blob: c252f1842d2f26043c1eea8e5569e83a671e1e58 [file] [log] [blame]
<html><body>
<style>
body, h1, h2, h3, div, span, p, pre, a {
margin: 0;
padding: 0;
border: 0;
font-weight: inherit;
font-style: inherit;
font-size: 100%;
font-family: inherit;
vertical-align: baseline;
}
body {
font-size: 13px;
padding: 1em;
}
h1 {
font-size: 26px;
margin-bottom: 1em;
}
h2 {
font-size: 24px;
margin-bottom: 1em;
}
h3 {
font-size: 20px;
margin-bottom: 1em;
margin-top: 1em;
}
pre, code {
line-height: 1.5;
font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}
pre {
margin-top: 0.5em;
}
h1, h2, h3, p {
font-family: Arial, sans serif;
}
h1, h2, h3 {
border-bottom: solid #CCC 1px;
}
.toc_element {
margin-top: 0.5em;
}
.firstline {
margin-left: 2 em;
}
.method {
margin-top: 1em;
border: solid 1px #CCC;
padding: 1em;
background: #EEE;
}
.details {
font-weight: bold;
font-size: 14px;
}
</style>
<h1><a href="osconfig_v1beta.html">Cloud OS Config API</a> . <a href="osconfig_v1beta.projects.html">projects</a> . <a href="osconfig_v1beta.projects.guestPolicies.html">guestPolicies</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
<code><a href="#create">create(parent, body=None, guestPolicyId=None, x__xgafv=None)</a></code></p>
<p class="firstline">Create an OS Config guest policy.</p>
<p class="toc_element">
<code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
<p class="firstline">Delete an OS Config guest policy.</p>
<p class="toc_element">
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Get an OS Config guest policy.</p>
<p class="toc_element">
<code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
<p class="firstline">Get a page of OS Config guest policies.</p>
<p class="toc_element">
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
<p class="firstline">Retrieves the next page of results.</p>
<p class="toc_element">
<code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
<p class="firstline">Update an OS Config guest policy.</p>
<h3>Method Details</h3>
<div class="method">
<code class="details" id="create">create(parent, body=None, guestPolicyId=None, x__xgafv=None)</code>
<pre>Create an OS Config guest policy.
Args:
parent: string, Required. The resource name of the parent using one of the following forms:
`projects/{project_number}`. (required)
body: object, The request body.
The object takes the form of:
{ # An OS Config resource representing a guest configuration policy. These
# policies represent the desired state for VM instance guest environments
# including packages to install or remove, package repository configurations,
# and software to install.
&quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
# done before any other configs are applied so they can use these repos.
# Package repositories are only configured if the corresponding package
# manager(s) are available.
{ # A package repository.
&quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
# that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
&quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
},
&quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
# a repo file that is stored at
# `/etc/apt/sources.list.d/google_osconfig.list`.
&quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
&quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
# a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
# all the keys in any applied guest policy.
&quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
&quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
&quot;A String&quot;,
],
&quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
},
&quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
# repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the zypper config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
},
&quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
# repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the Yum config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
},
},
],
&quot;packages&quot;: [ # The software packages to be managed by this policy.
{ # Package is a reference to the software package to be installed or removed.
# The agent on the VM instance uses the system package manager to apply the
# config.
#
#
# These are the commands that the agent uses to install or remove
# packages.
#
# Apt
# install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
# remove: `apt-get -y remove package1 package2 package3`
#
# Yum
# install: `yum -y install package1 package2 package3`
# remove: `yum -y remove package1 package2 package3`
#
# Zypper
# install: `zypper install package1 package2 package3`
# remove: `zypper rm package1 package2`
#
# Googet
# install: `googet -noconfirm install package1 package2 package3`
# remove: `googet -noconfirm remove package1 package2 package3`
&quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
# default is to ensure the package is installed.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
# validation by checking the package name and the manager(s) that the
# package targets.
&quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
# If a system does not have the package manager, the package is not
# installed or removed no error message is returned. By default,
# or if you specify `ANY`,
# the agent attempts to install and remove this package using the default
# package manager. This is useful when creating a policy that applies to
# different types of systems.
#
# The default behavior is ANY.
},
],
&quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
# you to target sets or groups of VM instances by different parameters such
# as labels, names, OS, or zones.
#
# If left empty, all VM instances underneath this policy are targeted.
#
# At the same level in the resource hierarchy (that is within a project), the
# service prevents the creation of multiple policies that conflict with
# each other. For more information, see how the service [handles assignment
# conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
# applies to.
#
# If an assignment is empty, it applies to all VM instances. Otherwise, the
# targeted VM instances must meet all the criteria specified. So if both
# labels and zones are specified, the policy applies to VM instances with those
# labels and in those zones.
&quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
#
# Like labels, this is another way to group VM instances when targeting
# configs, for example prefix=&quot;prod-&quot;.
#
# Only supported for project-level policies.
&quot;A String&quot;,
],
&quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
# an assignment to target disparate groups, for example &quot;env=prod or
# env=staging&quot;.
{ # Represents a group of VM intances that can be identified as having all
# these labels, for example &quot;env=prod and app=web&quot;.
&quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
# instance to be included in this assignment group.
&quot;a_key&quot;: &quot;A String&quot;,
},
},
],
&quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
#
# VM instances must match all supplied criteria for a given OsType to be
# included.
{ # Defines the criteria for selecting VM Instances by OS type.
&quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# following OS version.
&quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
&quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS architecture.
},
],
&quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
# URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
#
# Instance targeting is uncommon and is supported to facilitate the
# management of changes by the instance or to target specific VM instances
# for development and testing.
#
# Only supported for project-level policies and must reference instances
# within this project.
&quot;A String&quot;,
],
&quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
# in any zone.
#
# Zonal targeting is uncommon and is supported to facilitate the management
# of changes by zone.
&quot;A String&quot;,
],
},
&quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
&quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
# If this is provided on update, it must match the server&#x27;s etag.
&quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
# forms:
# `projects/{project_number}/guestPolicies/{guest_policy_id}`.
&quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
{ # A software recipe is a set of instructions for installing and configuring a
# piece of software. It consists of a set of artifacts that are
# downloaded, and a set of steps that install, configure, and/or update the
# software.
#
# Recipes support installing and updating software from artifacts in the
# following formats:
# Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
#
# Additionally, recipes support executing a script (either defined in a file or
# directly in this api) in bash, sh, cmd, and powershell.
#
# Updating a software recipe
#
# If a recipe is assigned to an instance and there is a recipe with the same
# name but a lower version already installed and the assigned state
# of the recipe is `UPDATED`, then the recipe is updated to
# the new version.
#
# Script Working Directories
#
# Each script or execution step is run in its own temporary directory which
# is deleted after completing the step.
&quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
# executing steps and does not attempt another update for this recipe. Any
# steps taken (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
&quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
{ # Specifies a resource to be used in the recipe.
&quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
# recipe can reference. Artifacts in a recipe cannot have the same id.
&quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
&quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
# SHA256 checksum in hex format, to compare to the checksum of the
# artifact. If the checksum is not empty and it doesn&#x27;t match the
# artifact then the recipe installation fails before running any of the
# steps.
&quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
# and path following the format {protocol}://{location}.
},
&quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
# based on the artifact type:
#
# Remote: A checksum must be specified, and only protocols with
# transport-layer security are permitted.
# GCS: An object generation number must be specified.
&quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
&quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
# As specified [here]
# (https://cloud.google.com/storage/docs/naming#objectnames)
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `foo/bar`.
&quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
# Generation number of the Google Cloud Storage object.
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `1234567`.
&quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `my-bucket`.
},
},
],
&quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
# recipe.
#
# INSTALLED: The software recipe is installed on the instance but
# won&#x27;t be updated to new versions.
# UPDATED: The software recipe is installed on the instance. The recipe is
# updated to a higher version, if a higher version of the recipe is
# assigned to this instance.
# REMOVE: Remove is unsupported for software recipes and attempts to
# create or update a recipe to the REMOVE state is rejected.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
# installed on an instance.
#
# Names are also used to identify resources which helps to determine whether
# guest policies have conflicts. This means that requests to create multiple
# recipes with the same name and version are rejected since they
# could potentially have conflicting assignments.
&quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
# separated numbers (e.g. 12.34.56.78).
&quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
# executing steps and does not attempt another installation. Any steps taken
# (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
},
],
&quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
# to 1024 characters.
}
guestPolicyId: string, Required. The logical name of the guest policy in the project
with the following restrictions:
* Must contain only lowercase letters, numbers, and hyphens.
* Must start with a letter.
* Must be between 1-63 characters.
* Must end with a number or a letter.
* Must be unique within the project.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # An OS Config resource representing a guest configuration policy. These
# policies represent the desired state for VM instance guest environments
# including packages to install or remove, package repository configurations,
# and software to install.
&quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
# done before any other configs are applied so they can use these repos.
# Package repositories are only configured if the corresponding package
# manager(s) are available.
{ # A package repository.
&quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
# that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
&quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
},
&quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
# a repo file that is stored at
# `/etc/apt/sources.list.d/google_osconfig.list`.
&quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
&quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
# a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
# all the keys in any applied guest policy.
&quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
&quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
&quot;A String&quot;,
],
&quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
},
&quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
# repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the zypper config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
},
&quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
# repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the Yum config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
},
},
],
&quot;packages&quot;: [ # The software packages to be managed by this policy.
{ # Package is a reference to the software package to be installed or removed.
# The agent on the VM instance uses the system package manager to apply the
# config.
#
#
# These are the commands that the agent uses to install or remove
# packages.
#
# Apt
# install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
# remove: `apt-get -y remove package1 package2 package3`
#
# Yum
# install: `yum -y install package1 package2 package3`
# remove: `yum -y remove package1 package2 package3`
#
# Zypper
# install: `zypper install package1 package2 package3`
# remove: `zypper rm package1 package2`
#
# Googet
# install: `googet -noconfirm install package1 package2 package3`
# remove: `googet -noconfirm remove package1 package2 package3`
&quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
# default is to ensure the package is installed.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
# validation by checking the package name and the manager(s) that the
# package targets.
&quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
# If a system does not have the package manager, the package is not
# installed or removed no error message is returned. By default,
# or if you specify `ANY`,
# the agent attempts to install and remove this package using the default
# package manager. This is useful when creating a policy that applies to
# different types of systems.
#
# The default behavior is ANY.
},
],
&quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
# you to target sets or groups of VM instances by different parameters such
# as labels, names, OS, or zones.
#
# If left empty, all VM instances underneath this policy are targeted.
#
# At the same level in the resource hierarchy (that is within a project), the
# service prevents the creation of multiple policies that conflict with
# each other. For more information, see how the service [handles assignment
# conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
# applies to.
#
# If an assignment is empty, it applies to all VM instances. Otherwise, the
# targeted VM instances must meet all the criteria specified. So if both
# labels and zones are specified, the policy applies to VM instances with those
# labels and in those zones.
&quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
#
# Like labels, this is another way to group VM instances when targeting
# configs, for example prefix=&quot;prod-&quot;.
#
# Only supported for project-level policies.
&quot;A String&quot;,
],
&quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
# an assignment to target disparate groups, for example &quot;env=prod or
# env=staging&quot;.
{ # Represents a group of VM intances that can be identified as having all
# these labels, for example &quot;env=prod and app=web&quot;.
&quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
# instance to be included in this assignment group.
&quot;a_key&quot;: &quot;A String&quot;,
},
},
],
&quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
#
# VM instances must match all supplied criteria for a given OsType to be
# included.
{ # Defines the criteria for selecting VM Instances by OS type.
&quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# following OS version.
&quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
&quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS architecture.
},
],
&quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
# URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
#
# Instance targeting is uncommon and is supported to facilitate the
# management of changes by the instance or to target specific VM instances
# for development and testing.
#
# Only supported for project-level policies and must reference instances
# within this project.
&quot;A String&quot;,
],
&quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
# in any zone.
#
# Zonal targeting is uncommon and is supported to facilitate the management
# of changes by zone.
&quot;A String&quot;,
],
},
&quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
&quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
# If this is provided on update, it must match the server&#x27;s etag.
&quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
# forms:
# `projects/{project_number}/guestPolicies/{guest_policy_id}`.
&quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
{ # A software recipe is a set of instructions for installing and configuring a
# piece of software. It consists of a set of artifacts that are
# downloaded, and a set of steps that install, configure, and/or update the
# software.
#
# Recipes support installing and updating software from artifacts in the
# following formats:
# Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
#
# Additionally, recipes support executing a script (either defined in a file or
# directly in this api) in bash, sh, cmd, and powershell.
#
# Updating a software recipe
#
# If a recipe is assigned to an instance and there is a recipe with the same
# name but a lower version already installed and the assigned state
# of the recipe is `UPDATED`, then the recipe is updated to
# the new version.
#
# Script Working Directories
#
# Each script or execution step is run in its own temporary directory which
# is deleted after completing the step.
&quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
# executing steps and does not attempt another update for this recipe. Any
# steps taken (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
&quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
{ # Specifies a resource to be used in the recipe.
&quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
# recipe can reference. Artifacts in a recipe cannot have the same id.
&quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
&quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
# SHA256 checksum in hex format, to compare to the checksum of the
# artifact. If the checksum is not empty and it doesn&#x27;t match the
# artifact then the recipe installation fails before running any of the
# steps.
&quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
# and path following the format {protocol}://{location}.
},
&quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
# based on the artifact type:
#
# Remote: A checksum must be specified, and only protocols with
# transport-layer security are permitted.
# GCS: An object generation number must be specified.
&quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
&quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
# As specified [here]
# (https://cloud.google.com/storage/docs/naming#objectnames)
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `foo/bar`.
&quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
# Generation number of the Google Cloud Storage object.
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `1234567`.
&quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `my-bucket`.
},
},
],
&quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
# recipe.
#
# INSTALLED: The software recipe is installed on the instance but
# won&#x27;t be updated to new versions.
# UPDATED: The software recipe is installed on the instance. The recipe is
# updated to a higher version, if a higher version of the recipe is
# assigned to this instance.
# REMOVE: Remove is unsupported for software recipes and attempts to
# create or update a recipe to the REMOVE state is rejected.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
# installed on an instance.
#
# Names are also used to identify resources which helps to determine whether
# guest policies have conflicts. This means that requests to create multiple
# recipes with the same name and version are rejected since they
# could potentially have conflicting assignments.
&quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
# separated numbers (e.g. 12.34.56.78).
&quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
# executing steps and does not attempt another installation. Any steps taken
# (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
},
],
&quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
# to 1024 characters.
}</pre>
</div>
<div class="method">
<code class="details" id="delete">delete(name, x__xgafv=None)</code>
<pre>Delete an OS Config guest policy.
Args:
name: string, Required. The resource name of the guest policy using one of the following forms:
`projects/{project_number}/guestPolicies/{guest_policy_id}`. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A generic empty message that you can re-use to avoid defining duplicated
# empty messages in your APIs. A typical example is to use it as the request
# or the response type of an API method. For instance:
#
# service Foo {
# rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
# }
#
# The JSON representation for `Empty` is empty JSON object `{}`.
}</pre>
</div>
<div class="method">
<code class="details" id="get">get(name, x__xgafv=None)</code>
<pre>Get an OS Config guest policy.
Args:
name: string, Required. The resource name of the guest policy using one of the following forms:
`projects/{project_number}/guestPolicies/{guest_policy_id}`. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # An OS Config resource representing a guest configuration policy. These
# policies represent the desired state for VM instance guest environments
# including packages to install or remove, package repository configurations,
# and software to install.
&quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
# done before any other configs are applied so they can use these repos.
# Package repositories are only configured if the corresponding package
# manager(s) are available.
{ # A package repository.
&quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
# that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
&quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
},
&quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
# a repo file that is stored at
# `/etc/apt/sources.list.d/google_osconfig.list`.
&quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
&quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
# a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
# all the keys in any applied guest policy.
&quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
&quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
&quot;A String&quot;,
],
&quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
},
&quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
# repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the zypper config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
},
&quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
# repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the Yum config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
},
},
],
&quot;packages&quot;: [ # The software packages to be managed by this policy.
{ # Package is a reference to the software package to be installed or removed.
# The agent on the VM instance uses the system package manager to apply the
# config.
#
#
# These are the commands that the agent uses to install or remove
# packages.
#
# Apt
# install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
# remove: `apt-get -y remove package1 package2 package3`
#
# Yum
# install: `yum -y install package1 package2 package3`
# remove: `yum -y remove package1 package2 package3`
#
# Zypper
# install: `zypper install package1 package2 package3`
# remove: `zypper rm package1 package2`
#
# Googet
# install: `googet -noconfirm install package1 package2 package3`
# remove: `googet -noconfirm remove package1 package2 package3`
&quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
# default is to ensure the package is installed.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
# validation by checking the package name and the manager(s) that the
# package targets.
&quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
# If a system does not have the package manager, the package is not
# installed or removed no error message is returned. By default,
# or if you specify `ANY`,
# the agent attempts to install and remove this package using the default
# package manager. This is useful when creating a policy that applies to
# different types of systems.
#
# The default behavior is ANY.
},
],
&quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
# you to target sets or groups of VM instances by different parameters such
# as labels, names, OS, or zones.
#
# If left empty, all VM instances underneath this policy are targeted.
#
# At the same level in the resource hierarchy (that is within a project), the
# service prevents the creation of multiple policies that conflict with
# each other. For more information, see how the service [handles assignment
# conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
# applies to.
#
# If an assignment is empty, it applies to all VM instances. Otherwise, the
# targeted VM instances must meet all the criteria specified. So if both
# labels and zones are specified, the policy applies to VM instances with those
# labels and in those zones.
&quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
#
# Like labels, this is another way to group VM instances when targeting
# configs, for example prefix=&quot;prod-&quot;.
#
# Only supported for project-level policies.
&quot;A String&quot;,
],
&quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
# an assignment to target disparate groups, for example &quot;env=prod or
# env=staging&quot;.
{ # Represents a group of VM intances that can be identified as having all
# these labels, for example &quot;env=prod and app=web&quot;.
&quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
# instance to be included in this assignment group.
&quot;a_key&quot;: &quot;A String&quot;,
},
},
],
&quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
#
# VM instances must match all supplied criteria for a given OsType to be
# included.
{ # Defines the criteria for selecting VM Instances by OS type.
&quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# following OS version.
&quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
&quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS architecture.
},
],
&quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
# URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
#
# Instance targeting is uncommon and is supported to facilitate the
# management of changes by the instance or to target specific VM instances
# for development and testing.
#
# Only supported for project-level policies and must reference instances
# within this project.
&quot;A String&quot;,
],
&quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
# in any zone.
#
# Zonal targeting is uncommon and is supported to facilitate the management
# of changes by zone.
&quot;A String&quot;,
],
},
&quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
&quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
# If this is provided on update, it must match the server&#x27;s etag.
&quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
# forms:
# `projects/{project_number}/guestPolicies/{guest_policy_id}`.
&quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
{ # A software recipe is a set of instructions for installing and configuring a
# piece of software. It consists of a set of artifacts that are
# downloaded, and a set of steps that install, configure, and/or update the
# software.
#
# Recipes support installing and updating software from artifacts in the
# following formats:
# Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
#
# Additionally, recipes support executing a script (either defined in a file or
# directly in this api) in bash, sh, cmd, and powershell.
#
# Updating a software recipe
#
# If a recipe is assigned to an instance and there is a recipe with the same
# name but a lower version already installed and the assigned state
# of the recipe is `UPDATED`, then the recipe is updated to
# the new version.
#
# Script Working Directories
#
# Each script or execution step is run in its own temporary directory which
# is deleted after completing the step.
&quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
# executing steps and does not attempt another update for this recipe. Any
# steps taken (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
&quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
{ # Specifies a resource to be used in the recipe.
&quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
# recipe can reference. Artifacts in a recipe cannot have the same id.
&quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
&quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
# SHA256 checksum in hex format, to compare to the checksum of the
# artifact. If the checksum is not empty and it doesn&#x27;t match the
# artifact then the recipe installation fails before running any of the
# steps.
&quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
# and path following the format {protocol}://{location}.
},
&quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
# based on the artifact type:
#
# Remote: A checksum must be specified, and only protocols with
# transport-layer security are permitted.
# GCS: An object generation number must be specified.
&quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
&quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
# As specified [here]
# (https://cloud.google.com/storage/docs/naming#objectnames)
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `foo/bar`.
&quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
# Generation number of the Google Cloud Storage object.
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `1234567`.
&quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `my-bucket`.
},
},
],
&quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
# recipe.
#
# INSTALLED: The software recipe is installed on the instance but
# won&#x27;t be updated to new versions.
# UPDATED: The software recipe is installed on the instance. The recipe is
# updated to a higher version, if a higher version of the recipe is
# assigned to this instance.
# REMOVE: Remove is unsupported for software recipes and attempts to
# create or update a recipe to the REMOVE state is rejected.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
# installed on an instance.
#
# Names are also used to identify resources which helps to determine whether
# guest policies have conflicts. This means that requests to create multiple
# recipes with the same name and version are rejected since they
# could potentially have conflicting assignments.
&quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
# separated numbers (e.g. 12.34.56.78).
&quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
# executing steps and does not attempt another installation. Any steps taken
# (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
},
],
&quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
# to 1024 characters.
}</pre>
</div>
<div class="method">
<code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code>
<pre>Get a page of OS Config guest policies.
Args:
parent: string, Required. The resource name of the parent using one of the following forms:
`projects/{project_number}`. (required)
pageSize: integer, The maximum number of guest policies to return.
pageToken: string, A pagination token returned from a previous call to `ListGuestPolicies`
that indicates where this listing should continue from.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A response message for listing guest policies.
&quot;nextPageToken&quot;: &quot;A String&quot;, # A pagination token that can be used to get the next page
# of guest policies.
&quot;guestPolicies&quot;: [ # The list of GuestPolicies.
{ # An OS Config resource representing a guest configuration policy. These
# policies represent the desired state for VM instance guest environments
# including packages to install or remove, package repository configurations,
# and software to install.
&quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
# done before any other configs are applied so they can use these repos.
# Package repositories are only configured if the corresponding package
# manager(s) are available.
{ # A package repository.
&quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
# that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
&quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
},
&quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
# a repo file that is stored at
# `/etc/apt/sources.list.d/google_osconfig.list`.
&quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
&quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
# a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
# all the keys in any applied guest policy.
&quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
&quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
&quot;A String&quot;,
],
&quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
},
&quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
# repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the zypper config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
},
&quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
# repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the Yum config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
},
},
],
&quot;packages&quot;: [ # The software packages to be managed by this policy.
{ # Package is a reference to the software package to be installed or removed.
# The agent on the VM instance uses the system package manager to apply the
# config.
#
#
# These are the commands that the agent uses to install or remove
# packages.
#
# Apt
# install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
# remove: `apt-get -y remove package1 package2 package3`
#
# Yum
# install: `yum -y install package1 package2 package3`
# remove: `yum -y remove package1 package2 package3`
#
# Zypper
# install: `zypper install package1 package2 package3`
# remove: `zypper rm package1 package2`
#
# Googet
# install: `googet -noconfirm install package1 package2 package3`
# remove: `googet -noconfirm remove package1 package2 package3`
&quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
# default is to ensure the package is installed.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
# validation by checking the package name and the manager(s) that the
# package targets.
&quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
# If a system does not have the package manager, the package is not
# installed or removed no error message is returned. By default,
# or if you specify `ANY`,
# the agent attempts to install and remove this package using the default
# package manager. This is useful when creating a policy that applies to
# different types of systems.
#
# The default behavior is ANY.
},
],
&quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
# you to target sets or groups of VM instances by different parameters such
# as labels, names, OS, or zones.
#
# If left empty, all VM instances underneath this policy are targeted.
#
# At the same level in the resource hierarchy (that is within a project), the
# service prevents the creation of multiple policies that conflict with
# each other. For more information, see how the service [handles assignment
# conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
# applies to.
#
# If an assignment is empty, it applies to all VM instances. Otherwise, the
# targeted VM instances must meet all the criteria specified. So if both
# labels and zones are specified, the policy applies to VM instances with those
# labels and in those zones.
&quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
#
# Like labels, this is another way to group VM instances when targeting
# configs, for example prefix=&quot;prod-&quot;.
#
# Only supported for project-level policies.
&quot;A String&quot;,
],
&quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
# an assignment to target disparate groups, for example &quot;env=prod or
# env=staging&quot;.
{ # Represents a group of VM intances that can be identified as having all
# these labels, for example &quot;env=prod and app=web&quot;.
&quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
# instance to be included in this assignment group.
&quot;a_key&quot;: &quot;A String&quot;,
},
},
],
&quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
#
# VM instances must match all supplied criteria for a given OsType to be
# included.
{ # Defines the criteria for selecting VM Instances by OS type.
&quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# following OS version.
&quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
&quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS architecture.
},
],
&quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
# URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
#
# Instance targeting is uncommon and is supported to facilitate the
# management of changes by the instance or to target specific VM instances
# for development and testing.
#
# Only supported for project-level policies and must reference instances
# within this project.
&quot;A String&quot;,
],
&quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
# in any zone.
#
# Zonal targeting is uncommon and is supported to facilitate the management
# of changes by zone.
&quot;A String&quot;,
],
},
&quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
&quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
# If this is provided on update, it must match the server&#x27;s etag.
&quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
# forms:
# `projects/{project_number}/guestPolicies/{guest_policy_id}`.
&quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
{ # A software recipe is a set of instructions for installing and configuring a
# piece of software. It consists of a set of artifacts that are
# downloaded, and a set of steps that install, configure, and/or update the
# software.
#
# Recipes support installing and updating software from artifacts in the
# following formats:
# Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
#
# Additionally, recipes support executing a script (either defined in a file or
# directly in this api) in bash, sh, cmd, and powershell.
#
# Updating a software recipe
#
# If a recipe is assigned to an instance and there is a recipe with the same
# name but a lower version already installed and the assigned state
# of the recipe is `UPDATED`, then the recipe is updated to
# the new version.
#
# Script Working Directories
#
# Each script or execution step is run in its own temporary directory which
# is deleted after completing the step.
&quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
# executing steps and does not attempt another update for this recipe. Any
# steps taken (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
&quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
{ # Specifies a resource to be used in the recipe.
&quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
# recipe can reference. Artifacts in a recipe cannot have the same id.
&quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
&quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
# SHA256 checksum in hex format, to compare to the checksum of the
# artifact. If the checksum is not empty and it doesn&#x27;t match the
# artifact then the recipe installation fails before running any of the
# steps.
&quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
# and path following the format {protocol}://{location}.
},
&quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
# based on the artifact type:
#
# Remote: A checksum must be specified, and only protocols with
# transport-layer security are permitted.
# GCS: An object generation number must be specified.
&quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
&quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
# As specified [here]
# (https://cloud.google.com/storage/docs/naming#objectnames)
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `foo/bar`.
&quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
# Generation number of the Google Cloud Storage object.
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `1234567`.
&quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `my-bucket`.
},
},
],
&quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
# recipe.
#
# INSTALLED: The software recipe is installed on the instance but
# won&#x27;t be updated to new versions.
# UPDATED: The software recipe is installed on the instance. The recipe is
# updated to a higher version, if a higher version of the recipe is
# assigned to this instance.
# REMOVE: Remove is unsupported for software recipes and attempts to
# create or update a recipe to the REMOVE state is rejected.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
# installed on an instance.
#
# Names are also used to identify resources which helps to determine whether
# guest policies have conflicts. This means that requests to create multiple
# recipes with the same name and version are rejected since they
# could potentially have conflicting assignments.
&quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
# separated numbers (e.g. 12.34.56.78).
&quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
# executing steps and does not attempt another installation. Any steps taken
# (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
},
],
&quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
# to 1024 characters.
},
],
}</pre>
</div>
<div class="method">
<code class="details" id="list_next">list_next(previous_request, previous_response)</code>
<pre>Retrieves the next page of results.
Args:
previous_request: The request for the previous page. (required)
previous_response: The response from the request for the previous page. (required)
Returns:
A request object that you can call &#x27;execute()&#x27; on to request the next
page. Returns None if there are no more items in the collection.
</pre>
</div>
<div class="method">
<code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
<pre>Update an OS Config guest policy.
Args:
name: string, Required. Unique name of the resource in this project using one of the following
forms:
`projects/{project_number}/guestPolicies/{guest_policy_id}`. (required)
body: object, The request body.
The object takes the form of:
{ # An OS Config resource representing a guest configuration policy. These
# policies represent the desired state for VM instance guest environments
# including packages to install or remove, package repository configurations,
# and software to install.
&quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
# done before any other configs are applied so they can use these repos.
# Package repositories are only configured if the corresponding package
# manager(s) are available.
{ # A package repository.
&quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
# that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
&quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
},
&quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
# a repo file that is stored at
# `/etc/apt/sources.list.d/google_osconfig.list`.
&quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
&quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
# a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
# all the keys in any applied guest policy.
&quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
&quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
&quot;A String&quot;,
],
&quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
},
&quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
# repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the zypper config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
},
&quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
# repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the Yum config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
},
},
],
&quot;packages&quot;: [ # The software packages to be managed by this policy.
{ # Package is a reference to the software package to be installed or removed.
# The agent on the VM instance uses the system package manager to apply the
# config.
#
#
# These are the commands that the agent uses to install or remove
# packages.
#
# Apt
# install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
# remove: `apt-get -y remove package1 package2 package3`
#
# Yum
# install: `yum -y install package1 package2 package3`
# remove: `yum -y remove package1 package2 package3`
#
# Zypper
# install: `zypper install package1 package2 package3`
# remove: `zypper rm package1 package2`
#
# Googet
# install: `googet -noconfirm install package1 package2 package3`
# remove: `googet -noconfirm remove package1 package2 package3`
&quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
# default is to ensure the package is installed.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
# validation by checking the package name and the manager(s) that the
# package targets.
&quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
# If a system does not have the package manager, the package is not
# installed or removed no error message is returned. By default,
# or if you specify `ANY`,
# the agent attempts to install and remove this package using the default
# package manager. This is useful when creating a policy that applies to
# different types of systems.
#
# The default behavior is ANY.
},
],
&quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
# you to target sets or groups of VM instances by different parameters such
# as labels, names, OS, or zones.
#
# If left empty, all VM instances underneath this policy are targeted.
#
# At the same level in the resource hierarchy (that is within a project), the
# service prevents the creation of multiple policies that conflict with
# each other. For more information, see how the service [handles assignment
# conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
# applies to.
#
# If an assignment is empty, it applies to all VM instances. Otherwise, the
# targeted VM instances must meet all the criteria specified. So if both
# labels and zones are specified, the policy applies to VM instances with those
# labels and in those zones.
&quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
#
# Like labels, this is another way to group VM instances when targeting
# configs, for example prefix=&quot;prod-&quot;.
#
# Only supported for project-level policies.
&quot;A String&quot;,
],
&quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
# an assignment to target disparate groups, for example &quot;env=prod or
# env=staging&quot;.
{ # Represents a group of VM intances that can be identified as having all
# these labels, for example &quot;env=prod and app=web&quot;.
&quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
# instance to be included in this assignment group.
&quot;a_key&quot;: &quot;A String&quot;,
},
},
],
&quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
#
# VM instances must match all supplied criteria for a given OsType to be
# included.
{ # Defines the criteria for selecting VM Instances by OS type.
&quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# following OS version.
&quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
&quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS architecture.
},
],
&quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
# URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
#
# Instance targeting is uncommon and is supported to facilitate the
# management of changes by the instance or to target specific VM instances
# for development and testing.
#
# Only supported for project-level policies and must reference instances
# within this project.
&quot;A String&quot;,
],
&quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
# in any zone.
#
# Zonal targeting is uncommon and is supported to facilitate the management
# of changes by zone.
&quot;A String&quot;,
],
},
&quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
&quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
# If this is provided on update, it must match the server&#x27;s etag.
&quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
# forms:
# `projects/{project_number}/guestPolicies/{guest_policy_id}`.
&quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
{ # A software recipe is a set of instructions for installing and configuring a
# piece of software. It consists of a set of artifacts that are
# downloaded, and a set of steps that install, configure, and/or update the
# software.
#
# Recipes support installing and updating software from artifacts in the
# following formats:
# Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
#
# Additionally, recipes support executing a script (either defined in a file or
# directly in this api) in bash, sh, cmd, and powershell.
#
# Updating a software recipe
#
# If a recipe is assigned to an instance and there is a recipe with the same
# name but a lower version already installed and the assigned state
# of the recipe is `UPDATED`, then the recipe is updated to
# the new version.
#
# Script Working Directories
#
# Each script or execution step is run in its own temporary directory which
# is deleted after completing the step.
&quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
# executing steps and does not attempt another update for this recipe. Any
# steps taken (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
&quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
{ # Specifies a resource to be used in the recipe.
&quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
# recipe can reference. Artifacts in a recipe cannot have the same id.
&quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
&quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
# SHA256 checksum in hex format, to compare to the checksum of the
# artifact. If the checksum is not empty and it doesn&#x27;t match the
# artifact then the recipe installation fails before running any of the
# steps.
&quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
# and path following the format {protocol}://{location}.
},
&quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
# based on the artifact type:
#
# Remote: A checksum must be specified, and only protocols with
# transport-layer security are permitted.
# GCS: An object generation number must be specified.
&quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
&quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
# As specified [here]
# (https://cloud.google.com/storage/docs/naming#objectnames)
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `foo/bar`.
&quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
# Generation number of the Google Cloud Storage object.
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `1234567`.
&quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `my-bucket`.
},
},
],
&quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
# recipe.
#
# INSTALLED: The software recipe is installed on the instance but
# won&#x27;t be updated to new versions.
# UPDATED: The software recipe is installed on the instance. The recipe is
# updated to a higher version, if a higher version of the recipe is
# assigned to this instance.
# REMOVE: Remove is unsupported for software recipes and attempts to
# create or update a recipe to the REMOVE state is rejected.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
# installed on an instance.
#
# Names are also used to identify resources which helps to determine whether
# guest policies have conflicts. This means that requests to create multiple
# recipes with the same name and version are rejected since they
# could potentially have conflicting assignments.
&quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
# separated numbers (e.g. 12.34.56.78).
&quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
# executing steps and does not attempt another installation. Any steps taken
# (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
},
],
&quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
# to 1024 characters.
}
updateMask: string, Field mask that controls which fields of the guest policy should be
updated.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # An OS Config resource representing a guest configuration policy. These
# policies represent the desired state for VM instance guest environments
# including packages to install or remove, package repository configurations,
# and software to install.
&quot;packageRepositories&quot;: [ # A list of package repositories to configure on the VM instance. This is
# done before any other configs are applied so they can use these repos.
# Package repositories are only configured if the corresponding package
# manager(s) are available.
{ # A package repository.
&quot;goo&quot;: { # Represents a Goo package repository. These is added to a repo file # A Goo Repository.
# that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
&quot;url&quot;: &quot;A String&quot;, # Required. The url of the repository.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the repository.
},
&quot;apt&quot;: { # Represents a single Apt package repository. This repository is added to # An Apt Repository.
# a repo file that is stored at
# `/etc/apt/sources.list.d/google_osconfig.list`.
&quot;archiveType&quot;: &quot;A String&quot;, # Type of archive files in this repository. The default behavior is DEB.
&quot;gpgKey&quot;: &quot;A String&quot;, # URI of the key file for this repository. The agent maintains
# a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
# all the keys in any applied guest policy.
&quot;uri&quot;: &quot;A String&quot;, # Required. URI for this repository.
&quot;components&quot;: [ # Required. List of components for this repository. Must contain at least one item.
&quot;A String&quot;,
],
&quot;distribution&quot;: &quot;A String&quot;, # Required. Distribution of this repository.
},
&quot;zypper&quot;: { # Represents a single Zypper package repository. This repository is added to a # A Zypper Repository.
# repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the zypper config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
},
&quot;yum&quot;: { # Represents a single Yum package repository. This repository is added to a # A Yum Repository.
# repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
&quot;id&quot;: &quot;A String&quot;, # Required. A one word, unique name for this repository. This is
# the `repo id` in the Yum config file and also the `display_name` if
# `display_name` is omitted. This id is also used as the unique identifier
# when checking for guest policy conflicts.
&quot;displayName&quot;: &quot;A String&quot;, # The display name of the repository.
&quot;baseUrl&quot;: &quot;A String&quot;, # Required. The location of the repository directory.
&quot;gpgKeys&quot;: [ # URIs of GPG keys.
&quot;A String&quot;,
],
},
},
],
&quot;packages&quot;: [ # The software packages to be managed by this policy.
{ # Package is a reference to the software package to be installed or removed.
# The agent on the VM instance uses the system package manager to apply the
# config.
#
#
# These are the commands that the agent uses to install or remove
# packages.
#
# Apt
# install: `apt-get update &amp;&amp; apt-get -y install package1 package2 package3`
# remove: `apt-get -y remove package1 package2 package3`
#
# Yum
# install: `yum -y install package1 package2 package3`
# remove: `yum -y remove package1 package2 package3`
#
# Zypper
# install: `zypper install package1 package2 package3`
# remove: `zypper rm package1 package2`
#
# Googet
# install: `googet -noconfirm install package1 package2 package3`
# remove: `googet -noconfirm remove package1 package2 package3`
&quot;desiredState&quot;: &quot;A String&quot;, # The desired_state the agent should maintain for this package. The
# default is to ensure the package is installed.
&quot;name&quot;: &quot;A String&quot;, # Required. The name of the package. A package is uniquely identified for conflict
# validation by checking the package name and the manager(s) that the
# package targets.
&quot;manager&quot;: &quot;A String&quot;, # Type of package manager that can be used to install this package.
# If a system does not have the package manager, the package is not
# installed or removed no error message is returned. By default,
# or if you specify `ANY`,
# the agent attempts to install and remove this package using the default
# package manager. This is useful when creating a policy that applies to
# different types of systems.
#
# The default behavior is ANY.
},
],
&quot;assignment&quot;: { # An assignment represents the group or groups of VM instances that the policy # Required. Specifies the VM instances that are assigned to this policy. This allows
# you to target sets or groups of VM instances by different parameters such
# as labels, names, OS, or zones.
#
# If left empty, all VM instances underneath this policy are targeted.
#
# At the same level in the resource hierarchy (that is within a project), the
# service prevents the creation of multiple policies that conflict with
# each other. For more information, see how the service [handles assignment
# conflicts](/compute/docs/os-config-management/create-guest-policy#handle-conflicts).
# applies to.
#
# If an assignment is empty, it applies to all VM instances. Otherwise, the
# targeted VM instances must meet all the criteria specified. So if both
# labels and zones are specified, the policy applies to VM instances with those
# labels and in those zones.
&quot;instanceNamePrefixes&quot;: [ # Targets VM instances whose name starts with one of these prefixes.
#
# Like labels, this is another way to group VM instances when targeting
# configs, for example prefix=&quot;prod-&quot;.
#
# Only supported for project-level policies.
&quot;A String&quot;,
],
&quot;groupLabels&quot;: [ # Targets instances matching at least one of these label sets. This allows
# an assignment to target disparate groups, for example &quot;env=prod or
# env=staging&quot;.
{ # Represents a group of VM intances that can be identified as having all
# these labels, for example &quot;env=prod and app=web&quot;.
&quot;labels&quot;: { # Google Compute Engine instance labels that must be present for an
# instance to be included in this assignment group.
&quot;a_key&quot;: &quot;A String&quot;,
},
},
],
&quot;osTypes&quot;: [ # Targets VM instances matching at least one of the following OS types.
#
# VM instances must match all supplied criteria for a given OsType to be
# included.
{ # Defines the criteria for selecting VM Instances by OS type.
&quot;osVersion&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# following OS version.
&quot;osShortName&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS short name, for example &quot;debian&quot; or &quot;windows&quot;.
&quot;osArchitecture&quot;: &quot;A String&quot;, # Targets VM instances with OS Inventory enabled and having the following
# OS architecture.
},
],
&quot;instances&quot;: [ # Targets any of the instances specified. Instances are specified by their
# URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
#
# Instance targeting is uncommon and is supported to facilitate the
# management of changes by the instance or to target specific VM instances
# for development and testing.
#
# Only supported for project-level policies and must reference instances
# within this project.
&quot;A String&quot;,
],
&quot;zones&quot;: [ # Targets instances in any of these zones. Leave empty to target instances
# in any zone.
#
# Zonal targeting is uncommon and is supported to facilitate the management
# of changes by zone.
&quot;A String&quot;,
],
},
&quot;createTime&quot;: &quot;A String&quot;, # Output only. Time this guest policy was created.
&quot;etag&quot;: &quot;A String&quot;, # The etag for this guest policy.
# If this is provided on update, it must match the server&#x27;s etag.
&quot;updateTime&quot;: &quot;A String&quot;, # Output only. Last time this guest policy was updated.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique name of the resource in this project using one of the following
# forms:
# `projects/{project_number}/guestPolicies/{guest_policy_id}`.
&quot;recipes&quot;: [ # A list of Recipes to install on the VM instance.
{ # A software recipe is a set of instructions for installing and configuring a
# piece of software. It consists of a set of artifacts that are
# downloaded, and a set of steps that install, configure, and/or update the
# software.
#
# Recipes support installing and updating software from artifacts in the
# following formats:
# Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
#
# Additionally, recipes support executing a script (either defined in a file or
# directly in this api) in bash, sh, cmd, and powershell.
#
# Updating a software recipe
#
# If a recipe is assigned to an instance and there is a recipe with the same
# name but a lower version already installed and the assigned state
# of the recipe is `UPDATED`, then the recipe is updated to
# the new version.
#
# Script Working Directories
#
# Each script or execution step is run in its own temporary directory which
# is deleted after completing the step.
&quot;updateSteps&quot;: [ # Actions to be taken for updating this recipe. On failure it stops
# executing steps and does not attempt another update for this recipe. Any
# steps taken (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
&quot;artifacts&quot;: [ # Resources available to be used in the steps in the recipe.
{ # Specifies a resource to be used in the recipe.
&quot;id&quot;: &quot;A String&quot;, # Required. Id of the artifact, which the installation and update steps of this
# recipe can reference. Artifacts in a recipe cannot have the same id.
&quot;remote&quot;: { # Specifies an artifact available via some URI. # A generic remote artifact.
&quot;checksum&quot;: &quot;A String&quot;, # Must be provided if `allow_insecure` is `false`.
# SHA256 checksum in hex format, to compare to the checksum of the
# artifact. If the checksum is not empty and it doesn&#x27;t match the
# artifact then the recipe installation fails before running any of the
# steps.
&quot;uri&quot;: &quot;A String&quot;, # URI from which to fetch the object. It should contain both the protocol
# and path following the format {protocol}://{location}.
},
&quot;allowInsecure&quot;: True or False, # Defaults to false. When false, recipes are subject to validations
# based on the artifact type:
#
# Remote: A checksum must be specified, and only protocols with
# transport-layer security are permitted.
# GCS: An object generation number must be specified.
&quot;gcs&quot;: { # Specifies an artifact available as a Google Cloud Storage object. # A Google Cloud Storage artifact.
&quot;object&quot;: &quot;A String&quot;, # Name of the Google Cloud Storage object.
# As specified [here]
# (https://cloud.google.com/storage/docs/naming#objectnames)
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `foo/bar`.
&quot;generation&quot;: &quot;A String&quot;, # Must be provided if allow_insecure is false.
# Generation number of the Google Cloud Storage object.
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `1234567`.
&quot;bucket&quot;: &quot;A String&quot;, # Bucket of the Google Cloud Storage object.
# Given an example URL:
# `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
# this value would be `my-bucket`.
},
},
],
&quot;desiredState&quot;: &quot;A String&quot;, # Default is INSTALLED. The desired state the agent should maintain for this
# recipe.
#
# INSTALLED: The software recipe is installed on the instance but
# won&#x27;t be updated to new versions.
# UPDATED: The software recipe is installed on the instance. The recipe is
# updated to a higher version, if a higher version of the recipe is
# assigned to this instance.
# REMOVE: Remove is unsupported for software recipes and attempts to
# create or update a recipe to the REMOVE state is rejected.
&quot;name&quot;: &quot;A String&quot;, # Required. Unique identifier for the recipe. Only one recipe with a given name is
# installed on an instance.
#
# Names are also used to identify resources which helps to determine whether
# guest policies have conflicts. This means that requests to create multiple
# recipes with the same name and version are rejected since they
# could potentially have conflicting assignments.
&quot;version&quot;: &quot;A String&quot;, # The version of this software recipe. Version can be up to 4 period
# separated numbers (e.g. 12.34.56.78).
&quot;installSteps&quot;: [ # Actions to be taken for installing this recipe. On failure it stops
# executing steps and does not attempt another installation. Any steps taken
# (including partially completed steps) are not rolled back.
{ # An action that can be taken as part of installing or updating a recipe.
&quot;fileExec&quot;: { # Executes an artifact or local file. # Executes an artifact or local file.
&quot;allowedExitCodes&quot;: [ # Defaults to [0]. A list of possible return values that the program
# can return to indicate a success.
42,
],
&quot;localPath&quot;: &quot;A String&quot;, # The absolute path of the file on the local filesystem.
&quot;args&quot;: [ # Arguments to be passed to the provided executable.
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # The id of the relevant artifact in the recipe.
},
&quot;archiveExtraction&quot;: { # Extracts an archive of the type specified in the specified directory. # Extracts an archive into the specified directory.
&quot;type&quot;: &quot;A String&quot;, # Required. The type of the archive to extract.
&quot;destination&quot;: &quot;A String&quot;, # Directory to extract archive to.
# Defaults to `/` on Linux or `C:\` on Windows.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;msiInstallation&quot;: { # Installs an MSI file. # Installs an MSI file.
&quot;flags&quot;: [ # The flags to use when installing the MSI
# defaults to [&quot;/i&quot;] (i.e. the install flag).
&quot;A String&quot;,
],
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;fileCopy&quot;: { # Copies the artifact to the specified path on the instance. # Copies a file onto the instance.
&quot;permissions&quot;: &quot;A String&quot;, # Consists of three octal digits which represent, in
# order, the permissions of the owner, group, and other users for the
# file (similarly to the numeric mode used in the linux chmod utility).
# Each digit represents a three bit number with the 4 bit
# corresponding to the read permissions, the 2 bit corresponds to the
# write bit, and the one bit corresponds to the execute permission.
# Default behavior is 755.
#
# Below are some examples of permissions and their associated values:
# read, write, and execute: 7
# read and execute: 5
# read and write: 6
# read only: 4
&quot;overwrite&quot;: True or False, # Whether to allow this step to overwrite existing files. If this is
# false and the file already exists the file is not overwritten
# and the step is considered a success. Defaults to false.
&quot;destination&quot;: &quot;A String&quot;, # Required. The absolute path on the instance to put the file.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;scriptRun&quot;: { # Runs a script through an interpreter. # Runs commands in a shell.
&quot;interpreter&quot;: &quot;A String&quot;, # The script interpreter to use to run the script. If no interpreter is
# specified the script is executed directly, which likely
# only succeed for scripts with
# [shebang lines](https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
&quot;script&quot;: &quot;A String&quot;, # Required. The shell script to be executed.
&quot;allowedExitCodes&quot;: [ # Return codes that indicate that the software installed or updated
# successfully. Behaviour defaults to [0]
42,
],
},
&quot;dpkgInstallation&quot;: { # Installs a deb via dpkg. # Installs a deb file via dpkg.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
&quot;rpmInstallation&quot;: { # Installs an rpm file via the rpm utility. # Installs an rpm file via the rpm utility.
&quot;artifactId&quot;: &quot;A String&quot;, # Required. The id of the relevant artifact in the recipe.
},
},
],
},
],
&quot;description&quot;: &quot;A String&quot;, # Description of the guest policy. Length of the description is limited
# to 1024 characters.
}</pre>
</div>
</body></html>