Patch management policy

Patch management policy is a security policy that installs patches and updates for the Microsoft and third-party products on the workload to close the discovered vulnerabilities. For more information on the Patch management functionality, see this section of the Acronis Cyber Protection User Guide.

The following example can be used when creating a protection plan with this protection policy:

Policy example

 1{
 2    # Put a unique ID of the policy here.
 3    "id": "",
 4    # Patch management policy type is 'policy.security.patch_management'
 5    'type': 'policy.security.patch_management',
 6    'parent_ids': [
 7        # Put the ID of total protection policy here.
 8    ],
 9    'origin': 'upstream',
10    'enabled': True,
11    'settings_schema': '2.0',
12    'settings': {
13        # An object with patch management settings of Microsoft products.
14        'microsoft': {
15            # Determines what updates will be installed. 'ALL' means that all available updates will be installed.
16            'update_option': 'ALL'
17        },
18        # An object with patch management settings of third-party products.
19        'other': {
20            # Determines what updates will be installed. 'ONLY_MAJOR' means that only major updates will be installed.
21            'update_option': 'ONLY_MAJOR'
22        },
23        # Determines whether the system must be rebooted after the update. 'NEVER' means that system will not be rebooted after the update.
24        'restart': 'NEVER',
25        # A number of minutes in which the system will be rebooted after the updated.
26        'restart_in': 0,
27        # An object with pre-update backup settings
28        'safety_backup': {
29            # Set to true to force creation of restore points with current backup settings before installing the update.
30            'enable_safety_backup': False
31        },
32        # An object with the schedule settings
33        'schedule': {
34            'activation': {
35                'action': 'run',
36                'timeout': {
37                    'count': 4294967295,
38                    'type': 'seconds'
39                }
40            },
41            'alarms': {
42                'time': {
43                    'rand_max_delay': {
44                        'count': 3600,
45                        'type': 'seconds'
46                    },
47                    'run_later': False,
48                    'time_from': {
49                        'hour': 15,
50                        'minute': 25,
51                        'second': 0
52                    },
53                    'wake_on_lan': False,
54                    'weekdays': [
55                        'mon'
56                    ]
57                }
58            },
59            'conditions': {},
60            'prevent_sleep': True,
61            'type': 'daily'
62        },
63        # Set to true to prevent system reboot until backup is finished.
64        'wait_backup_completion': True
65    }
66}