oci.Adm.VulnerabilityAudit
Explore with Pulumi AI
This resource provides the Vulnerability Audit resource in Oracle Cloud Infrastructure Adm service.
Creates a new Vulnerability Audit by providing a tree of Application Dependencies.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testVulnerabilityAudit = new oci.adm.VulnerabilityAudit("test_vulnerability_audit", {
knowledgeBaseId: testKnowledgeBase.id,
applicationDependencies: [{
nodeId: testNode.id,
applicationDependencyNodeIds: vulnerabilityAuditApplicationDependenciesApplicationDependencyNodeIds,
gav: vulnerabilityAuditApplicationDependenciesGav,
purl: vulnerabilityAuditApplicationDependenciesPurl,
}],
buildType: vulnerabilityAuditBuildType,
compartmentId: compartmentId,
configuration: {
exclusions: vulnerabilityAuditConfigurationExclusions,
maxPermissibleCvssV2score: vulnerabilityAuditConfigurationMaxPermissibleCvssV2score,
maxPermissibleCvssV3score: vulnerabilityAuditConfigurationMaxPermissibleCvssV3score,
maxPermissibleSeverity: vulnerabilityAuditConfigurationMaxPermissibleSeverity,
},
definedTags: {
"foo-namespace.bar-key": "value",
},
displayName: vulnerabilityAuditDisplayName,
freeformTags: {
"bar-key": "value",
},
source: {
type: vulnerabilityAuditSourceType,
description: vulnerabilityAuditSourceDescription,
ociResourceId: testOciResource.id,
},
usageData: {
bucket: vulnerabilityAuditUsageDataBucket,
namespace: vulnerabilityAuditUsageDataNamespace,
object: vulnerabilityAuditUsageDataObject,
sourceType: vulnerabilityAuditUsageDataSourceType,
},
});
import pulumi
import pulumi_oci as oci
test_vulnerability_audit = oci.adm.VulnerabilityAudit("test_vulnerability_audit",
knowledge_base_id=test_knowledge_base["id"],
application_dependencies=[{
"node_id": test_node["id"],
"application_dependency_node_ids": vulnerability_audit_application_dependencies_application_dependency_node_ids,
"gav": vulnerability_audit_application_dependencies_gav,
"purl": vulnerability_audit_application_dependencies_purl,
}],
build_type=vulnerability_audit_build_type,
compartment_id=compartment_id,
configuration={
"exclusions": vulnerability_audit_configuration_exclusions,
"max_permissible_cvss_v2score": vulnerability_audit_configuration_max_permissible_cvss_v2score,
"max_permissible_cvss_v3score": vulnerability_audit_configuration_max_permissible_cvss_v3score,
"max_permissible_severity": vulnerability_audit_configuration_max_permissible_severity,
},
defined_tags={
"foo-namespace.bar-key": "value",
},
display_name=vulnerability_audit_display_name,
freeform_tags={
"bar-key": "value",
},
source={
"type": vulnerability_audit_source_type,
"description": vulnerability_audit_source_description,
"oci_resource_id": test_oci_resource["id"],
},
usage_data={
"bucket": vulnerability_audit_usage_data_bucket,
"namespace": vulnerability_audit_usage_data_namespace,
"object": vulnerability_audit_usage_data_object,
"source_type": vulnerability_audit_usage_data_source_type,
})
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/Adm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := Adm.NewVulnerabilityAudit(ctx, "test_vulnerability_audit", &Adm.VulnerabilityAuditArgs{
KnowledgeBaseId: pulumi.Any(testKnowledgeBase.Id),
ApplicationDependencies: adm.VulnerabilityAuditApplicationDependencyArray{
&adm.VulnerabilityAuditApplicationDependencyArgs{
NodeId: pulumi.Any(testNode.Id),
ApplicationDependencyNodeIds: pulumi.Any(vulnerabilityAuditApplicationDependenciesApplicationDependencyNodeIds),
Gav: pulumi.Any(vulnerabilityAuditApplicationDependenciesGav),
Purl: pulumi.Any(vulnerabilityAuditApplicationDependenciesPurl),
},
},
BuildType: pulumi.Any(vulnerabilityAuditBuildType),
CompartmentId: pulumi.Any(compartmentId),
Configuration: &adm.VulnerabilityAuditConfigurationArgs{
Exclusions: pulumi.Any(vulnerabilityAuditConfigurationExclusions),
MaxPermissibleCvssV2score: pulumi.Any(vulnerabilityAuditConfigurationMaxPermissibleCvssV2score),
MaxPermissibleCvssV3score: pulumi.Any(vulnerabilityAuditConfigurationMaxPermissibleCvssV3score),
MaxPermissibleSeverity: pulumi.Any(vulnerabilityAuditConfigurationMaxPermissibleSeverity),
},
DefinedTags: pulumi.StringMap{
"foo-namespace.bar-key": pulumi.String("value"),
},
DisplayName: pulumi.Any(vulnerabilityAuditDisplayName),
FreeformTags: pulumi.StringMap{
"bar-key": pulumi.String("value"),
},
Source: &adm.VulnerabilityAuditSourceArgs{
Type: pulumi.Any(vulnerabilityAuditSourceType),
Description: pulumi.Any(vulnerabilityAuditSourceDescription),
OciResourceId: pulumi.Any(testOciResource.Id),
},
UsageData: &adm.VulnerabilityAuditUsageDataArgs{
Bucket: pulumi.Any(vulnerabilityAuditUsageDataBucket),
Namespace: pulumi.Any(vulnerabilityAuditUsageDataNamespace),
Object: pulumi.Any(vulnerabilityAuditUsageDataObject),
SourceType: pulumi.Any(vulnerabilityAuditUsageDataSourceType),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testVulnerabilityAudit = new Oci.Adm.VulnerabilityAudit("test_vulnerability_audit", new()
{
KnowledgeBaseId = testKnowledgeBase.Id,
ApplicationDependencies = new[]
{
new Oci.Adm.Inputs.VulnerabilityAuditApplicationDependencyArgs
{
NodeId = testNode.Id,
ApplicationDependencyNodeIds = vulnerabilityAuditApplicationDependenciesApplicationDependencyNodeIds,
Gav = vulnerabilityAuditApplicationDependenciesGav,
Purl = vulnerabilityAuditApplicationDependenciesPurl,
},
},
BuildType = vulnerabilityAuditBuildType,
CompartmentId = compartmentId,
Configuration = new Oci.Adm.Inputs.VulnerabilityAuditConfigurationArgs
{
Exclusions = vulnerabilityAuditConfigurationExclusions,
MaxPermissibleCvssV2score = vulnerabilityAuditConfigurationMaxPermissibleCvssV2score,
MaxPermissibleCvssV3score = vulnerabilityAuditConfigurationMaxPermissibleCvssV3score,
MaxPermissibleSeverity = vulnerabilityAuditConfigurationMaxPermissibleSeverity,
},
DefinedTags =
{
{ "foo-namespace.bar-key", "value" },
},
DisplayName = vulnerabilityAuditDisplayName,
FreeformTags =
{
{ "bar-key", "value" },
},
Source = new Oci.Adm.Inputs.VulnerabilityAuditSourceArgs
{
Type = vulnerabilityAuditSourceType,
Description = vulnerabilityAuditSourceDescription,
OciResourceId = testOciResource.Id,
},
UsageData = new Oci.Adm.Inputs.VulnerabilityAuditUsageDataArgs
{
Bucket = vulnerabilityAuditUsageDataBucket,
Namespace = vulnerabilityAuditUsageDataNamespace,
Object = vulnerabilityAuditUsageDataObject,
SourceType = vulnerabilityAuditUsageDataSourceType,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Adm.VulnerabilityAudit;
import com.pulumi.oci.Adm.VulnerabilityAuditArgs;
import com.pulumi.oci.Adm.inputs.VulnerabilityAuditApplicationDependencyArgs;
import com.pulumi.oci.Adm.inputs.VulnerabilityAuditConfigurationArgs;
import com.pulumi.oci.Adm.inputs.VulnerabilityAuditSourceArgs;
import com.pulumi.oci.Adm.inputs.VulnerabilityAuditUsageDataArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testVulnerabilityAudit = new VulnerabilityAudit("testVulnerabilityAudit", VulnerabilityAuditArgs.builder()
.knowledgeBaseId(testKnowledgeBase.id())
.applicationDependencies(VulnerabilityAuditApplicationDependencyArgs.builder()
.nodeId(testNode.id())
.applicationDependencyNodeIds(vulnerabilityAuditApplicationDependenciesApplicationDependencyNodeIds)
.gav(vulnerabilityAuditApplicationDependenciesGav)
.purl(vulnerabilityAuditApplicationDependenciesPurl)
.build())
.buildType(vulnerabilityAuditBuildType)
.compartmentId(compartmentId)
.configuration(VulnerabilityAuditConfigurationArgs.builder()
.exclusions(vulnerabilityAuditConfigurationExclusions)
.maxPermissibleCvssV2score(vulnerabilityAuditConfigurationMaxPermissibleCvssV2score)
.maxPermissibleCvssV3score(vulnerabilityAuditConfigurationMaxPermissibleCvssV3score)
.maxPermissibleSeverity(vulnerabilityAuditConfigurationMaxPermissibleSeverity)
.build())
.definedTags(Map.of("foo-namespace.bar-key", "value"))
.displayName(vulnerabilityAuditDisplayName)
.freeformTags(Map.of("bar-key", "value"))
.source(VulnerabilityAuditSourceArgs.builder()
.type(vulnerabilityAuditSourceType)
.description(vulnerabilityAuditSourceDescription)
.ociResourceId(testOciResource.id())
.build())
.usageData(VulnerabilityAuditUsageDataArgs.builder()
.bucket(vulnerabilityAuditUsageDataBucket)
.namespace(vulnerabilityAuditUsageDataNamespace)
.object(vulnerabilityAuditUsageDataObject)
.sourceType(vulnerabilityAuditUsageDataSourceType)
.build())
.build());
}
}
resources:
testVulnerabilityAudit:
type: oci:Adm:VulnerabilityAudit
name: test_vulnerability_audit
properties:
knowledgeBaseId: ${testKnowledgeBase.id}
applicationDependencies:
- nodeId: ${testNode.id}
applicationDependencyNodeIds: ${vulnerabilityAuditApplicationDependenciesApplicationDependencyNodeIds}
gav: ${vulnerabilityAuditApplicationDependenciesGav}
purl: ${vulnerabilityAuditApplicationDependenciesPurl}
buildType: ${vulnerabilityAuditBuildType}
compartmentId: ${compartmentId}
configuration:
exclusions: ${vulnerabilityAuditConfigurationExclusions}
maxPermissibleCvssV2score: ${vulnerabilityAuditConfigurationMaxPermissibleCvssV2score}
maxPermissibleCvssV3score: ${vulnerabilityAuditConfigurationMaxPermissibleCvssV3score}
maxPermissibleSeverity: ${vulnerabilityAuditConfigurationMaxPermissibleSeverity}
definedTags:
foo-namespace.bar-key: value
displayName: ${vulnerabilityAuditDisplayName}
freeformTags:
bar-key: value
source:
type: ${vulnerabilityAuditSourceType}
description: ${vulnerabilityAuditSourceDescription}
ociResourceId: ${testOciResource.id}
usageData:
bucket: ${vulnerabilityAuditUsageDataBucket}
namespace: ${vulnerabilityAuditUsageDataNamespace}
object: ${vulnerabilityAuditUsageDataObject}
sourceType: ${vulnerabilityAuditUsageDataSourceType}
Create VulnerabilityAudit Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new VulnerabilityAudit(name: string, args: VulnerabilityAuditArgs, opts?: CustomResourceOptions);
@overload
def VulnerabilityAudit(resource_name: str,
args: VulnerabilityAuditArgs,
opts: Optional[ResourceOptions] = None)
@overload
def VulnerabilityAudit(resource_name: str,
opts: Optional[ResourceOptions] = None,
knowledge_base_id: Optional[str] = None,
application_dependencies: Optional[Sequence[_adm.VulnerabilityAuditApplicationDependencyArgs]] = None,
build_type: Optional[str] = None,
compartment_id: Optional[str] = None,
configuration: Optional[_adm.VulnerabilityAuditConfigurationArgs] = None,
defined_tags: Optional[Mapping[str, str]] = None,
display_name: Optional[str] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
source: Optional[_adm.VulnerabilityAuditSourceArgs] = None,
usage_data: Optional[_adm.VulnerabilityAuditUsageDataArgs] = None)
func NewVulnerabilityAudit(ctx *Context, name string, args VulnerabilityAuditArgs, opts ...ResourceOption) (*VulnerabilityAudit, error)
public VulnerabilityAudit(string name, VulnerabilityAuditArgs args, CustomResourceOptions? opts = null)
public VulnerabilityAudit(String name, VulnerabilityAuditArgs args)
public VulnerabilityAudit(String name, VulnerabilityAuditArgs args, CustomResourceOptions options)
type: oci:Adm:VulnerabilityAudit
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args VulnerabilityAuditArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args VulnerabilityAuditArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args VulnerabilityAuditArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args VulnerabilityAuditArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args VulnerabilityAuditArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var vulnerabilityAuditResource = new Oci.Adm.VulnerabilityAudit("vulnerabilityAuditResource", new()
{
KnowledgeBaseId = "string",
ApplicationDependencies = new[]
{
new Oci.Adm.Inputs.VulnerabilityAuditApplicationDependencyArgs
{
NodeId = "string",
ApplicationDependencyNodeIds = new[]
{
"string",
},
Gav = "string",
Purl = "string",
},
},
BuildType = "string",
CompartmentId = "string",
Configuration = new Oci.Adm.Inputs.VulnerabilityAuditConfigurationArgs
{
Exclusions = new[]
{
"string",
},
MaxPermissibleCvssV2score = 0,
MaxPermissibleCvssV3score = 0,
MaxPermissibleSeverity = "string",
},
DefinedTags =
{
{ "string", "string" },
},
DisplayName = "string",
FreeformTags =
{
{ "string", "string" },
},
Source = new Oci.Adm.Inputs.VulnerabilityAuditSourceArgs
{
Type = "string",
Description = "string",
OciResourceId = "string",
},
UsageData = new Oci.Adm.Inputs.VulnerabilityAuditUsageDataArgs
{
Bucket = "string",
Namespace = "string",
Object = "string",
SourceType = "string",
},
});
example, err := Adm.NewVulnerabilityAudit(ctx, "vulnerabilityAuditResource", &Adm.VulnerabilityAuditArgs{
KnowledgeBaseId: pulumi.String("string"),
ApplicationDependencies: adm.VulnerabilityAuditApplicationDependencyArray{
&adm.VulnerabilityAuditApplicationDependencyArgs{
NodeId: pulumi.String("string"),
ApplicationDependencyNodeIds: pulumi.StringArray{
pulumi.String("string"),
},
Gav: pulumi.String("string"),
Purl: pulumi.String("string"),
},
},
BuildType: pulumi.String("string"),
CompartmentId: pulumi.String("string"),
Configuration: &adm.VulnerabilityAuditConfigurationArgs{
Exclusions: pulumi.StringArray{
pulumi.String("string"),
},
MaxPermissibleCvssV2score: pulumi.Float64(0),
MaxPermissibleCvssV3score: pulumi.Float64(0),
MaxPermissibleSeverity: pulumi.String("string"),
},
DefinedTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
DisplayName: pulumi.String("string"),
FreeformTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
Source: &adm.VulnerabilityAuditSourceArgs{
Type: pulumi.String("string"),
Description: pulumi.String("string"),
OciResourceId: pulumi.String("string"),
},
UsageData: &adm.VulnerabilityAuditUsageDataArgs{
Bucket: pulumi.String("string"),
Namespace: pulumi.String("string"),
Object: pulumi.String("string"),
SourceType: pulumi.String("string"),
},
})
var vulnerabilityAuditResource = new VulnerabilityAudit("vulnerabilityAuditResource", VulnerabilityAuditArgs.builder()
.knowledgeBaseId("string")
.applicationDependencies(VulnerabilityAuditApplicationDependencyArgs.builder()
.nodeId("string")
.applicationDependencyNodeIds("string")
.gav("string")
.purl("string")
.build())
.buildType("string")
.compartmentId("string")
.configuration(VulnerabilityAuditConfigurationArgs.builder()
.exclusions("string")
.maxPermissibleCvssV2score(0)
.maxPermissibleCvssV3score(0)
.maxPermissibleSeverity("string")
.build())
.definedTags(Map.of("string", "string"))
.displayName("string")
.freeformTags(Map.of("string", "string"))
.source(VulnerabilityAuditSourceArgs.builder()
.type("string")
.description("string")
.ociResourceId("string")
.build())
.usageData(VulnerabilityAuditUsageDataArgs.builder()
.bucket("string")
.namespace("string")
.object("string")
.sourceType("string")
.build())
.build());
vulnerability_audit_resource = oci.adm.VulnerabilityAudit("vulnerabilityAuditResource",
knowledge_base_id="string",
application_dependencies=[{
"node_id": "string",
"application_dependency_node_ids": ["string"],
"gav": "string",
"purl": "string",
}],
build_type="string",
compartment_id="string",
configuration={
"exclusions": ["string"],
"max_permissible_cvss_v2score": 0,
"max_permissible_cvss_v3score": 0,
"max_permissible_severity": "string",
},
defined_tags={
"string": "string",
},
display_name="string",
freeform_tags={
"string": "string",
},
source={
"type": "string",
"description": "string",
"oci_resource_id": "string",
},
usage_data={
"bucket": "string",
"namespace": "string",
"object": "string",
"source_type": "string",
})
const vulnerabilityAuditResource = new oci.adm.VulnerabilityAudit("vulnerabilityAuditResource", {
knowledgeBaseId: "string",
applicationDependencies: [{
nodeId: "string",
applicationDependencyNodeIds: ["string"],
gav: "string",
purl: "string",
}],
buildType: "string",
compartmentId: "string",
configuration: {
exclusions: ["string"],
maxPermissibleCvssV2score: 0,
maxPermissibleCvssV3score: 0,
maxPermissibleSeverity: "string",
},
definedTags: {
string: "string",
},
displayName: "string",
freeformTags: {
string: "string",
},
source: {
type: "string",
description: "string",
ociResourceId: "string",
},
usageData: {
bucket: "string",
namespace: "string",
object: "string",
sourceType: "string",
},
});
type: oci:Adm:VulnerabilityAudit
properties:
applicationDependencies:
- applicationDependencyNodeIds:
- string
gav: string
nodeId: string
purl: string
buildType: string
compartmentId: string
configuration:
exclusions:
- string
maxPermissibleCvssV2score: 0
maxPermissibleCvssV3score: 0
maxPermissibleSeverity: string
definedTags:
string: string
displayName: string
freeformTags:
string: string
knowledgeBaseId: string
source:
description: string
ociResourceId: string
type: string
usageData:
bucket: string
namespace: string
object: string
sourceType: string
VulnerabilityAudit Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The VulnerabilityAudit resource accepts the following input properties:
- Knowledge
Base stringId - The Oracle Cloud identifier (OCID) of the knowledge base.
- Application
Dependencies List<VulnerabilityAudit Application Dependency> - List of application dependencies (without vulnerabilities).
- Build
Type string - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- Compartment
Id string - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- Configuration
Vulnerability
Audit Configuration - Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- Display
Name string - (Updatable) The name of the vulnerability audit.
- Dictionary<string, string>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- Source
Vulnerability
Audit Source - vulnerability audit source.
- Usage
Data VulnerabilityAudit Usage Data - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
- Knowledge
Base stringId - The Oracle Cloud identifier (OCID) of the knowledge base.
- Application
Dependencies []VulnerabilityAudit Application Dependency Args - List of application dependencies (without vulnerabilities).
- Build
Type string - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- Compartment
Id string - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- Configuration
Vulnerability
Audit Configuration Args - Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- Display
Name string - (Updatable) The name of the vulnerability audit.
- map[string]string
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- Source
Vulnerability
Audit Source Args - vulnerability audit source.
- Usage
Data VulnerabilityAudit Usage Data Args - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
- knowledge
Base StringId - The Oracle Cloud identifier (OCID) of the knowledge base.
- application
Dependencies List<VulnerabilityAudit Application Dependency> - List of application dependencies (without vulnerabilities).
- build
Type String - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- compartment
Id String - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- configuration
Vulnerability
Audit Configuration - Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display
Name String - (Updatable) The name of the vulnerability audit.
- Map<String,String>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- source
Vulnerability
Audit Source - vulnerability audit source.
- usage
Data VulnerabilityAudit Usage Data - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
- knowledge
Base stringId - The Oracle Cloud identifier (OCID) of the knowledge base.
- application
Dependencies VulnerabilityAudit Application Dependency[] - List of application dependencies (without vulnerabilities).
- build
Type string - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- compartment
Id string - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- configuration
Vulnerability
Audit Configuration - Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display
Name string - (Updatable) The name of the vulnerability audit.
- {[key: string]: string}
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- source
Vulnerability
Audit Source - vulnerability audit source.
- usage
Data VulnerabilityAudit Usage Data - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
- knowledge_
base_ strid - The Oracle Cloud identifier (OCID) of the knowledge base.
- application_
dependencies Sequence[adm.Vulnerability Audit Application Dependency Args] - List of application dependencies (without vulnerabilities).
- build_
type str - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- compartment_
id str - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- configuration
adm.
Vulnerability Audit Configuration Args - Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display_
name str - (Updatable) The name of the vulnerability audit.
- Mapping[str, str]
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- source
adm.
Vulnerability Audit Source Args - vulnerability audit source.
- usage_
data adm.Vulnerability Audit Usage Data Args - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
- knowledge
Base StringId - The Oracle Cloud identifier (OCID) of the knowledge base.
- application
Dependencies List<Property Map> - List of application dependencies (without vulnerabilities).
- build
Type String - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- compartment
Id String - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- configuration Property Map
- Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display
Name String - (Updatable) The name of the vulnerability audit.
- Map<String>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- source Property Map
- vulnerability audit source.
- usage
Data Property Map - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
Outputs
All input properties are implicitly available as output properties. Additionally, the VulnerabilityAudit resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Is
Success bool - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - Lifecycle
Details string - Details on the lifecycle state.
- Max
Observed doubleCvss V2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- Max
Observed doubleCvss V2score With Ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- Max
Observed doubleCvss V3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- Max
Observed doubleCvss V3score With Ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- Max
Observed stringSeverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- Max
Observed stringSeverity With Ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- State string
- The current lifecycle state of the vulnerability audit.
- Dictionary<string, string>
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- Time
Created string - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- Time
Updated string - The update date and time of the vulnerability audit (formatted according to RFC3339).
- Vulnerabilities
List<Vulnerability
Audit Vulnerability> - List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- Vulnerable
Artifacts intCount - Count of non-ignored vulnerable application dependencies.
- Vulnerable
Artifacts intCount With Ignored - Count of all vulnerable application dependencies.
- Id string
- The provider-assigned unique ID for this managed resource.
- Is
Success bool - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - Lifecycle
Details string - Details on the lifecycle state.
- Max
Observed float64Cvss V2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- Max
Observed float64Cvss V2score With Ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- Max
Observed float64Cvss V3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- Max
Observed float64Cvss V3score With Ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- Max
Observed stringSeverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- Max
Observed stringSeverity With Ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- State string
- The current lifecycle state of the vulnerability audit.
- map[string]string
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- Time
Created string - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- Time
Updated string - The update date and time of the vulnerability audit (formatted according to RFC3339).
- Vulnerabilities
[]Vulnerability
Audit Vulnerability - List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- Vulnerable
Artifacts intCount - Count of non-ignored vulnerable application dependencies.
- Vulnerable
Artifacts intCount With Ignored - Count of all vulnerable application dependencies.
- id String
- The provider-assigned unique ID for this managed resource.
- is
Success Boolean - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - lifecycle
Details String - Details on the lifecycle state.
- max
Observed DoubleCvss V2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- max
Observed DoubleCvss V2score With Ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- max
Observed DoubleCvss V3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- max
Observed DoubleCvss V3score With Ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- max
Observed StringSeverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- max
Observed StringSeverity With Ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- state String
- The current lifecycle state of the vulnerability audit.
- Map<String,String>
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created String - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- time
Updated String - The update date and time of the vulnerability audit (formatted according to RFC3339).
- vulnerabilities
List<Vulnerability
Audit Vulnerability> - List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- vulnerable
Artifacts IntegerCount - Count of non-ignored vulnerable application dependencies.
- vulnerable
Artifacts IntegerCount With Ignored - Count of all vulnerable application dependencies.
- id string
- The provider-assigned unique ID for this managed resource.
- is
Success boolean - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - lifecycle
Details string - Details on the lifecycle state.
- max
Observed numberCvss V2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- max
Observed numberCvss V2score With Ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- max
Observed numberCvss V3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- max
Observed numberCvss V3score With Ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- max
Observed stringSeverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- max
Observed stringSeverity With Ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- state string
- The current lifecycle state of the vulnerability audit.
- {[key: string]: string}
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created string - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- time
Updated string - The update date and time of the vulnerability audit (formatted according to RFC3339).
- vulnerabilities
Vulnerability
Audit Vulnerability[] - List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- vulnerable
Artifacts numberCount - Count of non-ignored vulnerable application dependencies.
- vulnerable
Artifacts numberCount With Ignored - Count of all vulnerable application dependencies.
- id str
- The provider-assigned unique ID for this managed resource.
- is_
success bool - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - lifecycle_
details str - Details on the lifecycle state.
- max_
observed_ floatcvss_ v2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- max_
observed_ floatcvss_ v2score_ with_ ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- max_
observed_ floatcvss_ v3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- max_
observed_ floatcvss_ v3score_ with_ ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- max_
observed_ strseverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- max_
observed_ strseverity_ with_ ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- state str
- The current lifecycle state of the vulnerability audit.
- Mapping[str, str]
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time_
created str - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- time_
updated str - The update date and time of the vulnerability audit (formatted according to RFC3339).
- vulnerabilities
Sequence[adm.
Vulnerability Audit Vulnerability] - List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- vulnerable_
artifacts_ intcount - Count of non-ignored vulnerable application dependencies.
- vulnerable_
artifacts_ intcount_ with_ ignored - Count of all vulnerable application dependencies.
- id String
- The provider-assigned unique ID for this managed resource.
- is
Success Boolean - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - lifecycle
Details String - Details on the lifecycle state.
- max
Observed NumberCvss V2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- max
Observed NumberCvss V2score With Ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- max
Observed NumberCvss V3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- max
Observed NumberCvss V3score With Ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- max
Observed StringSeverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- max
Observed StringSeverity With Ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- state String
- The current lifecycle state of the vulnerability audit.
- Map<String>
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created String - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- time
Updated String - The update date and time of the vulnerability audit (formatted according to RFC3339).
- vulnerabilities List<Property Map>
- List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- vulnerable
Artifacts NumberCount - Count of non-ignored vulnerable application dependencies.
- vulnerable
Artifacts NumberCount With Ignored - Count of all vulnerable application dependencies.
Look up Existing VulnerabilityAudit Resource
Get an existing VulnerabilityAudit resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: VulnerabilityAuditState, opts?: CustomResourceOptions): VulnerabilityAudit
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
application_dependencies: Optional[Sequence[_adm.VulnerabilityAuditApplicationDependencyArgs]] = None,
build_type: Optional[str] = None,
compartment_id: Optional[str] = None,
configuration: Optional[_adm.VulnerabilityAuditConfigurationArgs] = None,
defined_tags: Optional[Mapping[str, str]] = None,
display_name: Optional[str] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
is_success: Optional[bool] = None,
knowledge_base_id: Optional[str] = None,
lifecycle_details: Optional[str] = None,
max_observed_cvss_v2score: Optional[float] = None,
max_observed_cvss_v2score_with_ignored: Optional[float] = None,
max_observed_cvss_v3score: Optional[float] = None,
max_observed_cvss_v3score_with_ignored: Optional[float] = None,
max_observed_severity: Optional[str] = None,
max_observed_severity_with_ignored: Optional[str] = None,
source: Optional[_adm.VulnerabilityAuditSourceArgs] = None,
state: Optional[str] = None,
system_tags: Optional[Mapping[str, str]] = None,
time_created: Optional[str] = None,
time_updated: Optional[str] = None,
usage_data: Optional[_adm.VulnerabilityAuditUsageDataArgs] = None,
vulnerabilities: Optional[Sequence[_adm.VulnerabilityAuditVulnerabilityArgs]] = None,
vulnerable_artifacts_count: Optional[int] = None,
vulnerable_artifacts_count_with_ignored: Optional[int] = None) -> VulnerabilityAudit
func GetVulnerabilityAudit(ctx *Context, name string, id IDInput, state *VulnerabilityAuditState, opts ...ResourceOption) (*VulnerabilityAudit, error)
public static VulnerabilityAudit Get(string name, Input<string> id, VulnerabilityAuditState? state, CustomResourceOptions? opts = null)
public static VulnerabilityAudit get(String name, Output<String> id, VulnerabilityAuditState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Application
Dependencies List<VulnerabilityAudit Application Dependency> - List of application dependencies (without vulnerabilities).
- Build
Type string - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- Compartment
Id string - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- Configuration
Vulnerability
Audit Configuration - Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- Display
Name string - (Updatable) The name of the vulnerability audit.
- Dictionary<string, string>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- Is
Success bool - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - Knowledge
Base stringId - The Oracle Cloud identifier (OCID) of the knowledge base.
- Lifecycle
Details string - Details on the lifecycle state.
- Max
Observed doubleCvss V2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- Max
Observed doubleCvss V2score With Ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- Max
Observed doubleCvss V3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- Max
Observed doubleCvss V3score With Ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- Max
Observed stringSeverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- Max
Observed stringSeverity With Ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- Source
Vulnerability
Audit Source - vulnerability audit source.
- State string
- The current lifecycle state of the vulnerability audit.
- Dictionary<string, string>
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- Time
Created string - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- Time
Updated string - The update date and time of the vulnerability audit (formatted according to RFC3339).
- Usage
Data VulnerabilityAudit Usage Data - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name. - Vulnerabilities
List<Vulnerability
Audit Vulnerability> - List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- Vulnerable
Artifacts intCount - Count of non-ignored vulnerable application dependencies.
- Vulnerable
Artifacts intCount With Ignored - Count of all vulnerable application dependencies.
- Application
Dependencies []VulnerabilityAudit Application Dependency Args - List of application dependencies (without vulnerabilities).
- Build
Type string - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- Compartment
Id string - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- Configuration
Vulnerability
Audit Configuration Args - Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- Display
Name string - (Updatable) The name of the vulnerability audit.
- map[string]string
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- Is
Success bool - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - Knowledge
Base stringId - The Oracle Cloud identifier (OCID) of the knowledge base.
- Lifecycle
Details string - Details on the lifecycle state.
- Max
Observed float64Cvss V2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- Max
Observed float64Cvss V2score With Ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- Max
Observed float64Cvss V3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- Max
Observed float64Cvss V3score With Ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- Max
Observed stringSeverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- Max
Observed stringSeverity With Ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- Source
Vulnerability
Audit Source Args - vulnerability audit source.
- State string
- The current lifecycle state of the vulnerability audit.
- map[string]string
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- Time
Created string - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- Time
Updated string - The update date and time of the vulnerability audit (formatted according to RFC3339).
- Usage
Data VulnerabilityAudit Usage Data Args - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name. - Vulnerabilities
[]Vulnerability
Audit Vulnerability Args - List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- Vulnerable
Artifacts intCount - Count of non-ignored vulnerable application dependencies.
- Vulnerable
Artifacts intCount With Ignored - Count of all vulnerable application dependencies.
- application
Dependencies List<VulnerabilityAudit Application Dependency> - List of application dependencies (without vulnerabilities).
- build
Type String - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- compartment
Id String - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- configuration
Vulnerability
Audit Configuration - Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display
Name String - (Updatable) The name of the vulnerability audit.
- Map<String,String>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- is
Success Boolean - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - knowledge
Base StringId - The Oracle Cloud identifier (OCID) of the knowledge base.
- lifecycle
Details String - Details on the lifecycle state.
- max
Observed DoubleCvss V2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- max
Observed DoubleCvss V2score With Ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- max
Observed DoubleCvss V3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- max
Observed DoubleCvss V3score With Ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- max
Observed StringSeverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- max
Observed StringSeverity With Ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- source
Vulnerability
Audit Source - vulnerability audit source.
- state String
- The current lifecycle state of the vulnerability audit.
- Map<String,String>
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created String - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- time
Updated String - The update date and time of the vulnerability audit (formatted according to RFC3339).
- usage
Data VulnerabilityAudit Usage Data - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name. - vulnerabilities
List<Vulnerability
Audit Vulnerability> - List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- vulnerable
Artifacts IntegerCount - Count of non-ignored vulnerable application dependencies.
- vulnerable
Artifacts IntegerCount With Ignored - Count of all vulnerable application dependencies.
- application
Dependencies VulnerabilityAudit Application Dependency[] - List of application dependencies (without vulnerabilities).
- build
Type string - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- compartment
Id string - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- configuration
Vulnerability
Audit Configuration - Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display
Name string - (Updatable) The name of the vulnerability audit.
- {[key: string]: string}
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- is
Success boolean - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - knowledge
Base stringId - The Oracle Cloud identifier (OCID) of the knowledge base.
- lifecycle
Details string - Details on the lifecycle state.
- max
Observed numberCvss V2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- max
Observed numberCvss V2score With Ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- max
Observed numberCvss V3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- max
Observed numberCvss V3score With Ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- max
Observed stringSeverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- max
Observed stringSeverity With Ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- source
Vulnerability
Audit Source - vulnerability audit source.
- state string
- The current lifecycle state of the vulnerability audit.
- {[key: string]: string}
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created string - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- time
Updated string - The update date and time of the vulnerability audit (formatted according to RFC3339).
- usage
Data VulnerabilityAudit Usage Data - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name. - vulnerabilities
Vulnerability
Audit Vulnerability[] - List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- vulnerable
Artifacts numberCount - Count of non-ignored vulnerable application dependencies.
- vulnerable
Artifacts numberCount With Ignored - Count of all vulnerable application dependencies.
- application_
dependencies Sequence[adm.Vulnerability Audit Application Dependency Args] - List of application dependencies (without vulnerabilities).
- build_
type str - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- compartment_
id str - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- configuration
adm.
Vulnerability Audit Configuration Args - Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display_
name str - (Updatable) The name of the vulnerability audit.
- Mapping[str, str]
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- is_
success bool - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - knowledge_
base_ strid - The Oracle Cloud identifier (OCID) of the knowledge base.
- lifecycle_
details str - Details on the lifecycle state.
- max_
observed_ floatcvss_ v2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- max_
observed_ floatcvss_ v2score_ with_ ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- max_
observed_ floatcvss_ v3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- max_
observed_ floatcvss_ v3score_ with_ ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- max_
observed_ strseverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- max_
observed_ strseverity_ with_ ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- source
adm.
Vulnerability Audit Source Args - vulnerability audit source.
- state str
- The current lifecycle state of the vulnerability audit.
- Mapping[str, str]
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time_
created str - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- time_
updated str - The update date and time of the vulnerability audit (formatted according to RFC3339).
- usage_
data adm.Vulnerability Audit Usage Data Args - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name. - vulnerabilities
Sequence[adm.
Vulnerability Audit Vulnerability Args] - List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- vulnerable_
artifacts_ intcount - Count of non-ignored vulnerable application dependencies.
- vulnerable_
artifacts_ intcount_ with_ ignored - Count of all vulnerable application dependencies.
- application
Dependencies List<Property Map> - List of application dependencies (without vulnerabilities).
- build
Type String - The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
- compartment
Id String - (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
- configuration Property Map
- Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in
exclusions
, or all of the associated Vulnerabilies have a CVSS v2 score belowmaxPermissibleCvssV2Score
and a CVSS v3 score belowmaxPermissibleCvssV3Score
. type: object - Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display
Name String - (Updatable) The name of the vulnerability audit.
- Map<String>
- (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- is
Success Boolean - Indicates if an audit succeeded according to the configuration. The value is
null
if the audit is in theCREATING
state. - knowledge
Base StringId - The Oracle Cloud identifier (OCID) of the knowledge base.
- lifecycle
Details String - Details on the lifecycle state.
- max
Observed NumberCvss V2score - Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
- max
Observed NumberCvss V2score With Ignored - Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
- max
Observed NumberCvss V3score - Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
- max
Observed NumberCvss V3score With Ignored - Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
- max
Observed StringSeverity - Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
- max
Observed StringSeverity With Ignored - Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
- source Property Map
- vulnerability audit source.
- state String
- The current lifecycle state of the vulnerability audit.
- Map<String>
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created String - The creation date and time of the vulnerability audit (formatted according to RFC3339).
- time
Updated String - The update date and time of the vulnerability audit (formatted according to RFC3339).
- usage
Data Property Map - The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set
sourceType
toobjectStorageTuple
and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name. - vulnerabilities List<Property Map>
- List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
- vulnerable
Artifacts NumberCount - Count of non-ignored vulnerable application dependencies.
- vulnerable
Artifacts NumberCount With Ignored - Count of all vulnerable application dependencies.
Supporting Types
VulnerabilityAuditApplicationDependency, VulnerabilityAuditApplicationDependencyArgs
- Node
Id string - Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
- Application
Dependency List<string>Node Ids - List of application dependencies on which this application dependency depends, each identified by its nodeId.
- Gav string
- Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
- Purl string
- Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
- Node
Id string - Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
- Application
Dependency []stringNode Ids - List of application dependencies on which this application dependency depends, each identified by its nodeId.
- Gav string
- Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
- Purl string
- Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
- node
Id String - Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
- application
Dependency List<String>Node Ids - List of application dependencies on which this application dependency depends, each identified by its nodeId.
- gav String
- Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
- purl String
- Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
- node
Id string - Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
- application
Dependency string[]Node Ids - List of application dependencies on which this application dependency depends, each identified by its nodeId.
- gav string
- Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
- purl string
- Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
- node_
id str - Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
- application_
dependency_ Sequence[str]node_ ids - List of application dependencies on which this application dependency depends, each identified by its nodeId.
- gav str
- Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
- purl str
- Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
- node
Id String - Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
- application
Dependency List<String>Node Ids - List of application dependencies on which this application dependency depends, each identified by its nodeId.
- gav String
- Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
- purl String
- Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
VulnerabilityAuditConfiguration, VulnerabilityAuditConfigurationArgs
- Exclusions List<string>
- A vulnerable application dependency is ignored if its name matches any of the items in
exclusions
. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters. - Max
Permissible doubleCvss V2score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- Max
Permissible doubleCvss V3score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- Max
Permissible stringSeverity - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.
- Exclusions []string
- A vulnerable application dependency is ignored if its name matches any of the items in
exclusions
. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters. - Max
Permissible float64Cvss V2score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- Max
Permissible float64Cvss V3score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- Max
Permissible stringSeverity - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.
- exclusions List<String>
- A vulnerable application dependency is ignored if its name matches any of the items in
exclusions
. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters. - max
Permissible DoubleCvss V2score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- max
Permissible DoubleCvss V3score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- max
Permissible StringSeverity - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.
- exclusions string[]
- A vulnerable application dependency is ignored if its name matches any of the items in
exclusions
. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters. - max
Permissible numberCvss V2score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- max
Permissible numberCvss V3score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- max
Permissible stringSeverity - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.
- exclusions Sequence[str]
- A vulnerable application dependency is ignored if its name matches any of the items in
exclusions
. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters. - max_
permissible_ floatcvss_ v2score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- max_
permissible_ floatcvss_ v3score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- max_
permissible_ strseverity - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.
- exclusions List<String>
- A vulnerable application dependency is ignored if its name matches any of the items in
exclusions
. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters. - max
Permissible NumberCvss V2score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- max
Permissible NumberCvss V3score - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
- max
Permissible StringSeverity - A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.
VulnerabilityAuditSource, VulnerabilityAuditSourceArgs
- Type string
- Source type of the vulnerability audit.
- Description string
- Description of the external resource source.
- Oci
Resource stringId - The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
- Type string
- Source type of the vulnerability audit.
- Description string
- Description of the external resource source.
- Oci
Resource stringId - The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
- type String
- Source type of the vulnerability audit.
- description String
- Description of the external resource source.
- oci
Resource StringId - The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
- type string
- Source type of the vulnerability audit.
- description string
- Description of the external resource source.
- oci
Resource stringId - The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
- type str
- Source type of the vulnerability audit.
- description str
- Description of the external resource source.
- oci_
resource_ strid - The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
- type String
- Source type of the vulnerability audit.
- description String
- Description of the external resource source.
- oci
Resource StringId - The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
VulnerabilityAuditUsageData, VulnerabilityAuditUsageDataArgs
- Bucket string
- The Object Storage bucket to read the usage data from.
- Namespace string
- The Object Storage namespace to read the usage data from.
- Object string
- The Object Storage object name to read the usage data from.
- Source
Type string The destination type. Use
objectStorageTuple
when specifying the namespace, bucket name, and object name.** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Bucket string
- The Object Storage bucket to read the usage data from.
- Namespace string
- The Object Storage namespace to read the usage data from.
- Object string
- The Object Storage object name to read the usage data from.
- Source
Type string The destination type. Use
objectStorageTuple
when specifying the namespace, bucket name, and object name.** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- bucket String
- The Object Storage bucket to read the usage data from.
- namespace String
- The Object Storage namespace to read the usage data from.
- object String
- The Object Storage object name to read the usage data from.
- source
Type String The destination type. Use
objectStorageTuple
when specifying the namespace, bucket name, and object name.** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- bucket string
- The Object Storage bucket to read the usage data from.
- namespace string
- The Object Storage namespace to read the usage data from.
- object string
- The Object Storage object name to read the usage data from.
- source
Type string The destination type. Use
objectStorageTuple
when specifying the namespace, bucket name, and object name.** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- bucket str
- The Object Storage bucket to read the usage data from.
- namespace str
- The Object Storage namespace to read the usage data from.
- object str
- The Object Storage object name to read the usage data from.
- source_
type str The destination type. Use
objectStorageTuple
when specifying the namespace, bucket name, and object name.** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- bucket String
- The Object Storage bucket to read the usage data from.
- namespace String
- The Object Storage namespace to read the usage data from.
- object String
- The Object Storage object name to read the usage data from.
- source
Type String The destination type. Use
objectStorageTuple
when specifying the namespace, bucket name, and object name.** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
VulnerabilityAuditVulnerability, VulnerabilityAuditVulnerabilityArgs
- Cvss
V2score double - Common Vulnerability Scoring System (CVSS) Version 2.
- Cvss
V3score double - Common Vulnerability Scoring System (CVSS) Version 3.
- Id string
- Unique vulnerability identifier, e.g. CVE-1999-0067.
- Is
False boolPositive - Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is
null
. - Is
Ignored bool - Indicates if the vulnerability was ignored according to the audit configuration.
- Severity string
- ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
- Source string
- vulnerability audit source.
- Cvss
V2score float64 - Common Vulnerability Scoring System (CVSS) Version 2.
- Cvss
V3score float64 - Common Vulnerability Scoring System (CVSS) Version 3.
- Id string
- Unique vulnerability identifier, e.g. CVE-1999-0067.
- Is
False boolPositive - Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is
null
. - Is
Ignored bool - Indicates if the vulnerability was ignored according to the audit configuration.
- Severity string
- ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
- Source string
- vulnerability audit source.
- cvss
V2score Double - Common Vulnerability Scoring System (CVSS) Version 2.
- cvss
V3score Double - Common Vulnerability Scoring System (CVSS) Version 3.
- id String
- Unique vulnerability identifier, e.g. CVE-1999-0067.
- is
False BooleanPositive - Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is
null
. - is
Ignored Boolean - Indicates if the vulnerability was ignored according to the audit configuration.
- severity String
- ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
- source String
- vulnerability audit source.
- cvss
V2score number - Common Vulnerability Scoring System (CVSS) Version 2.
- cvss
V3score number - Common Vulnerability Scoring System (CVSS) Version 3.
- id string
- Unique vulnerability identifier, e.g. CVE-1999-0067.
- is
False booleanPositive - Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is
null
. - is
Ignored boolean - Indicates if the vulnerability was ignored according to the audit configuration.
- severity string
- ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
- source string
- vulnerability audit source.
- cvss_
v2score float - Common Vulnerability Scoring System (CVSS) Version 2.
- cvss_
v3score float - Common Vulnerability Scoring System (CVSS) Version 3.
- id str
- Unique vulnerability identifier, e.g. CVE-1999-0067.
- is_
false_ boolpositive - Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is
null
. - is_
ignored bool - Indicates if the vulnerability was ignored according to the audit configuration.
- severity str
- ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
- source str
- vulnerability audit source.
- cvss
V2score Number - Common Vulnerability Scoring System (CVSS) Version 2.
- cvss
V3score Number - Common Vulnerability Scoring System (CVSS) Version 3.
- id String
- Unique vulnerability identifier, e.g. CVE-1999-0067.
- is
False BooleanPositive - Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is
null
. - is
Ignored Boolean - Indicates if the vulnerability was ignored according to the audit configuration.
- severity String
- ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
- source String
- vulnerability audit source.
Import
VulnerabilityAudits can be imported using the id
, e.g.
$ pulumi import oci:Adm/vulnerabilityAudit:VulnerabilityAudit test_vulnerability_audit "id"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oci
Terraform Provider.