:doc:`SSM <../../ssm>` / Client / describe_effective_patches_for_patch_baseline

*********************************************
describe_effective_patches_for_patch_baseline
*********************************************



.. py:method:: SSM.Client.describe_effective_patches_for_patch_baseline(**kwargs)

  

  Retrieves the current effective patches (the patch and the approval state) for the specified patch baseline. Applies to patch baselines for Windows only.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DescribeEffectivePatchesForPatchBaseline>`_  


  **Request Syntax**
  ::

    response = client.describe_effective_patches_for_patch_baseline(
        BaselineId='string',
        MaxResults=123,
        NextToken='string'
    )
    
  :type BaselineId: string
  :param BaselineId: **[REQUIRED]** 

    The ID of the patch baseline to retrieve the effective patches for.

    

  
  :type MaxResults: integer
  :param MaxResults: 

    The maximum number of patches to return (per page).

    

  
  :type NextToken: string
  :param NextToken: 

    The token for the next set of items to return. (You received this token from a previous call.)

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'EffectivePatches': [
              {
                  'Patch': {
                      'Id': 'string',
                      'ReleaseDate': datetime(2015, 1, 1),
                      'Title': 'string',
                      'Description': 'string',
                      'ContentUrl': 'string',
                      'Vendor': 'string',
                      'ProductFamily': 'string',
                      'Product': 'string',
                      'Classification': 'string',
                      'MsrcSeverity': 'string',
                      'KbNumber': 'string',
                      'MsrcNumber': 'string',
                      'Language': 'string',
                      'AdvisoryIds': [
                          'string',
                      ],
                      'BugzillaIds': [
                          'string',
                      ],
                      'CVEIds': [
                          'string',
                      ],
                      'Name': 'string',
                      'Epoch': 123,
                      'Version': 'string',
                      'Release': 'string',
                      'Arch': 'string',
                      'Severity': 'string',
                      'Repository': 'string'
                  },
                  'PatchStatus': {
                      'DeploymentStatus': 'APPROVED'|'PENDING_APPROVAL'|'EXPLICIT_APPROVED'|'EXPLICIT_REJECTED',
                      'ComplianceLevel': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFORMATIONAL'|'UNSPECIFIED',
                      'ApprovalDate': datetime(2015, 1, 1)
                  }
              },
          ],
          'NextToken': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **EffectivePatches** *(list) --* 

        An array of patches and patch status.

        
        

        - *(dict) --* 

          The ``EffectivePatch`` structure defines metadata about a patch along with the approval state of the patch in a particular patch baseline. The approval state includes information about whether the patch is currently approved, due to be approved by a rule, explicitly approved, or explicitly rejected and the date the patch was or will be approved.

          
          

          - **Patch** *(dict) --* 

            Provides metadata for a patch, including information such as the KB ID, severity, classification and a URL for where more information can be obtained about the patch.

            
            

            - **Id** *(string) --* 

              The ID of the patch. Applies to Windows patches only.

               

              .. note::

                

                This ID isn't the same as the Microsoft Knowledge Base ID.

                

              
            

            - **ReleaseDate** *(datetime) --* 

              The date the patch was released.

              
            

            - **Title** *(string) --* 

              The title of the patch.

              
            

            - **Description** *(string) --* 

              The description of the patch.

              
            

            - **ContentUrl** *(string) --* 

              The URL where more information can be obtained about the patch.

              
            

            - **Vendor** *(string) --* 

              The name of the vendor providing the patch.

              
            

            - **ProductFamily** *(string) --* 

              The product family the patch is applicable for. For example, ``Windows`` or ``Amazon Linux 2``.

              
            

            - **Product** *(string) --* 

              The specific product the patch is applicable for. For example, ``WindowsServer2016`` or ``AmazonLinux2018.03``.

              
            

            - **Classification** *(string) --* 

              The classification of the patch. For example, ``SecurityUpdates``, ``Updates``, or ``CriticalUpdates``.

              
            

            - **MsrcSeverity** *(string) --* 

              The severity of the patch, such as ``Critical``, ``Important``, or ``Moderate``. Applies to Windows patches only.

              
            

            - **KbNumber** *(string) --* 

              The Microsoft Knowledge Base ID of the patch. Applies to Windows patches only.

              
            

            - **MsrcNumber** *(string) --* 

              The ID of the Microsoft Security Response Center (MSRC) bulletin the patch is related to. For example, ``MS14-045``. Applies to Windows patches only.

              
            

            - **Language** *(string) --* 

              The language of the patch if it's language-specific.

              
            

            - **AdvisoryIds** *(list) --* 

              The Advisory ID of the patch. For example, ``RHSA-2020:3779``. Applies to Linux-based managed nodes only.

              
              

              - *(string) --* 
          
            

            - **BugzillaIds** *(list) --* 

              The Bugzilla ID of the patch. For example, ``1600646``. Applies to Linux-based managed nodes only.

              
              

              - *(string) --* 
          
            

            - **CVEIds** *(list) --* 

              The Common Vulnerabilities and Exposures (CVE) ID of the patch. For example, ``CVE-2011-3192``. Applies to Linux-based managed nodes only.

              
              

              - *(string) --* 
          
            

            - **Name** *(string) --* 

              The name of the patch. Applies to Linux-based managed nodes only.

              
            

            - **Epoch** *(integer) --* 

              The epoch of the patch. For example in ``pkg-example-EE-20180914-2.2.amzn1.noarch``, the epoch value is ``20180914-2``. Applies to Linux-based managed nodes only.

              
            

            - **Version** *(string) --* 

              The version number of the patch. For example, in ``example-pkg-1.710.10-2.7.abcd.x86_64``, the version number is indicated by ``-1``. Applies to Linux-based managed nodes only.

              
            

            - **Release** *(string) --* 

              The particular release of a patch. For example, in ``pkg-example-EE-20180914-2.2.amzn1.noarch``, the release is ``2.amaz1``. Applies to Linux-based managed nodes only.

              
            

            - **Arch** *(string) --* 

              The architecture of the patch. For example, in ``example-pkg-0.710.10-2.7.abcd.x86_64``, the architecture is indicated by ``x86_64``. Applies to Linux-based managed nodes only.

              
            

            - **Severity** *(string) --* 

              The severity level of the patch. For example, ``CRITICAL`` or ``MODERATE``.

              
            

            - **Repository** *(string) --* 

              The source patch repository for the operating system and version, such as ``trusty-security`` for Ubuntu Server 14.04 LTE and ``focal-security`` for Ubuntu Server 20.04 LTE. Applies to Linux-based managed nodes only.

              
        
          

          - **PatchStatus** *(dict) --* 

            The status of the patch in a patch baseline. This includes information about whether the patch is currently approved, due to be approved by a rule, explicitly approved, or explicitly rejected and the date the patch was or will be approved.

            
            

            - **DeploymentStatus** *(string) --* 

              The approval status of a patch.

              
            

            - **ComplianceLevel** *(string) --* 

              The compliance severity level for a patch.

              
            

            - **ApprovalDate** *(datetime) --* 

              The date the patch was approved (or will be approved if the status is ``PENDING_APPROVAL``).

              
        
      
    
      

      - **NextToken** *(string) --* 

        The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.

        
  
  **Exceptions**
  
  *   :py:class:`SSM.Client.exceptions.InvalidResourceId`

  
  *   :py:class:`SSM.Client.exceptions.DoesNotExistException`

  
  *   :py:class:`SSM.Client.exceptions.UnsupportedOperatingSystem`

  
  *   :py:class:`SSM.Client.exceptions.InternalServerError`

  