:doc:`SSM <../../ssm>` / Client / describe_available_patches

**************************
describe_available_patches
**************************



.. py:method:: SSM.Client.describe_available_patches(**kwargs)

  

  Lists all patches eligible to be included in a patch baseline.

   

  .. note::

    

    Currently, ``DescribeAvailablePatches`` supports only the Amazon Linux 1, Amazon Linux 2, and Windows Server operating systems.

    

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DescribeAvailablePatches>`_  


  **Request Syntax**
  ::

    response = client.describe_available_patches(
        Filters=[
            {
                'Key': 'string',
                'Values': [
                    'string',
                ]
            },
        ],
        MaxResults=123,
        NextToken='string'
    )
    
  :type Filters: list
  :param Filters: 

    Each element in the array is a structure containing a key-value pair.

     

    **Windows Server**

     

    Supported keys for Windows Server managed node patches include the following:

     

    
    * ``PATCH_SET`` Sample values: ``OS`` | ``APPLICATION``
     
    * ``PRODUCT`` Sample values: ``WindowsServer2012`` | ``Office 2010`` | ``MicrosoftDefenderAntivirus``
     
    * ``PRODUCT_FAMILY`` Sample values: ``Windows`` | ``Office``
     
    * ``MSRC_SEVERITY`` Sample values: ``ServicePacks`` | ``Important`` | ``Moderate``
     
    * ``CLASSIFICATION`` Sample values: ``ServicePacks`` | ``SecurityUpdates`` | ``DefinitionUpdates``
     
    * ``PATCH_ID`` Sample values: ``KB123456`` | ``KB4516046``
    

     

    **Linux**

     

    .. warning::

       

      When specifying filters for Linux patches, you must specify a key-pair for ``PRODUCT``. For example, using the Command Line Interface (CLI), the following command fails:

       

      ``aws ssm describe-available-patches --filters Key=CVE_ID,Values=CVE-2018-3615``

       

      However, the following command succeeds:

       

      ``aws ssm describe-available-patches --filters Key=PRODUCT,Values=AmazonLinux2018.03 Key=CVE_ID,Values=CVE-2018-3615``

       

     

    Supported keys for Linux managed node patches include the following:

     

    
    * ``PRODUCT`` Sample values: ``AmazonLinux2018.03`` | ``AmazonLinux2.0``
     
    * ``NAME`` Sample values: ``kernel-headers`` | ``samba-python`` | ``php``
     
    * ``SEVERITY`` Sample values: ``Critical`` | ``Important`` | ``Medium`` | ``Low``
     
    * ``EPOCH`` Sample values: ``0`` | ``1``
     
    * ``VERSION`` Sample values: ``78.6.1`` | ``4.10.16``
     
    * ``RELEASE`` Sample values: ``9.56.amzn1`` | ``1.amzn2``
     
    * ``ARCH`` Sample values: ``i686`` | ``x86_64``
     
    * ``REPOSITORY`` Sample values: ``Core`` | ``Updates``
     
    * ``ADVISORY_ID`` Sample values: ``ALAS-2018-1058`` | ``ALAS2-2021-1594``
     
    * ``CVE_ID`` Sample values: ``CVE-2018-3615`` | ``CVE-2020-1472``
     
    * ``BUGZILLA_ID`` Sample values: ``1463241``
    

    

  
    - *(dict) --* 

      Defines a filter used in Patch Manager APIs. Supported filter keys depend on the API operation that includes the filter. Patch Manager API operations that use ``PatchOrchestratorFilter`` include the following:

       

      
      *  DescribeAvailablePatches
       
      *  DescribeInstancePatches
       
      *  DescribePatchBaselines
       
      *  DescribePatchGroups
      

      

    
      - **Key** *(string) --* 

        The key for the filter.

        

      
      - **Values** *(list) --* 

        The value for the filter.

        

      
        - *(string) --* 

        
    
    

  :type MaxResults: integer
  :param MaxResults: 

    The maximum number of patches to return (per page).

    

  
  :type NextToken: string
  :param NextToken: 

    The token for the next set of items to return. (You received this token from a previous call.)

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'Patches': [
              {
                  'Id': 'string',
                  'ReleaseDate': datetime(2015, 1, 1),
                  'Title': 'string',
                  'Description': 'string',
                  'ContentUrl': 'string',
                  'Vendor': 'string',
                  'ProductFamily': 'string',
                  'Product': 'string',
                  'Classification': 'string',
                  'MsrcSeverity': 'string',
                  'KbNumber': 'string',
                  'MsrcNumber': 'string',
                  'Language': 'string',
                  'AdvisoryIds': [
                      'string',
                  ],
                  'BugzillaIds': [
                      'string',
                  ],
                  'CVEIds': [
                      'string',
                  ],
                  'Name': 'string',
                  'Epoch': 123,
                  'Version': 'string',
                  'Release': 'string',
                  'Arch': 'string',
                  'Severity': 'string',
                  'Repository': 'string'
              },
          ],
          'NextToken': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **Patches** *(list) --* 

        An array of patches. Each entry in the array is a patch structure.

        
        

        - *(dict) --* 

          Represents metadata about a patch.

          
          

          - **Id** *(string) --* 

            The ID of the patch. Applies to Windows patches only.

             

            .. note::

              

              This ID isn't the same as the Microsoft Knowledge Base ID.

              

            
          

          - **ReleaseDate** *(datetime) --* 

            The date the patch was released.

            
          

          - **Title** *(string) --* 

            The title of the patch.

            
          

          - **Description** *(string) --* 

            The description of the patch.

            
          

          - **ContentUrl** *(string) --* 

            The URL where more information can be obtained about the patch.

            
          

          - **Vendor** *(string) --* 

            The name of the vendor providing the patch.

            
          

          - **ProductFamily** *(string) --* 

            The product family the patch is applicable for. For example, ``Windows`` or ``Amazon Linux 2``.

            
          

          - **Product** *(string) --* 

            The specific product the patch is applicable for. For example, ``WindowsServer2016`` or ``AmazonLinux2018.03``.

            
          

          - **Classification** *(string) --* 

            The classification of the patch. For example, ``SecurityUpdates``, ``Updates``, or ``CriticalUpdates``.

            
          

          - **MsrcSeverity** *(string) --* 

            The severity of the patch, such as ``Critical``, ``Important``, or ``Moderate``. Applies to Windows patches only.

            
          

          - **KbNumber** *(string) --* 

            The Microsoft Knowledge Base ID of the patch. Applies to Windows patches only.

            
          

          - **MsrcNumber** *(string) --* 

            The ID of the Microsoft Security Response Center (MSRC) bulletin the patch is related to. For example, ``MS14-045``. Applies to Windows patches only.

            
          

          - **Language** *(string) --* 

            The language of the patch if it's language-specific.

            
          

          - **AdvisoryIds** *(list) --* 

            The Advisory ID of the patch. For example, ``RHSA-2020:3779``. Applies to Linux-based managed nodes only.

            
            

            - *(string) --* 
        
          

          - **BugzillaIds** *(list) --* 

            The Bugzilla ID of the patch. For example, ``1600646``. Applies to Linux-based managed nodes only.

            
            

            - *(string) --* 
        
          

          - **CVEIds** *(list) --* 

            The Common Vulnerabilities and Exposures (CVE) ID of the patch. For example, ``CVE-2011-3192``. Applies to Linux-based managed nodes only.

            
            

            - *(string) --* 
        
          

          - **Name** *(string) --* 

            The name of the patch. Applies to Linux-based managed nodes only.

            
          

          - **Epoch** *(integer) --* 

            The epoch of the patch. For example in ``pkg-example-EE-20180914-2.2.amzn1.noarch``, the epoch value is ``20180914-2``. Applies to Linux-based managed nodes only.

            
          

          - **Version** *(string) --* 

            The version number of the patch. For example, in ``example-pkg-1.710.10-2.7.abcd.x86_64``, the version number is indicated by ``-1``. Applies to Linux-based managed nodes only.

            
          

          - **Release** *(string) --* 

            The particular release of a patch. For example, in ``pkg-example-EE-20180914-2.2.amzn1.noarch``, the release is ``2.amaz1``. Applies to Linux-based managed nodes only.

            
          

          - **Arch** *(string) --* 

            The architecture of the patch. For example, in ``example-pkg-0.710.10-2.7.abcd.x86_64``, the architecture is indicated by ``x86_64``. Applies to Linux-based managed nodes only.

            
          

          - **Severity** *(string) --* 

            The severity level of the patch. For example, ``CRITICAL`` or ``MODERATE``.

            
          

          - **Repository** *(string) --* 

            The source patch repository for the operating system and version, such as ``trusty-security`` for Ubuntu Server 14.04 LTE and ``focal-security`` for Ubuntu Server 20.04 LTE. Applies to Linux-based managed nodes only.

            
      
    
      

      - **NextToken** *(string) --* 

        The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.

        
  
  **Exceptions**
  
  *   :py:class:`SSM.Client.exceptions.InternalServerError`

  