Patch management policy

Patch management policy is a security policy that installs patches and updates for the Microsoft and third-party products on the workload to close the discovered vulnerabilities.

For more information on the Patch management functionality, refer to https://www.acronis.com/en-us/support/documentation/CyberProtectionService/index.html#47009

The following example can be used when creating a protection plan with this protection policy:

Policy example

 1{
 2    # Put a unique ID of the policy here.
 3    "id": "",
 4    # Patch management policy type is 'policy.security.patch_management'
 5    'type': 'policy.security.patch_management',
 6    'parent_ids': [
 7        # Put the ID of total protection policy here.
 8    ],
 9    'origin': 'upstream',
10    'enabled': True,
11    'settings_schema': '2.0',
12    'settings': {
13        # An object with patch management settings of Microsoft products.
14        'microsoft': {
15            # Determines what updates will be installed. 'ALL' means that all available updates will be installed.
16            'update_option': 'ALL'
17        },
18        # An object with patch management settings of third-party products.
19        'other': {
20            # Determines what updates will be installed. 'ONLY_MAJOR' means that only major updates will be installed.
21            'update_option': 'ONLY_MAJOR'
22        },
23        # Determines whether the system must be rebooted after the update. 'NEVER' means that system will not be rebooted after the update.
24        'restart': 'NEVER',
25        # A number of minutes in which the system will be rebooted after the updated.
26        'restart_in': 0,
27        # An object with pre-update backup settings
28        'safety_backup': {
29            # Set to true to force creation of restore points with current backup settings before installing the update.
30            'enable_safety_backup': False
31        },
32        # An object with the schedule settings
33        'schedule': {
34            'activation': {
35                'action': 'run',
36                'timeout': {
37                    'count': 4294967295,
38                    'type': 'seconds'
39                }
40            },
41            'alarms': {
42                'time': {
43                    'rand_max_delay': {
44                        'count': 3600,
45                        'type': 'seconds'
46                    },
47                    'run_later': False,
48                    'time_from': {
49                        'hour': 15,
50                        'minute': 25,
51                        'second': 0
52                    },
53                    'wake_on_lan': False,
54                    'weekdays': [
55                        'mon'
56                    ]
57                }
58            },
59            'conditions': {},
60            'prevent_sleep': True,
61            'type': 'daily'
62        },
63        # Set to true to prevent system reboot until backup is finished.
64        'wait_backup_completion': True
65    }
66}