
| 1363 | 1 - v1 error format |
| 1364 | 2 - v2 error format |
| 1365 | |
| 1366 | Returns: |
| 1367 | An object of the form: |
| 1368 | |
| 1369 | { # A response message for listing guest policies. |
| 1370 | "nextPageToken": "A String", # A pagination token that can be used to get the next page |
| 1371 | # of guest policies. |
| 1372 | "guestPolicies": [ # The list of GuestPolicies. |
| 1373 | { # An OS Config resource representing a guest configuration policy. These |
| 1374 | # policies represent the desired state for VM instance guest environments |
| 1375 | # including packages to install or remove, package repository configurations, |
| 1376 | # and software to install. |
| 1377 | "recipes": [ # A list of Recipes to install on the VM instance. |
| 1378 | { # A software recipe is a set of instructions for installing and configuring a |
| 1379 | # piece of software. It consists of a set of artifacts that are |
| 1380 | # downloaded, and a set of steps that install, configure, and/or update the |
| 1381 | # software. |
| 1382 | # |
| 1383 | # Recipes support installing and updating software from artifacts in the |
| 1384 | # following formats: |
| 1385 | # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package. |
| 1386 | # |
| 1387 | # Additionally, recipes support executing a script (either defined in a file or |
| 1388 | # directly in this api) in bash, sh, cmd, and powershell. |
| 1389 | # |
| 1390 | # Updating a software recipe |
| 1391 | # |
| 1392 | # If a recipe is assigned to an instance and there is a recipe with the same |
| 1393 | # name but a lower version already installed and the assigned state |
| 1394 | # of the recipe is `UPDATED`, then the recipe is updated to |
| 1395 | # the new version. |
| 1396 | # |
| 1397 | # Script Working Directories |
| 1398 | # |
| 1399 | # Each script or execution step is run in its own temporary directory which |
| 1400 | # is deleted after completing the step. |
| 1401 | "name": "A String", # Required. Unique identifier for the recipe. Only one recipe with a given name is |
| 1402 | # installed on an instance. |
| 1403 | # |
| 1404 | # Names are also used to identify resources which helps to determine whether |
| 1405 | # guest policies have conflicts. This means that requests to create multiple |
| 1406 | # recipes with the same name and version are rejected since they |
| 1407 | # could potentially have conflicting assignments. |
| 1408 | "updateSteps": [ # Actions to be taken for updating this recipe. On failure it stops |
| 1409 | # executing steps and does not attempt another update for this recipe. Any |
| 1410 | # steps taken (including partially completed steps) are not rolled back. |
| 1411 | { # An action that can be taken as part of installing or updating a recipe. |
| 1412 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 1413 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1414 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 1415 | # false and the file already exists the file is not overwritten |
| 1416 | # and the step is considered a success. Defaults to false. |
| 1417 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 1418 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 1419 | # order, the permissions of the owner, group, and other users for the |
| 1420 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 1421 | # Each digit represents a three bit number with the 4 bit |
| 1422 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 1423 | # write bit, and the one bit corresponds to the execute permission. |
| 1424 | # Default behavior is 755. |
| 1425 | # |
| 1426 | # Below are some examples of permissions and their associated values: |
| 1427 | # read, write, and execute: 7 |
| 1428 | # read and execute: 5 |
| 1429 | # read and write: 6 |
| 1430 | # read only: 4 |
| 1431 | }, |
| 1432 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 1433 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1434 | }, |
| 1435 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 1436 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 1437 | # can return to indicate a success. |
| 1438 | 42, |
| 1439 | ], |
| 1440 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 1441 | "args": [ # Arguments to be passed to the provided executable. |
| 1442 | "A String", |
| 1443 | ], |
| 1444 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 1445 | }, |
| 1446 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 1447 | "type": "A String", # Required. The type of the archive to extract. |
| 1448 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1449 | "destination": "A String", # Directory to extract archive to. |
| 1450 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 1451 | }, |
| 1452 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 1453 | "flags": [ # The flags to use when installing the MSI |
| 1454 | # defaults to ["/i"] (i.e. the install flag). |
| 1455 | "A String", |
| 1456 | ], |
| 1457 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 1458 | # successfully. Behaviour defaults to [0] |
| 1459 | 42, |
| 1460 | ], |
| 1461 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1462 | }, |
| 1463 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 1464 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 1465 | # successfully. Behaviour defaults to [0] |
| 1466 | 42, |
| 1467 | ], |
| 1468 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 1469 | # specified the script is executed directly, which likely |
| 1470 | # only succeed for scripts with |
| 1471 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 1472 | "script": "A String", # Required. The shell script to be executed. |
| 1473 | }, |
| 1474 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 1475 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1476 | }, |
| 1477 | }, |
| 1478 | ], |
| 1479 | "desiredState": "A String", # Default is INSTALLED. The desired state the agent should maintain for this |
| 1480 | # recipe. |
| 1481 | # |
| 1482 | # INSTALLED: The software recipe is installed on the instance but |
| 1483 | # won't be updated to new versions. |
| 1484 | # UPDATED: The software recipe is installed on the instance. The recipe is |
| 1485 | # updated to a higher version, if a higher version of the recipe is |
| 1486 | # assigned to this instance. |
| 1487 | # REMOVE: Remove is unsupported for software recipes and attempts to |
| 1488 | # create or update a recipe to the REMOVE state is rejected. |
| 1489 | "version": "A String", # The version of this software recipe. Version can be up to 4 period |
| 1490 | # separated numbers (e.g. 12.34.56.78). |
| 1491 | "artifacts": [ # Resources available to be used in the steps in the recipe. |
| 1492 | { # Specifies a resource to be used in the recipe. |
| 1493 | "remote": { # Specifies an artifact available via some URI. # A generic remote artifact. |
| 1494 | "checksum": "A String", # Must be provided if `allow_insecure` is `false`. |
| 1495 | # SHA256 checksum in hex format, to compare to the checksum of the |
| 1496 | # artifact. If the checksum is not empty and it doesn't match the |
| 1497 | # artifact then the recipe installation fails before running any of the |
| 1498 | # steps. |
| 1499 | "uri": "A String", # URI from which to fetch the object. It should contain both the protocol |
| 1500 | # and path following the format {protocol}://{location}. |
| 1501 | }, |
| 1502 | "gcs": { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact. |
| 1503 | "generation": "A String", # Must be provided if allow_insecure is false. |
| 1504 | # Generation number of the Google Cloud Storage object. |
| 1505 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 1506 | # this value would be `1234567`. |
| 1507 | "bucket": "A String", # Bucket of the Google Cloud Storage object. |
| 1508 | # Given an example URL: |
| 1509 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 1510 | # this value would be `my-bucket`. |
| 1511 | "object": "A String", # Name of the Google Cloud Storage object. |
| 1512 | # As specified [here] |
| 1513 | # (https://cloud.google.com/storage/docs/naming#objectnames) |
| 1514 | # Given an example URL: |
| 1515 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 1516 | # this value would be `foo/bar`. |
| 1517 | }, |
| 1518 | "id": "A String", # Required. Id of the artifact, which the installation and update steps of this |
| 1519 | # recipe can reference. Artifacts in a recipe cannot have the same id. |
| 1520 | "allowInsecure": True or False, # Defaults to false. When false, recipes are subject to validations |
| 1521 | # based on the artifact type: |
| 1522 | # |
| 1523 | # Remote: A checksum must be specified, and only protocols with |
| 1524 | # transport-layer security are permitted. |
| 1525 | # GCS: An object generation number must be specified. |
| 1526 | }, |
| 1527 | ], |
| 1528 | "installSteps": [ # Actions to be taken for installing this recipe. On failure it stops |
| 1529 | # executing steps and does not attempt another installation. Any steps taken |
| 1530 | # (including partially completed steps) are not rolled back. |
| 1531 | { # An action that can be taken as part of installing or updating a recipe. |
| 1532 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 1533 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1534 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 1535 | # false and the file already exists the file is not overwritten |
| 1536 | # and the step is considered a success. Defaults to false. |
| 1537 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 1538 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 1539 | # order, the permissions of the owner, group, and other users for the |
| 1540 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 1541 | # Each digit represents a three bit number with the 4 bit |
| 1542 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 1543 | # write bit, and the one bit corresponds to the execute permission. |
| 1544 | # Default behavior is 755. |
| 1545 | # |
| 1546 | # Below are some examples of permissions and their associated values: |
| 1547 | # read, write, and execute: 7 |
| 1548 | # read and execute: 5 |
| 1549 | # read and write: 6 |
| 1550 | # read only: 4 |
| 1551 | }, |
| 1552 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 1553 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1554 | }, |
| 1555 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 1556 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 1557 | # can return to indicate a success. |
| 1558 | 42, |
| 1559 | ], |
| 1560 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 1561 | "args": [ # Arguments to be passed to the provided executable. |
| 1562 | "A String", |
| 1563 | ], |
| 1564 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 1565 | }, |
| 1566 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 1567 | "type": "A String", # Required. The type of the archive to extract. |
| 1568 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1569 | "destination": "A String", # Directory to extract archive to. |
| 1570 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 1571 | }, |
| 1572 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 1573 | "flags": [ # The flags to use when installing the MSI |
| 1574 | # defaults to ["/i"] (i.e. the install flag). |
| 1575 | "A String", |
| 1576 | ], |
| 1577 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 1578 | # successfully. Behaviour defaults to [0] |
| 1579 | 42, |
| 1580 | ], |
| 1581 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1582 | }, |
| 1583 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 1584 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 1585 | # successfully. Behaviour defaults to [0] |
| 1586 | 42, |
| 1587 | ], |
| 1588 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 1589 | # specified the script is executed directly, which likely |
| 1590 | # only succeed for scripts with |
| 1591 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 1592 | "script": "A String", # Required. The shell script to be executed. |
| 1593 | }, |
| 1594 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 1595 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1596 | }, |
| 1597 | }, |
| 1598 | ], |
| 1599 | }, |
| 1600 | ], |
| 1601 | "assignment": { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows |
| 1602 | # you to target sets or groups of VM instances by different parameters such |
| 1603 | # as labels, names, OS, or zones. |
| 1604 | # |
| 1605 | # If left empty, all VM instances underneath this policy are targeted. |
| 1606 | # |
| 1607 | # At the same level in the resource hierarchy (that is within a project), the |
| 1608 | # service prevents the creation of multiple policies that conflict with |
| 1609 | # each other. For more information, see how the service [handles assignment |
| 1610 | # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts). |
| 1611 | # applies to. |
| 1612 | # |
| 1613 | # If an assignment is empty, it applies to all VM instances. Otherwise, the |
| 1614 | # targeted VM instances must meet all the criteria specified. So if both |
| 1615 | # labels and zones are specified, the policy applies to VM instances with those |
| 1616 | # labels and in those zones. |
| 1617 | "groupLabels": [ # Targets instances matching at least one of these label sets. This allows |
| 1618 | # an assignment to target disparate groups, for example "env=prod or |
| 1619 | # env=staging". |
| 1620 | { # Represents a group of VM intances that can be identified as having all |
| 1621 | # these labels, for example "env=prod and app=web". |
| 1622 | "labels": { # Google Compute Engine instance labels that must be present for an |
| 1623 | # instance to be included in this assignment group. |
| 1624 | "a_key": "A String", |
| 1625 | }, |
| 1626 | }, |
| 1627 | ], |
| 1628 | "osTypes": [ # Targets VM instances matching at least one of the following OS types. |
| 1629 | # |
| 1630 | # VM instances must match all supplied criteria for a given OsType to be |
| 1631 | # included. |
| 1632 | { # Defines the criteria for selecting VM Instances by OS type. |
| 1633 | "osShortName": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 1634 | # OS short name, for example "debian" or "windows". |
| 1635 | "osArchitecture": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 1636 | # OS architecture. |
| 1637 | "osVersion": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 1638 | # following OS version. |
| 1639 | }, |
| 1640 | ], |
| 1641 | "instances": [ # Targets any of the instances specified. Instances are specified by their |
| 1642 | # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`. |
| 1643 | # |
| 1644 | # Instance targeting is uncommon and is supported to facilitate the |
| 1645 | # management of changes by the instance or to target specific VM instances |
| 1646 | # for development and testing. |
| 1647 | # |
| 1648 | # Only supported for project-level policies and must reference instances |
| 1649 | # within this project. |
| 1650 | "A String", |
| 1651 | ], |
| 1652 | "instanceNamePrefixes": [ # Targets VM instances whose name starts with one of these prefixes. |
| 1653 | # |
| 1654 | # Like labels, this is another way to group VM instances when targeting |
| 1655 | # configs, for example prefix="prod-". |
| 1656 | # |
| 1657 | # Only supported for project-level policies. |
| 1658 | "A String", |
| 1659 | ], |
| 1660 | "zones": [ # Targets instances in any of these zones. Leave empty to target instances |
| 1661 | # in any zone. |
| 1662 | # |
| 1663 | # Zonal targeting is uncommon and is supported to facilitate the management |
| 1664 | # of changes by zone. |
| 1665 | "A String", |
| 1666 | ], |
| 1667 | }, |
| 1668 | "description": "A String", # Description of the guest policy. Length of the description is limited |
| 1669 | # to 1024 characters. |
| 1670 | "packageRepositories": [ # A list of package repositories to configure on the VM instance. This is |
| 1671 | # done before any other configs are applied so they can use these repos. |
| 1672 | # Package repositories are only configured if the corresponding package |
| 1673 | # manager(s) are available. |
| 1674 | { # A package repository. |
| 1675 | "zypper": { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository. |
| 1676 | # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`. |
| 1677 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 1678 | # the `repo id` in the zypper config file and also the `display_name` if |
| 1679 | # `display_name` is omitted. This id is also used as the unique identifier |
| 1680 | # when checking for guest policy conflicts. |
| 1681 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 1682 | "gpgKeys": [ # URIs of GPG keys. |
| 1683 | "A String", |
| 1684 | ], |
| 1685 | "displayName": "A String", # The display name of the repository. |
| 1686 | }, |
| 1687 | "apt": { # Represents a single Apt package repository. This repository is added to # An Apt Repository. |
| 1688 | # a repo file that is stored at |
| 1689 | # `/etc/apt/sources.list.d/google_osconfig.list`. |
| 1690 | "archiveType": "A String", # Type of archive files in this repository. The default behavior is DEB. |
| 1691 | "uri": "A String", # Required. URI for this repository. |
| 1692 | "gpgKey": "A String", # URI of the key file for this repository. The agent maintains |
| 1693 | # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing |
| 1694 | # all the keys in any applied guest policy. |
| 1695 | "distribution": "A String", # Required. Distribution of this repository. |
| 1696 | "components": [ # Required. List of components for this repository. Must contain at least one item. |
| 1697 | "A String", |
| 1698 | ], |
| 1699 | }, |
| 1700 | "yum": { # Represents a single Yum package repository. This repository is added to a # A Yum Repository. |
| 1701 | # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`. |
| 1702 | "displayName": "A String", # The display name of the repository. |
| 1703 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 1704 | # the `repo id` in the Yum config file and also the `display_name` if |
| 1705 | # `display_name` is omitted. This id is also used as the unique identifier |
| 1706 | # when checking for guest policy conflicts. |
| 1707 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 1708 | "gpgKeys": [ # URIs of GPG keys. |
| 1709 | "A String", |
| 1710 | ], |
| 1711 | }, |
| 1712 | "goo": { # Represents a Goo package repository. These is added to a repo file # A Goo Repository. |
| 1713 | # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo. |
| 1714 | "name": "A String", # Required. The name of the repository. |
| 1715 | "url": "A String", # Required. The url of the repository. |
| 1716 | }, |
| 1717 | }, |
| 1718 | ], |
| 1719 | "etag": "A String", # The etag for this guest policy. |
| 1720 | # If this is provided on update, it must match the server's etag. |
| 1721 | "createTime": "A String", # Output only. Time this guest policy was created. |
| 1722 | "packages": [ # The software packages to be managed by this policy. |
| 1723 | { # Package is a reference to the software package to be installed or removed. |
| 1724 | # The agent on the VM instance uses the system package manager to apply the |
| 1725 | # config. |
| 1726 | # |
| 1727 | # |
| 1728 | # These are the commands that the agent uses to install or remove |
| 1729 | # packages. |
| 1730 | # |
| 1731 | # Apt |
| 1732 | # install: `apt-get update && apt-get -y install package1 package2 package3` |
| 1733 | # remove: `apt-get -y remove package1 package2 package3` |
| 1734 | # |
| 1735 | # Yum |
| 1736 | # install: `yum -y install package1 package2 package3` |
| 1737 | # remove: `yum -y remove package1 package2 package3` |
| 1738 | # |
| 1739 | # Zypper |
| 1740 | # install: `zypper install package1 package2 package3` |
| 1741 | # remove: `zypper rm package1 package2` |
| 1742 | # |
| 1743 | # Googet |
| 1744 | # install: `googet -noconfirm install package1 package2 package3` |
| 1745 | # remove: `googet -noconfirm remove package1 package2 package3` |
| 1746 | "name": "A String", # Required. The name of the package. A package is uniquely identified for conflict |
| 1747 | # validation by checking the package name and the manager(s) that the |
| 1748 | # package targets. |
| 1749 | "manager": "A String", # Type of package manager that can be used to install this package. |
| 1750 | # If a system does not have the package manager, the package is not |
| 1751 | # installed or removed no error message is returned. By default, |
| 1752 | # or if you specify `ANY`, |
| 1753 | # the agent attempts to install and remove this package using the default |
| 1754 | # package manager. This is useful when creating a policy that applies to |
| 1755 | # different types of systems. |
| 1756 | # |
| 1757 | # The default behavior is ANY. |
| 1758 | "desiredState": "A String", # The desired_state the agent should maintain for this package. The |
| 1759 | # default is to ensure the package is installed. |
| 1760 | }, |
| 1761 | ], |
| 1762 | "updateTime": "A String", # Output only. Last time this guest policy was updated. |
| 1763 | "name": "A String", # Required. Unique name of the resource in this project using one of the following |
| 1764 | # forms: |
| 1765 | # `projects/{project_number}/guestPolicies/{guest_policy_id}`. |
| 1766 | }, |
| 1767 | ], |
| 1768 | }</pre> |
| 1769 | </div> |
| 1770 | |
| 1771 | <div class="method"> |
| 1772 | <code class="details" id="list_next">list_next(previous_request, previous_response)</code> |
| 1773 | <pre>Retrieves the next page of results. |
| 1774 | |
| 1775 | Args: |
| 1776 | previous_request: The request for the previous page. (required) |
| 1777 | previous_response: The response from the request for the previous page. (required) |
| 1778 | |
| 1779 | Returns: |
| 1780 | A request object that you can call 'execute()' on to request the next |
| 1781 | page. Returns None if there are no more items in the collection. |
| 1782 | </pre> |
| 1783 | </div> |
| 1784 | |
| 1785 | <div class="method"> |
| 1786 | <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code> |
| 1787 | <pre>Update an OS Config guest policy. |
| 1788 | |
| 1789 | Args: |
| 1790 | name: string, Required. Unique name of the resource in this project using one of the following |
| 1791 | forms: |
| 1792 | `projects/{project_number}/guestPolicies/{guest_policy_id}`. (required) |
| 1793 | body: object, The request body. |
| 1794 | The object takes the form of: |
| 1795 | |
| 1796 | { # An OS Config resource representing a guest configuration policy. These |
| 1797 | # policies represent the desired state for VM instance guest environments |
| 1798 | # including packages to install or remove, package repository configurations, |
| 1799 | # and software to install. |
| 1800 | "recipes": [ # A list of Recipes to install on the VM instance. |
| 1801 | { # A software recipe is a set of instructions for installing and configuring a |
| 1802 | # piece of software. It consists of a set of artifacts that are |
| 1803 | # downloaded, and a set of steps that install, configure, and/or update the |
| 1804 | # software. |
| 1805 | # |
| 1806 | # Recipes support installing and updating software from artifacts in the |
| 1807 | # following formats: |
| 1808 | # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package. |
| 1809 | # |
| 1810 | # Additionally, recipes support executing a script (either defined in a file or |
| 1811 | # directly in this api) in bash, sh, cmd, and powershell. |
| 1812 | # |
| 1813 | # Updating a software recipe |
| 1814 | # |
| 1815 | # If a recipe is assigned to an instance and there is a recipe with the same |
| 1816 | # name but a lower version already installed and the assigned state |
| 1817 | # of the recipe is `UPDATED`, then the recipe is updated to |
| 1818 | # the new version. |
| 1819 | # |
| 1820 | # Script Working Directories |
| 1821 | # |
| 1822 | # Each script or execution step is run in its own temporary directory which |
| 1823 | # is deleted after completing the step. |
| 1824 | "name": "A String", # Required. Unique identifier for the recipe. Only one recipe with a given name is |
| 1825 | # installed on an instance. |
| 1826 | # |
| 1827 | # Names are also used to identify resources which helps to determine whether |
| 1828 | # guest policies have conflicts. This means that requests to create multiple |
| 1829 | # recipes with the same name and version are rejected since they |
| 1830 | # could potentially have conflicting assignments. |
| 1831 | "updateSteps": [ # Actions to be taken for updating this recipe. On failure it stops |
| 1832 | # executing steps and does not attempt another update for this recipe. Any |
| 1833 | # steps taken (including partially completed steps) are not rolled back. |
| 1834 | { # An action that can be taken as part of installing or updating a recipe. |
| 1835 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 1836 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1837 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 1838 | # false and the file already exists the file is not overwritten |
| 1839 | # and the step is considered a success. Defaults to false. |
| 1840 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 1841 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 1842 | # order, the permissions of the owner, group, and other users for the |
| 1843 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 1844 | # Each digit represents a three bit number with the 4 bit |
| 1845 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 1846 | # write bit, and the one bit corresponds to the execute permission. |
| 1847 | # Default behavior is 755. |
| 1848 | # |
| 1849 | # Below are some examples of permissions and their associated values: |
| 1850 | # read, write, and execute: 7 |
| 1851 | # read and execute: 5 |
| 1852 | # read and write: 6 |
| 1853 | # read only: 4 |
| 1854 | }, |
| 1855 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 1856 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1857 | }, |
| 1858 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 1859 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 1860 | # can return to indicate a success. |
| 1861 | 42, |
| 1862 | ], |
| 1863 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 1864 | "args": [ # Arguments to be passed to the provided executable. |
| 1865 | "A String", |
| 1866 | ], |
| 1867 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 1868 | }, |
| 1869 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 1870 | "type": "A String", # Required. The type of the archive to extract. |
| 1871 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1872 | "destination": "A String", # Directory to extract archive to. |
| 1873 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 1874 | }, |
| 1875 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 1876 | "flags": [ # The flags to use when installing the MSI |
| 1877 | # defaults to ["/i"] (i.e. the install flag). |
| 1878 | "A String", |
| 1879 | ], |
| 1880 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 1881 | # successfully. Behaviour defaults to [0] |
| 1882 | 42, |
| 1883 | ], |
| 1884 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1885 | }, |
| 1886 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 1887 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 1888 | # successfully. Behaviour defaults to [0] |
| 1889 | 42, |
| 1890 | ], |
| 1891 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 1892 | # specified the script is executed directly, which likely |
| 1893 | # only succeed for scripts with |
| 1894 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 1895 | "script": "A String", # Required. The shell script to be executed. |
| 1896 | }, |
| 1897 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 1898 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1899 | }, |
| 1900 | }, |
| 1901 | ], |
| 1902 | "desiredState": "A String", # Default is INSTALLED. The desired state the agent should maintain for this |
| 1903 | # recipe. |
| 1904 | # |
| 1905 | # INSTALLED: The software recipe is installed on the instance but |
| 1906 | # won't be updated to new versions. |
| 1907 | # UPDATED: The software recipe is installed on the instance. The recipe is |
| 1908 | # updated to a higher version, if a higher version of the recipe is |
| 1909 | # assigned to this instance. |
| 1910 | # REMOVE: Remove is unsupported for software recipes and attempts to |
| 1911 | # create or update a recipe to the REMOVE state is rejected. |
| 1912 | "version": "A String", # The version of this software recipe. Version can be up to 4 period |
| 1913 | # separated numbers (e.g. 12.34.56.78). |
| 1914 | "artifacts": [ # Resources available to be used in the steps in the recipe. |
| 1915 | { # Specifies a resource to be used in the recipe. |
| 1916 | "remote": { # Specifies an artifact available via some URI. # A generic remote artifact. |
| 1917 | "checksum": "A String", # Must be provided if `allow_insecure` is `false`. |
| 1918 | # SHA256 checksum in hex format, to compare to the checksum of the |
| 1919 | # artifact. If the checksum is not empty and it doesn't match the |
| 1920 | # artifact then the recipe installation fails before running any of the |
| 1921 | # steps. |
| 1922 | "uri": "A String", # URI from which to fetch the object. It should contain both the protocol |
| 1923 | # and path following the format {protocol}://{location}. |
| 1924 | }, |
| 1925 | "gcs": { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact. |
| 1926 | "generation": "A String", # Must be provided if allow_insecure is false. |
| 1927 | # Generation number of the Google Cloud Storage object. |
| 1928 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 1929 | # this value would be `1234567`. |
| 1930 | "bucket": "A String", # Bucket of the Google Cloud Storage object. |
| 1931 | # Given an example URL: |
| 1932 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 1933 | # this value would be `my-bucket`. |
| 1934 | "object": "A String", # Name of the Google Cloud Storage object. |
| 1935 | # As specified [here] |
| 1936 | # (https://cloud.google.com/storage/docs/naming#objectnames) |
| 1937 | # Given an example URL: |
| 1938 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 1939 | # this value would be `foo/bar`. |
| 1940 | }, |
| 1941 | "id": "A String", # Required. Id of the artifact, which the installation and update steps of this |
| 1942 | # recipe can reference. Artifacts in a recipe cannot have the same id. |
| 1943 | "allowInsecure": True or False, # Defaults to false. When false, recipes are subject to validations |
| 1944 | # based on the artifact type: |
| 1945 | # |
| 1946 | # Remote: A checksum must be specified, and only protocols with |
| 1947 | # transport-layer security are permitted. |
| 1948 | # GCS: An object generation number must be specified. |
| 1949 | }, |
| 1950 | ], |
| 1951 | "installSteps": [ # Actions to be taken for installing this recipe. On failure it stops |
| 1952 | # executing steps and does not attempt another installation. Any steps taken |
| 1953 | # (including partially completed steps) are not rolled back. |
| 1954 | { # An action that can be taken as part of installing or updating a recipe. |
| 1955 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 1956 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1957 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 1958 | # false and the file already exists the file is not overwritten |
| 1959 | # and the step is considered a success. Defaults to false. |
| 1960 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 1961 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 1962 | # order, the permissions of the owner, group, and other users for the |
| 1963 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 1964 | # Each digit represents a three bit number with the 4 bit |
| 1965 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 1966 | # write bit, and the one bit corresponds to the execute permission. |
| 1967 | # Default behavior is 755. |
| 1968 | # |
| 1969 | # Below are some examples of permissions and their associated values: |
| 1970 | # read, write, and execute: 7 |
| 1971 | # read and execute: 5 |
| 1972 | # read and write: 6 |
| 1973 | # read only: 4 |
| 1974 | }, |
| 1975 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 1976 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1977 | }, |
| 1978 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 1979 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 1980 | # can return to indicate a success. |
| 1981 | 42, |
| 1982 | ], |
| 1983 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 1984 | "args": [ # Arguments to be passed to the provided executable. |
| 1985 | "A String", |
| 1986 | ], |
| 1987 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 1988 | }, |
| 1989 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 1990 | "type": "A String", # Required. The type of the archive to extract. |
| 1991 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 1992 | "destination": "A String", # Directory to extract archive to. |
| 1993 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 1994 | }, |
| 1995 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 1996 | "flags": [ # The flags to use when installing the MSI |
| 1997 | # defaults to ["/i"] (i.e. the install flag). |
| 1998 | "A String", |
| 1999 | ], |
| 2000 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 2001 | # successfully. Behaviour defaults to [0] |
| 2002 | 42, |
| 2003 | ], |
| 2004 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2005 | }, |
| 2006 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 2007 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 2008 | # successfully. Behaviour defaults to [0] |
| 2009 | 42, |
| 2010 | ], |
| 2011 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 2012 | # specified the script is executed directly, which likely |
| 2013 | # only succeed for scripts with |
| 2014 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 2015 | "script": "A String", # Required. The shell script to be executed. |
| 2016 | }, |
| 2017 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 2018 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2019 | }, |
| 2020 | }, |
| 2021 | ], |
| 2022 | }, |
| 2023 | ], |
| 2024 | "assignment": { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows |
| 2025 | # you to target sets or groups of VM instances by different parameters such |
| 2026 | # as labels, names, OS, or zones. |
| 2027 | # |
| 2028 | # If left empty, all VM instances underneath this policy are targeted. |
| 2029 | # |
| 2030 | # At the same level in the resource hierarchy (that is within a project), the |
| 2031 | # service prevents the creation of multiple policies that conflict with |
| 2032 | # each other. For more information, see how the service [handles assignment |
| 2033 | # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts). |
| 2034 | # applies to. |
| 2035 | # |
| 2036 | # If an assignment is empty, it applies to all VM instances. Otherwise, the |
| 2037 | # targeted VM instances must meet all the criteria specified. So if both |
| 2038 | # labels and zones are specified, the policy applies to VM instances with those |
| 2039 | # labels and in those zones. |
| 2040 | "groupLabels": [ # Targets instances matching at least one of these label sets. This allows |
| 2041 | # an assignment to target disparate groups, for example "env=prod or |
| 2042 | # env=staging". |
| 2043 | { # Represents a group of VM intances that can be identified as having all |
| 2044 | # these labels, for example "env=prod and app=web". |
| 2045 | "labels": { # Google Compute Engine instance labels that must be present for an |
| 2046 | # instance to be included in this assignment group. |
| 2047 | "a_key": "A String", |
| 2048 | }, |
| 2049 | }, |
| 2050 | ], |
| 2051 | "osTypes": [ # Targets VM instances matching at least one of the following OS types. |
| 2052 | # |
| 2053 | # VM instances must match all supplied criteria for a given OsType to be |
| 2054 | # included. |
| 2055 | { # Defines the criteria for selecting VM Instances by OS type. |
| 2056 | "osShortName": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 2057 | # OS short name, for example "debian" or "windows". |
| 2058 | "osArchitecture": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 2059 | # OS architecture. |
| 2060 | "osVersion": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 2061 | # following OS version. |
| 2062 | }, |
| 2063 | ], |
| 2064 | "instances": [ # Targets any of the instances specified. Instances are specified by their |
| 2065 | # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`. |
| 2066 | # |
| 2067 | # Instance targeting is uncommon and is supported to facilitate the |
| 2068 | # management of changes by the instance or to target specific VM instances |
| 2069 | # for development and testing. |
| 2070 | # |
| 2071 | # Only supported for project-level policies and must reference instances |
| 2072 | # within this project. |
| 2073 | "A String", |
| 2074 | ], |
| 2075 | "instanceNamePrefixes": [ # Targets VM instances whose name starts with one of these prefixes. |
| 2076 | # |
| 2077 | # Like labels, this is another way to group VM instances when targeting |
| 2078 | # configs, for example prefix="prod-". |
| 2079 | # |
| 2080 | # Only supported for project-level policies. |
| 2081 | "A String", |
| 2082 | ], |
| 2083 | "zones": [ # Targets instances in any of these zones. Leave empty to target instances |
| 2084 | # in any zone. |
| 2085 | # |
| 2086 | # Zonal targeting is uncommon and is supported to facilitate the management |
| 2087 | # of changes by zone. |
| 2088 | "A String", |
| 2089 | ], |
| 2090 | }, |
| 2091 | "description": "A String", # Description of the guest policy. Length of the description is limited |
| 2092 | # to 1024 characters. |
| 2093 | "packageRepositories": [ # A list of package repositories to configure on the VM instance. This is |
| 2094 | # done before any other configs are applied so they can use these repos. |
| 2095 | # Package repositories are only configured if the corresponding package |
| 2096 | # manager(s) are available. |
| 2097 | { # A package repository. |
| 2098 | "zypper": { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository. |
| 2099 | # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`. |
| 2100 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 2101 | # the `repo id` in the zypper config file and also the `display_name` if |
| 2102 | # `display_name` is omitted. This id is also used as the unique identifier |
| 2103 | # when checking for guest policy conflicts. |
| 2104 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 2105 | "gpgKeys": [ # URIs of GPG keys. |
| 2106 | "A String", |
| 2107 | ], |
| 2108 | "displayName": "A String", # The display name of the repository. |
| 2109 | }, |
| 2110 | "apt": { # Represents a single Apt package repository. This repository is added to # An Apt Repository. |
| 2111 | # a repo file that is stored at |
| 2112 | # `/etc/apt/sources.list.d/google_osconfig.list`. |
| 2113 | "archiveType": "A String", # Type of archive files in this repository. The default behavior is DEB. |
| 2114 | "uri": "A String", # Required. URI for this repository. |
| 2115 | "gpgKey": "A String", # URI of the key file for this repository. The agent maintains |
| 2116 | # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing |
| 2117 | # all the keys in any applied guest policy. |
| 2118 | "distribution": "A String", # Required. Distribution of this repository. |
| 2119 | "components": [ # Required. List of components for this repository. Must contain at least one item. |
| 2120 | "A String", |
| 2121 | ], |
| 2122 | }, |
| 2123 | "yum": { # Represents a single Yum package repository. This repository is added to a # A Yum Repository. |
| 2124 | # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`. |
| 2125 | "displayName": "A String", # The display name of the repository. |
| 2126 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 2127 | # the `repo id` in the Yum config file and also the `display_name` if |
| 2128 | # `display_name` is omitted. This id is also used as the unique identifier |
| 2129 | # when checking for guest policy conflicts. |
| 2130 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 2131 | "gpgKeys": [ # URIs of GPG keys. |
| 2132 | "A String", |
| 2133 | ], |
| 2134 | }, |
| 2135 | "goo": { # Represents a Goo package repository. These is added to a repo file # A Goo Repository. |
| 2136 | # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo. |
| 2137 | "name": "A String", # Required. The name of the repository. |
| 2138 | "url": "A String", # Required. The url of the repository. |
| 2139 | }, |
| 2140 | }, |
| 2141 | ], |
| 2142 | "etag": "A String", # The etag for this guest policy. |
| 2143 | # If this is provided on update, it must match the server's etag. |
| 2144 | "createTime": "A String", # Output only. Time this guest policy was created. |
| 2145 | "packages": [ # The software packages to be managed by this policy. |
| 2146 | { # Package is a reference to the software package to be installed or removed. |
| 2147 | # The agent on the VM instance uses the system package manager to apply the |
| 2148 | # config. |
| 2149 | # |
| 2150 | # |
| 2151 | # These are the commands that the agent uses to install or remove |
| 2152 | # packages. |
| 2153 | # |
| 2154 | # Apt |
| 2155 | # install: `apt-get update && apt-get -y install package1 package2 package3` |
| 2156 | # remove: `apt-get -y remove package1 package2 package3` |
| 2157 | # |
| 2158 | # Yum |
| 2159 | # install: `yum -y install package1 package2 package3` |
| 2160 | # remove: `yum -y remove package1 package2 package3` |
| 2161 | # |
| 2162 | # Zypper |
| 2163 | # install: `zypper install package1 package2 package3` |
| 2164 | # remove: `zypper rm package1 package2` |
| 2165 | # |
| 2166 | # Googet |
| 2167 | # install: `googet -noconfirm install package1 package2 package3` |
| 2168 | # remove: `googet -noconfirm remove package1 package2 package3` |
| 2169 | "name": "A String", # Required. The name of the package. A package is uniquely identified for conflict |
| 2170 | # validation by checking the package name and the manager(s) that the |
| 2171 | # package targets. |
| 2172 | "manager": "A String", # Type of package manager that can be used to install this package. |
| 2173 | # If a system does not have the package manager, the package is not |
| 2174 | # installed or removed no error message is returned. By default, |
| 2175 | # or if you specify `ANY`, |
| 2176 | # the agent attempts to install and remove this package using the default |
| 2177 | # package manager. This is useful when creating a policy that applies to |
| 2178 | # different types of systems. |
| 2179 | # |
| 2180 | # The default behavior is ANY. |
| 2181 | "desiredState": "A String", # The desired_state the agent should maintain for this package. The |
| 2182 | # default is to ensure the package is installed. |
| 2183 | }, |
| 2184 | ], |
| 2185 | "updateTime": "A String", # Output only. Last time this guest policy was updated. |
| 2186 | "name": "A String", # Required. Unique name of the resource in this project using one of the following |
| 2187 | # forms: |
| 2188 | # `projects/{project_number}/guestPolicies/{guest_policy_id}`. |
| 2189 | } |
| 2190 | |
| 2191 | updateMask: string, Field mask that controls which fields of the guest policy should be |
| 2192 | updated. |
| 2193 | x__xgafv: string, V1 error format. |
| 2194 | Allowed values |
| 2195 | 1 - v1 error format |
| 2196 | 2 - v2 error format |
| 2197 | |
| 2198 | Returns: |
| 2199 | An object of the form: |
| 2200 | |
| 2201 | { # An OS Config resource representing a guest configuration policy. These |
| 2202 | # policies represent the desired state for VM instance guest environments |
| 2203 | # including packages to install or remove, package repository configurations, |
| 2204 | # and software to install. |
| 2205 | "recipes": [ # A list of Recipes to install on the VM instance. |
| 2206 | { # A software recipe is a set of instructions for installing and configuring a |
| 2207 | # piece of software. It consists of a set of artifacts that are |
| 2208 | # downloaded, and a set of steps that install, configure, and/or update the |
| 2209 | # software. |
| 2210 | # |
| 2211 | # Recipes support installing and updating software from artifacts in the |
| 2212 | # following formats: |
| 2213 | # Zip archive, Tar archive, Windows MSI, Debian package, and RPM package. |
| 2214 | # |
| 2215 | # Additionally, recipes support executing a script (either defined in a file or |
| 2216 | # directly in this api) in bash, sh, cmd, and powershell. |
| 2217 | # |
| 2218 | # Updating a software recipe |
| 2219 | # |
| 2220 | # If a recipe is assigned to an instance and there is a recipe with the same |
| 2221 | # name but a lower version already installed and the assigned state |
| 2222 | # of the recipe is `UPDATED`, then the recipe is updated to |
| 2223 | # the new version. |
| 2224 | # |
| 2225 | # Script Working Directories |
| 2226 | # |
| 2227 | # Each script or execution step is run in its own temporary directory which |
| 2228 | # is deleted after completing the step. |
| 2229 | "name": "A String", # Required. Unique identifier for the recipe. Only one recipe with a given name is |
| 2230 | # installed on an instance. |
| 2231 | # |
| 2232 | # Names are also used to identify resources which helps to determine whether |
| 2233 | # guest policies have conflicts. This means that requests to create multiple |
| 2234 | # recipes with the same name and version are rejected since they |
| 2235 | # could potentially have conflicting assignments. |
| 2236 | "updateSteps": [ # Actions to be taken for updating this recipe. On failure it stops |
| 2237 | # executing steps and does not attempt another update for this recipe. Any |
| 2238 | # steps taken (including partially completed steps) are not rolled back. |
| 2239 | { # An action that can be taken as part of installing or updating a recipe. |
| 2240 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 2241 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2242 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 2243 | # false and the file already exists the file is not overwritten |
| 2244 | # and the step is considered a success. Defaults to false. |
| 2245 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 2246 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 2247 | # order, the permissions of the owner, group, and other users for the |
| 2248 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 2249 | # Each digit represents a three bit number with the 4 bit |
| 2250 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 2251 | # write bit, and the one bit corresponds to the execute permission. |
| 2252 | # Default behavior is 755. |
| 2253 | # |
| 2254 | # Below are some examples of permissions and their associated values: |
| 2255 | # read, write, and execute: 7 |
| 2256 | # read and execute: 5 |
| 2257 | # read and write: 6 |
| 2258 | # read only: 4 |
| 2259 | }, |
| 2260 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 2261 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2262 | }, |
| 2263 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 2264 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 2265 | # can return to indicate a success. |
| 2266 | 42, |
| 2267 | ], |
| 2268 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 2269 | "args": [ # Arguments to be passed to the provided executable. |
| 2270 | "A String", |
| 2271 | ], |
| 2272 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 2273 | }, |
| 2274 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 2275 | "type": "A String", # Required. The type of the archive to extract. |
| 2276 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2277 | "destination": "A String", # Directory to extract archive to. |
| 2278 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 2279 | }, |
| 2280 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 2281 | "flags": [ # The flags to use when installing the MSI |
| 2282 | # defaults to ["/i"] (i.e. the install flag). |
| 2283 | "A String", |
| 2284 | ], |
| 2285 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 2286 | # successfully. Behaviour defaults to [0] |
| 2287 | 42, |
| 2288 | ], |
| 2289 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2290 | }, |
| 2291 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 2292 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 2293 | # successfully. Behaviour defaults to [0] |
| 2294 | 42, |
| 2295 | ], |
| 2296 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 2297 | # specified the script is executed directly, which likely |
| 2298 | # only succeed for scripts with |
| 2299 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 2300 | "script": "A String", # Required. The shell script to be executed. |
| 2301 | }, |
| 2302 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 2303 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2304 | }, |
| 2305 | }, |
| 2306 | ], |
| 2307 | "desiredState": "A String", # Default is INSTALLED. The desired state the agent should maintain for this |
| 2308 | # recipe. |
| 2309 | # |
| 2310 | # INSTALLED: The software recipe is installed on the instance but |
| 2311 | # won't be updated to new versions. |
| 2312 | # UPDATED: The software recipe is installed on the instance. The recipe is |
| 2313 | # updated to a higher version, if a higher version of the recipe is |
| 2314 | # assigned to this instance. |
| 2315 | # REMOVE: Remove is unsupported for software recipes and attempts to |
| 2316 | # create or update a recipe to the REMOVE state is rejected. |
| 2317 | "version": "A String", # The version of this software recipe. Version can be up to 4 period |
| 2318 | # separated numbers (e.g. 12.34.56.78). |
| 2319 | "artifacts": [ # Resources available to be used in the steps in the recipe. |
| 2320 | { # Specifies a resource to be used in the recipe. |
| 2321 | "remote": { # Specifies an artifact available via some URI. # A generic remote artifact. |
| 2322 | "checksum": "A String", # Must be provided if `allow_insecure` is `false`. |
| 2323 | # SHA256 checksum in hex format, to compare to the checksum of the |
| 2324 | # artifact. If the checksum is not empty and it doesn't match the |
| 2325 | # artifact then the recipe installation fails before running any of the |
| 2326 | # steps. |
| 2327 | "uri": "A String", # URI from which to fetch the object. It should contain both the protocol |
| 2328 | # and path following the format {protocol}://{location}. |
| 2329 | }, |
| 2330 | "gcs": { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact. |
| 2331 | "generation": "A String", # Must be provided if allow_insecure is false. |
| 2332 | # Generation number of the Google Cloud Storage object. |
| 2333 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 2334 | # this value would be `1234567`. |
| 2335 | "bucket": "A String", # Bucket of the Google Cloud Storage object. |
| 2336 | # Given an example URL: |
| 2337 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 2338 | # this value would be `my-bucket`. |
| 2339 | "object": "A String", # Name of the Google Cloud Storage object. |
| 2340 | # As specified [here] |
| 2341 | # (https://cloud.google.com/storage/docs/naming#objectnames) |
| 2342 | # Given an example URL: |
| 2343 | # `https://storage.googleapis.com/my-bucket/foo/bar#1234567` |
| 2344 | # this value would be `foo/bar`. |
| 2345 | }, |
| 2346 | "id": "A String", # Required. Id of the artifact, which the installation and update steps of this |
| 2347 | # recipe can reference. Artifacts in a recipe cannot have the same id. |
| 2348 | "allowInsecure": True or False, # Defaults to false. When false, recipes are subject to validations |
| 2349 | # based on the artifact type: |
| 2350 | # |
| 2351 | # Remote: A checksum must be specified, and only protocols with |
| 2352 | # transport-layer security are permitted. |
| 2353 | # GCS: An object generation number must be specified. |
| 2354 | }, |
| 2355 | ], |
| 2356 | "installSteps": [ # Actions to be taken for installing this recipe. On failure it stops |
| 2357 | # executing steps and does not attempt another installation. Any steps taken |
| 2358 | # (including partially completed steps) are not rolled back. |
| 2359 | { # An action that can be taken as part of installing or updating a recipe. |
| 2360 | "fileCopy": { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance. |
| 2361 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2362 | "overwrite": True or False, # Whether to allow this step to overwrite existing files. If this is |
| 2363 | # false and the file already exists the file is not overwritten |
| 2364 | # and the step is considered a success. Defaults to false. |
| 2365 | "destination": "A String", # Required. The absolute path on the instance to put the file. |
| 2366 | "permissions": "A String", # Consists of three octal digits which represent, in |
| 2367 | # order, the permissions of the owner, group, and other users for the |
| 2368 | # file (similarly to the numeric mode used in the linux chmod utility). |
| 2369 | # Each digit represents a three bit number with the 4 bit |
| 2370 | # corresponding to the read permissions, the 2 bit corresponds to the |
| 2371 | # write bit, and the one bit corresponds to the execute permission. |
| 2372 | # Default behavior is 755. |
| 2373 | # |
| 2374 | # Below are some examples of permissions and their associated values: |
| 2375 | # read, write, and execute: 7 |
| 2376 | # read and execute: 5 |
| 2377 | # read and write: 6 |
| 2378 | # read only: 4 |
| 2379 | }, |
| 2380 | "dpkgInstallation": { # Installs a deb via dpkg. # Installs a deb file via dpkg. |
| 2381 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2382 | }, |
| 2383 | "fileExec": { # Executes an artifact or local file. # Executes an artifact or local file. |
| 2384 | "allowedExitCodes": [ # Defaults to [0]. A list of possible return values that the program |
| 2385 | # can return to indicate a success. |
| 2386 | 42, |
| 2387 | ], |
| 2388 | "artifactId": "A String", # The id of the relevant artifact in the recipe. |
| 2389 | "args": [ # Arguments to be passed to the provided executable. |
| 2390 | "A String", |
| 2391 | ], |
| 2392 | "localPath": "A String", # The absolute path of the file on the local filesystem. |
| 2393 | }, |
| 2394 | "archiveExtraction": { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory. |
| 2395 | "type": "A String", # Required. The type of the archive to extract. |
| 2396 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2397 | "destination": "A String", # Directory to extract archive to. |
| 2398 | # Defaults to `/` on Linux or `C:\` on Windows. |
| 2399 | }, |
| 2400 | "msiInstallation": { # Installs an MSI file. # Installs an MSI file. |
| 2401 | "flags": [ # The flags to use when installing the MSI |
| 2402 | # defaults to ["/i"] (i.e. the install flag). |
| 2403 | "A String", |
| 2404 | ], |
| 2405 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 2406 | # successfully. Behaviour defaults to [0] |
| 2407 | 42, |
| 2408 | ], |
| 2409 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2410 | }, |
| 2411 | "scriptRun": { # Runs a script through an interpreter. # Runs commands in a shell. |
| 2412 | "allowedExitCodes": [ # Return codes that indicate that the software installed or updated |
| 2413 | # successfully. Behaviour defaults to [0] |
| 2414 | 42, |
| 2415 | ], |
| 2416 | "interpreter": "A String", # The script interpreter to use to run the script. If no interpreter is |
| 2417 | # specified the script is executed directly, which likely |
| 2418 | # only succeed for scripts with |
| 2419 | # [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)). |
| 2420 | "script": "A String", # Required. The shell script to be executed. |
| 2421 | }, |
| 2422 | "rpmInstallation": { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility. |
| 2423 | "artifactId": "A String", # Required. The id of the relevant artifact in the recipe. |
| 2424 | }, |
| 2425 | }, |
| 2426 | ], |
| 2427 | }, |
| 2428 | ], |
| 2429 | "assignment": { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows |
| 2430 | # you to target sets or groups of VM instances by different parameters such |
| 2431 | # as labels, names, OS, or zones. |
| 2432 | # |
| 2433 | # If left empty, all VM instances underneath this policy are targeted. |
| 2434 | # |
| 2435 | # At the same level in the resource hierarchy (that is within a project), the |
| 2436 | # service prevents the creation of multiple policies that conflict with |
| 2437 | # each other. For more information, see how the service [handles assignment |
| 2438 | # conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts). |
| 2439 | # applies to. |
| 2440 | # |
| 2441 | # If an assignment is empty, it applies to all VM instances. Otherwise, the |
| 2442 | # targeted VM instances must meet all the criteria specified. So if both |
| 2443 | # labels and zones are specified, the policy applies to VM instances with those |
| 2444 | # labels and in those zones. |
| 2445 | "groupLabels": [ # Targets instances matching at least one of these label sets. This allows |
| 2446 | # an assignment to target disparate groups, for example "env=prod or |
| 2447 | # env=staging". |
| 2448 | { # Represents a group of VM intances that can be identified as having all |
| 2449 | # these labels, for example "env=prod and app=web". |
| 2450 | "labels": { # Google Compute Engine instance labels that must be present for an |
| 2451 | # instance to be included in this assignment group. |
| 2452 | "a_key": "A String", |
| 2453 | }, |
| 2454 | }, |
| 2455 | ], |
| 2456 | "osTypes": [ # Targets VM instances matching at least one of the following OS types. |
| 2457 | # |
| 2458 | # VM instances must match all supplied criteria for a given OsType to be |
| 2459 | # included. |
| 2460 | { # Defines the criteria for selecting VM Instances by OS type. |
| 2461 | "osShortName": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 2462 | # OS short name, for example "debian" or "windows". |
| 2463 | "osArchitecture": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 2464 | # OS architecture. |
| 2465 | "osVersion": "A String", # Targets VM instances with OS Inventory enabled and having the following |
| 2466 | # following OS version. |
| 2467 | }, |
| 2468 | ], |
| 2469 | "instances": [ # Targets any of the instances specified. Instances are specified by their |
| 2470 | # URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`. |
| 2471 | # |
| 2472 | # Instance targeting is uncommon and is supported to facilitate the |
| 2473 | # management of changes by the instance or to target specific VM instances |
| 2474 | # for development and testing. |
| 2475 | # |
| 2476 | # Only supported for project-level policies and must reference instances |
| 2477 | # within this project. |
| 2478 | "A String", |
| 2479 | ], |
| 2480 | "instanceNamePrefixes": [ # Targets VM instances whose name starts with one of these prefixes. |
| 2481 | # |
| 2482 | # Like labels, this is another way to group VM instances when targeting |
| 2483 | # configs, for example prefix="prod-". |
| 2484 | # |
| 2485 | # Only supported for project-level policies. |
| 2486 | "A String", |
| 2487 | ], |
| 2488 | "zones": [ # Targets instances in any of these zones. Leave empty to target instances |
| 2489 | # in any zone. |
| 2490 | # |
| 2491 | # Zonal targeting is uncommon and is supported to facilitate the management |
| 2492 | # of changes by zone. |
| 2493 | "A String", |
| 2494 | ], |
| 2495 | }, |
| 2496 | "description": "A String", # Description of the guest policy. Length of the description is limited |
| 2497 | # to 1024 characters. |
| 2498 | "packageRepositories": [ # A list of package repositories to configure on the VM instance. This is |
| 2499 | # done before any other configs are applied so they can use these repos. |
| 2500 | # Package repositories are only configured if the corresponding package |
| 2501 | # manager(s) are available. |
| 2502 | { # A package repository. |
| 2503 | "zypper": { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository. |
| 2504 | # repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`. |
| 2505 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 2506 | # the `repo id` in the zypper config file and also the `display_name` if |
| 2507 | # `display_name` is omitted. This id is also used as the unique identifier |
| 2508 | # when checking for guest policy conflicts. |
| 2509 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 2510 | "gpgKeys": [ # URIs of GPG keys. |
| 2511 | "A String", |
| 2512 | ], |
| 2513 | "displayName": "A String", # The display name of the repository. |
| 2514 | }, |
| 2515 | "apt": { # Represents a single Apt package repository. This repository is added to # An Apt Repository. |
| 2516 | # a repo file that is stored at |
| 2517 | # `/etc/apt/sources.list.d/google_osconfig.list`. |
| 2518 | "archiveType": "A String", # Type of archive files in this repository. The default behavior is DEB. |
| 2519 | "uri": "A String", # Required. URI for this repository. |
| 2520 | "gpgKey": "A String", # URI of the key file for this repository. The agent maintains |
| 2521 | # a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing |
| 2522 | # all the keys in any applied guest policy. |
| 2523 | "distribution": "A String", # Required. Distribution of this repository. |
| 2524 | "components": [ # Required. List of components for this repository. Must contain at least one item. |
| 2525 | "A String", |
| 2526 | ], |
| 2527 | }, |
| 2528 | "yum": { # Represents a single Yum package repository. This repository is added to a # A Yum Repository. |
| 2529 | # repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`. |
| 2530 | "displayName": "A String", # The display name of the repository. |
| 2531 | "id": "A String", # Required. A one word, unique name for this repository. This is |
| 2532 | # the `repo id` in the Yum config file and also the `display_name` if |
| 2533 | # `display_name` is omitted. This id is also used as the unique identifier |
| 2534 | # when checking for guest policy conflicts. |
| 2535 | "baseUrl": "A String", # Required. The location of the repository directory. |
| 2536 | "gpgKeys": [ # URIs of GPG keys. |
| 2537 | "A String", |
| 2538 | ], |
| 2539 | }, |
| 2540 | "goo": { # Represents a Goo package repository. These is added to a repo file # A Goo Repository. |
| 2541 | # that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo. |
| 2542 | "name": "A String", # Required. The name of the repository. |
| 2543 | "url": "A String", # Required. The url of the repository. |
| 2544 | }, |
| 2545 | }, |
| 2546 | ], |
| 2547 | "etag": "A String", # The etag for this guest policy. |
| 2548 | # If this is provided on update, it must match the server's etag. |
| 2549 | "createTime": "A String", # Output only. Time this guest policy was created. |
| 2550 | "packages": [ # The software packages to be managed by this policy. |
| 2551 | { # Package is a reference to the software package to be installed or removed. |
| 2552 | # The agent on the VM instance uses the system package manager to apply the |
| 2553 | # config. |
| 2554 | # |
| 2555 | # |
| 2556 | # These are the commands that the agent uses to install or remove |
| 2557 | # packages. |
| 2558 | # |
| 2559 | # Apt |
| 2560 | # install: `apt-get update && apt-get -y install package1 package2 package3` |
| 2561 | # remove: `apt-get -y remove package1 package2 package3` |
| 2562 | # |
| 2563 | # Yum |
| 2564 | # install: `yum -y install package1 package2 package3` |
| 2565 | # remove: `yum -y remove package1 package2 package3` |
| 2566 | # |
| 2567 | # Zypper |
| 2568 | # install: `zypper install package1 package2 package3` |
| 2569 | # remove: `zypper rm package1 package2` |
| 2570 | # |
| 2571 | # Googet |
| 2572 | # install: `googet -noconfirm install package1 package2 package3` |
| 2573 | # remove: `googet -noconfirm remove package1 package2 package3` |
| 2574 | "name": "A String", # Required. The name of the package. A package is uniquely identified for conflict |
| 2575 | # validation by checking the package name and the manager(s) that the |
| 2576 | # package targets. |
| 2577 | "manager": "A String", # Type of package manager that can be used to install this package. |
| 2578 | # If a system does not have the package manager, the package is not |
| 2579 | # installed or removed no error message is returned. By default, |
| 2580 | # or if you specify `ANY`, |
| 2581 | # the agent attempts to install and remove this package using the default |
| 2582 | # package manager. This is useful when creating a policy that applies to |
| 2583 | # different types of systems. |
| 2584 | # |
| 2585 | # The default behavior is ANY. |
| 2586 | "desiredState": "A String", # The desired_state the agent should maintain for this package. The |
| 2587 | # default is to ensure the package is installed. |
| 2588 | }, |
| 2589 | ], |
| 2590 | "updateTime": "A String", # Output only. Last time this guest policy was updated. |
| 2591 | "name": "A String", # Required. Unique name of the resource in this project using one of the following |
| 2592 | # forms: |
| 2593 | # `projects/{project_number}/guestPolicies/{guest_policy_id}`. |
| 2594 | }</pre> |
| 2595 | </div> |
| 2596 | |
| 2597 | </body></html> |