HEX
Server: Apache/2.4.41 (Ubuntu)
System: Linux ip-172-31-42-149 5.15.0-1084-aws #91~20.04.1-Ubuntu SMP Fri May 2 07:00:04 UTC 2025 aarch64
User: ubuntu (1000)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
Upload Files
File: //proc/self/root/usr/local/aws-cli/v2/dist/awscli/examples/ssm/update-patch-baseline.rst
**Example 1: To update a patch baseline**

The following ``update-patch-baseline`` example adds the specified two patches as rejected and one patch as approved to the specified patch baseline. ::

    aws ssm update-patch-baseline \
            --baseline-id "pb-0123456789abcdef0" \
            --rejected-patches "KB2032276" "MS10-048" \
            --approved-patches "KB2124261"

Output::

    {
        "BaselineId": "pb-0123456789abcdef0",
        "Name": "WindowsPatching",
        "OperatingSystem": "WINDOWS",
        "GlobalFilters": {
            "PatchFilters": []
        },
        "ApprovalRules": {
            "PatchRules": [
                {
                    "PatchFilterGroup": {
                        "PatchFilters": [
                            {
                                "Key": "PRODUCT",
                                "Values": [
                                    "WindowsServer2016"
                                ]
                            }
                        ]
                    },
                    "ComplianceLevel": "CRITICAL",
                    "ApproveAfterDays": 0,
                    "EnableNonSecurity": false
                }
            ]
        },
        "ApprovedPatches": [
            "KB2124261"
        ],
        "ApprovedPatchesComplianceLevel": "UNSPECIFIED",
        "ApprovedPatchesEnableNonSecurity": false,
        "RejectedPatches": [
            "KB2032276",
            "MS10-048"
        ],
        "RejectedPatchesAction": "ALLOW_AS_DEPENDENCY",
        "CreatedDate": 1550244180.465,
        "ModifiedDate": 1550244180.465,
        "Description": "Patches for Windows Servers",
        "Sources": []
    }

**Example 2: To rename a patch baseline**

The following ``update-patch-baseline`` example renames theh specified patch baseline. ::

    aws ssm update-patch-baseline \
        --baseline-id "pb-0713accee01234567" \
        --name "Windows-Server-2012-R2-Important-and-Critical-Security-Updates"

For more information, see `Update or Delete a Patch Baseline` <https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-baseline-update-or-delete.html>`__ in the *AWS Systems Manager User Guide*.