azurermAutomationSoftwareUpdateConfiguration

Manages an Automation Software Update Configuraion.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
new azurerm.provider.AzurermProvider(this, "azurerm", {
  features: [{}],
});
const azurermResourceGroupTest = new azurerm.resourceGroup.ResourceGroup(
  this,
  "test",
  {
    location: "East US",
    name: "example-rg",
  }
);
const azurermAutomationAccountTest =
  new azurerm.automationAccount.AutomationAccount(this, "test_2", {
    location: azurermResourceGroupTest.location,
    name: "example",
    resource_group_name: azurermResourceGroupTest.name,
    sku_name: "Basic",
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermAutomationAccountTest.overrideLogicalId("test");
new azurerm.automationSoftwareUpdateConfiguration.AutomationSoftwareUpdateConfiguration(
  this,
  "example",
  {
    automation_account_id: azurermAutomationAccountTest.id,
    duration: "PT2H2M2S",
    linux: [
      {
        classification_included: "Security",
        excluded_packages: ["apt"],
        included_packages: ["vim"],
        reboot: "IfRequired",
      },
    ],
    name: "example",
    operating_system: "Linux",
  }
);

Arguments Reference

The following arguments are supported:

• name - (Required) The name which should be used for this Automation. Changing this forces a new Automation to be created.

• automationAccountId - (Required) The ID of Automation Account to manage this Source Control. Changing this forces a new Automation Source Control to be created.

• operatingSystem - (Required) The Operating system of target machines. Possible values are windows and linux.

• duration - (Optional) Maximum time allowed for the software update configuration run. using format pt[n]h[n]m[n]s as per ISO8601.

• linux - (Optional) One or more linux blocks as defined below.

• windows - (Optional) One or more windows blocks as defined below.

• virtualMachineIds - (Optional) Specifies a list of azure resource Ids of azure virtual machines.

• nonAzureComputerNames - (Optional) Specifies a list of names of non-azure machines for the software update configuration.

• target - (Optional) One or more target blocks as defined below.

• postTask - (Optional) One or more postTask blocks as defined below.

• preTask - (Optional) One or more preTask blocks as defined below.

• schedule - (Optional) One or more schedule blocks as defined below.

A linux block supports the following:

• classificationIncluded - (Optional) Specifies the update classifications included in the Software Update Configuration. Possible values are unclassified, critical, security and other.

• excludedPackages - (Optional) Specifies a list of packages to excluded from the Software Update Configuration.

• includedPackages - (Optional) Specifies a list of packages to included from the Software Update Configuration.

• reboot - (Optional) Specifies the reboot settings after software update, possible values are ifRequired, never and always

A windows block supports the following:

• classificationIncluded - (Optional) (Deprecated) Specifies the update classification. Possible values are unclassified, critical, security, updateRollup, featurePack, servicePack, definition, tools and updates.

• classificationsIncluded - (Optional) Specifies the list of update classification. Possible values are unclassified, critical, security, updateRollup, featurePack, servicePack, definition, tools and updates.

• excludedKnowledgeBaseNumbers - (Optional) Specifies a list of knowledge base numbers excluded.

• includedKnowledgeBaseNumbers - (Optional) Specifies a list of knowledge base numbers included.

• reboot - (Optional) Specifies the reboot settings after software update, possible values are ifRequired, never and always

A target block supports the following:

• azureQuery - (Optional) One or more azureQuery blocks as defined above.

• nonAzureQuery - (Optional) One or more nonAzureQuery blocks as defined above.

A azureQuery block supports the following:

• locations - (Optional) Specifies a list of locations to scope the query to.

• scope - (Optional) Specifies a list of Subscription or Resource Group ARM Ids to query.

• tagFilter - (Optional) Specifies how the specified tags to filter VMs. Possible values are any and all.

• tags - (Optional) A mapping of tags used for query filter as defined below.

A tags block supports the following:

• tag - (Required) Specifies the name of the tag to filter.

• values - (Required) Specifies a list of values for this tag key.

A nonAzureQuery block supports the following:

• functionAlias - (Optional) Specifies the Log Analytics save search name.

• workspaceId - (Optional) The workspace id for Log Analytics in which the saved search in.

A preTask block supports the following:

• parameters - (Optional) Specifies a map of parameters for the task.

• source - (Optional) The name of the runbook for the pre task.

A postTask block supports the following:

• parameters - (Optional) Specifies a map of parameters for the task.

• source - (Optional) The name of the runbook for the post task.

A schedule block supports the following:

• isEnabled - (Optional) Whether the schedule is enabled.

• frequency - (Optional) The frequency of the schedule. - can be either oneTime, day, hour, week, or month.

• description - (Optional) A description for this Schedule.

• interval - (Optional) The number of frequencys between runs. Only valid when frequency is day, hour, week, or month.

• startTime - (Optional) Start time of the schedule. Must be at least five minutes in the future. Defaults to seven minutes in the future from the time the resource is created.

• expiryTime - (Optional) The end time of the schedule.

• timeZone - (Optional) The timezone of the start time. Defaults to utc. For possible values see: https://docs.microsoft.com/en-us/rest/api/maps/timezone/gettimezoneenumwindows

• advancedWeekDays - (Optional) List of days of the week that the job should execute on. Only valid when frequency is week.

• advancedMonthDays - (Optional) List of days of the month that the job should execute on. Must be between 1 and 31. 1 for last day of the month. Only valid when frequency is month.

• monthlyOccurrence - (Optional) List of monthlyOccurrence blocks as defined below to specifies occurrences of days within a month. Only valid when frequency is month. The monthlyOccurrence block supports fields as defined below.

The monthlyOccurrence block supports the following:

• day - (Required) Day of the occurrence. Must be one of monday, tuesday, wednesday, thursday, friday, saturday, sunday.

• occurrence - (Required) Occurrence of the week within the month. Must be between 1 and 5. 1 for last week within the month.

Attributes Reference

In addition to the Arguments listed above - the following Attributes are exported:

• id - The ID of the Automation Software Update Configuration.

• errorCode - The Error code when failed.

• errorMeesage - The Error message indicating why the operation failed.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

• create - (Defaults to 30 minutes) Used when creating the Automation.
• read - (Defaults to 5 minutes) Used when retrieving the Automation.
• update - (Defaults to 10 minutes) Used when updating the Automation.
• delete - (Defaults to 10 minutes) Used when deleting the Automation.

Import

Automations Software Update Configuration can be imported using the resourceId, e.g.

terraform import azurerm_automation_software_update_configuration.example /subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/group1/providers/Microsoft.Automation/automationAccounts/account1/softwareUpdateConfigurations/suc1