Oracle Cloud Infrastructure v2.31.0, Apr 17 25

Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi

oci.Adm.VulnerabilityAudit

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testVulnerabilityAudit = new oci.adm.VulnerabilityAudit("test_vulnerability_audit", {
    knowledgeBaseId: testKnowledgeBase.id,
    applicationDependencies: [{
        nodeId: testNode.id,
        applicationDependencyNodeIds: vulnerabilityAuditApplicationDependenciesApplicationDependencyNodeIds,
        gav: vulnerabilityAuditApplicationDependenciesGav,
        purl: vulnerabilityAuditApplicationDependenciesPurl,
    }],
    buildType: vulnerabilityAuditBuildType,
    compartmentId: compartmentId,
    configuration: {
        exclusions: vulnerabilityAuditConfigurationExclusions,
        maxPermissibleCvssV2score: vulnerabilityAuditConfigurationMaxPermissibleCvssV2score,
        maxPermissibleCvssV3score: vulnerabilityAuditConfigurationMaxPermissibleCvssV3score,
        maxPermissibleSeverity: vulnerabilityAuditConfigurationMaxPermissibleSeverity,
    },
    definedTags: {
        "foo-namespace.bar-key": "value",
    },
    displayName: vulnerabilityAuditDisplayName,
    freeformTags: {
        "bar-key": "value",
    },
    source: {
        type: vulnerabilityAuditSourceType,
        description: vulnerabilityAuditSourceDescription,
        ociResourceId: testOciResource.id,
    },
    usageData: {
        bucket: vulnerabilityAuditUsageDataBucket,
        namespace: vulnerabilityAuditUsageDataNamespace,
        object: vulnerabilityAuditUsageDataObject,
        sourceType: vulnerabilityAuditUsageDataSourceType,
    },
});

import pulumi
import pulumi_oci as oci

test_vulnerability_audit = oci.adm.VulnerabilityAudit("test_vulnerability_audit",
    knowledge_base_id=test_knowledge_base["id"],
    application_dependencies=[{
        "node_id": test_node["id"],
        "application_dependency_node_ids": vulnerability_audit_application_dependencies_application_dependency_node_ids,
        "gav": vulnerability_audit_application_dependencies_gav,
        "purl": vulnerability_audit_application_dependencies_purl,
    }],
    build_type=vulnerability_audit_build_type,
    compartment_id=compartment_id,
    configuration={
        "exclusions": vulnerability_audit_configuration_exclusions,
        "max_permissible_cvss_v2score": vulnerability_audit_configuration_max_permissible_cvss_v2score,
        "max_permissible_cvss_v3score": vulnerability_audit_configuration_max_permissible_cvss_v3score,
        "max_permissible_severity": vulnerability_audit_configuration_max_permissible_severity,
    },
    defined_tags={
        "foo-namespace.bar-key": "value",
    },
    display_name=vulnerability_audit_display_name,
    freeform_tags={
        "bar-key": "value",
    },
    source={
        "type": vulnerability_audit_source_type,
        "description": vulnerability_audit_source_description,
        "oci_resource_id": test_oci_resource["id"],
    },
    usage_data={
        "bucket": vulnerability_audit_usage_data_bucket,
        "namespace": vulnerability_audit_usage_data_namespace,
        "object": vulnerability_audit_usage_data_object,
        "source_type": vulnerability_audit_usage_data_source_type,
    })

package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/adm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := adm.NewVulnerabilityAudit(ctx, "test_vulnerability_audit", &adm.VulnerabilityAuditArgs{
			KnowledgeBaseId: pulumi.Any(testKnowledgeBase.Id),
			ApplicationDependencies: adm.VulnerabilityAuditApplicationDependencyArray{
				&adm.VulnerabilityAuditApplicationDependencyArgs{
					NodeId:                       pulumi.Any(testNode.Id),
					ApplicationDependencyNodeIds: pulumi.Any(vulnerabilityAuditApplicationDependenciesApplicationDependencyNodeIds),
					Gav:                          pulumi.Any(vulnerabilityAuditApplicationDependenciesGav),
					Purl:                         pulumi.Any(vulnerabilityAuditApplicationDependenciesPurl),
				},
			},
			BuildType:     pulumi.Any(vulnerabilityAuditBuildType),
			CompartmentId: pulumi.Any(compartmentId),
			Configuration: &adm.VulnerabilityAuditConfigurationArgs{
				Exclusions:                pulumi.Any(vulnerabilityAuditConfigurationExclusions),
				MaxPermissibleCvssV2score: pulumi.Any(vulnerabilityAuditConfigurationMaxPermissibleCvssV2score),
				MaxPermissibleCvssV3score: pulumi.Any(vulnerabilityAuditConfigurationMaxPermissibleCvssV3score),
				MaxPermissibleSeverity:    pulumi.Any(vulnerabilityAuditConfigurationMaxPermissibleSeverity),
			},
			DefinedTags: pulumi.StringMap{
				"foo-namespace.bar-key": pulumi.String("value"),
			},
			DisplayName: pulumi.Any(vulnerabilityAuditDisplayName),
			FreeformTags: pulumi.StringMap{
				"bar-key": pulumi.String("value"),
			},
			Source: &adm.VulnerabilityAuditSourceArgs{
				Type:          pulumi.Any(vulnerabilityAuditSourceType),
				Description:   pulumi.Any(vulnerabilityAuditSourceDescription),
				OciResourceId: pulumi.Any(testOciResource.Id),
			},
			UsageData: &adm.VulnerabilityAuditUsageDataArgs{
				Bucket:     pulumi.Any(vulnerabilityAuditUsageDataBucket),
				Namespace:  pulumi.Any(vulnerabilityAuditUsageDataNamespace),
				Object:     pulumi.Any(vulnerabilityAuditUsageDataObject),
				SourceType: pulumi.Any(vulnerabilityAuditUsageDataSourceType),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testVulnerabilityAudit = new Oci.Adm.VulnerabilityAudit("test_vulnerability_audit", new()
    {
        KnowledgeBaseId = testKnowledgeBase.Id,
        ApplicationDependencies = new[]
        {
            new Oci.Adm.Inputs.VulnerabilityAuditApplicationDependencyArgs
            {
                NodeId = testNode.Id,
                ApplicationDependencyNodeIds = vulnerabilityAuditApplicationDependenciesApplicationDependencyNodeIds,
                Gav = vulnerabilityAuditApplicationDependenciesGav,
                Purl = vulnerabilityAuditApplicationDependenciesPurl,
            },
        },
        BuildType = vulnerabilityAuditBuildType,
        CompartmentId = compartmentId,
        Configuration = new Oci.Adm.Inputs.VulnerabilityAuditConfigurationArgs
        {
            Exclusions = vulnerabilityAuditConfigurationExclusions,
            MaxPermissibleCvssV2score = vulnerabilityAuditConfigurationMaxPermissibleCvssV2score,
            MaxPermissibleCvssV3score = vulnerabilityAuditConfigurationMaxPermissibleCvssV3score,
            MaxPermissibleSeverity = vulnerabilityAuditConfigurationMaxPermissibleSeverity,
        },
        DefinedTags = 
        {
            { "foo-namespace.bar-key", "value" },
        },
        DisplayName = vulnerabilityAuditDisplayName,
        FreeformTags = 
        {
            { "bar-key", "value" },
        },
        Source = new Oci.Adm.Inputs.VulnerabilityAuditSourceArgs
        {
            Type = vulnerabilityAuditSourceType,
            Description = vulnerabilityAuditSourceDescription,
            OciResourceId = testOciResource.Id,
        },
        UsageData = new Oci.Adm.Inputs.VulnerabilityAuditUsageDataArgs
        {
            Bucket = vulnerabilityAuditUsageDataBucket,
            Namespace = vulnerabilityAuditUsageDataNamespace,
            Object = vulnerabilityAuditUsageDataObject,
            SourceType = vulnerabilityAuditUsageDataSourceType,
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Adm.VulnerabilityAudit;
import com.pulumi.oci.Adm.VulnerabilityAuditArgs;
import com.pulumi.oci.Adm.inputs.VulnerabilityAuditApplicationDependencyArgs;
import com.pulumi.oci.Adm.inputs.VulnerabilityAuditConfigurationArgs;
import com.pulumi.oci.Adm.inputs.VulnerabilityAuditSourceArgs;
import com.pulumi.oci.Adm.inputs.VulnerabilityAuditUsageDataArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testVulnerabilityAudit = new VulnerabilityAudit("testVulnerabilityAudit", VulnerabilityAuditArgs.builder()
            .knowledgeBaseId(testKnowledgeBase.id())
            .applicationDependencies(VulnerabilityAuditApplicationDependencyArgs.builder()
                .nodeId(testNode.id())
                .applicationDependencyNodeIds(vulnerabilityAuditApplicationDependenciesApplicationDependencyNodeIds)
                .gav(vulnerabilityAuditApplicationDependenciesGav)
                .purl(vulnerabilityAuditApplicationDependenciesPurl)
                .build())
            .buildType(vulnerabilityAuditBuildType)
            .compartmentId(compartmentId)
            .configuration(VulnerabilityAuditConfigurationArgs.builder()
                .exclusions(vulnerabilityAuditConfigurationExclusions)
                .maxPermissibleCvssV2score(vulnerabilityAuditConfigurationMaxPermissibleCvssV2score)
                .maxPermissibleCvssV3score(vulnerabilityAuditConfigurationMaxPermissibleCvssV3score)
                .maxPermissibleSeverity(vulnerabilityAuditConfigurationMaxPermissibleSeverity)
                .build())
            .definedTags(Map.of("foo-namespace.bar-key", "value"))
            .displayName(vulnerabilityAuditDisplayName)
            .freeformTags(Map.of("bar-key", "value"))
            .source(VulnerabilityAuditSourceArgs.builder()
                .type(vulnerabilityAuditSourceType)
                .description(vulnerabilityAuditSourceDescription)
                .ociResourceId(testOciResource.id())
                .build())
            .usageData(VulnerabilityAuditUsageDataArgs.builder()
                .bucket(vulnerabilityAuditUsageDataBucket)
                .namespace(vulnerabilityAuditUsageDataNamespace)
                .object(vulnerabilityAuditUsageDataObject)
                .sourceType(vulnerabilityAuditUsageDataSourceType)
                .build())
            .build());

    }
}

resources:
  testVulnerabilityAudit:
    type: oci:Adm:VulnerabilityAudit
    name: test_vulnerability_audit
    properties:
      knowledgeBaseId: ${testKnowledgeBase.id}
      applicationDependencies:
        - nodeId: ${testNode.id}
          applicationDependencyNodeIds: ${vulnerabilityAuditApplicationDependenciesApplicationDependencyNodeIds}
          gav: ${vulnerabilityAuditApplicationDependenciesGav}
          purl: ${vulnerabilityAuditApplicationDependenciesPurl}
      buildType: ${vulnerabilityAuditBuildType}
      compartmentId: ${compartmentId}
      configuration:
        exclusions: ${vulnerabilityAuditConfigurationExclusions}
        maxPermissibleCvssV2score: ${vulnerabilityAuditConfigurationMaxPermissibleCvssV2score}
        maxPermissibleCvssV3score: ${vulnerabilityAuditConfigurationMaxPermissibleCvssV3score}
        maxPermissibleSeverity: ${vulnerabilityAuditConfigurationMaxPermissibleSeverity}
      definedTags:
        foo-namespace.bar-key: value
      displayName: ${vulnerabilityAuditDisplayName}
      freeformTags:
        bar-key: value
      source:
        type: ${vulnerabilityAuditSourceType}
        description: ${vulnerabilityAuditSourceDescription}
        ociResourceId: ${testOciResource.id}
      usageData:
        bucket: ${vulnerabilityAuditUsageDataBucket}
        namespace: ${vulnerabilityAuditUsageDataNamespace}
        object: ${vulnerabilityAuditUsageDataObject}
        sourceType: ${vulnerabilityAuditUsageDataSourceType}

Create VulnerabilityAudit Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new VulnerabilityAudit(name: string, args: VulnerabilityAuditArgs, opts?: CustomResourceOptions);

@overload
def VulnerabilityAudit(resource_name: str,
                       args: VulnerabilityAuditArgs,
                       opts: Optional[ResourceOptions] = None)

@overload
def VulnerabilityAudit(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       knowledge_base_id: Optional[str] = None,
                       application_dependencies: Optional[Sequence[_adm.VulnerabilityAuditApplicationDependencyArgs]] = None,
                       build_type: Optional[str] = None,
                       compartment_id: Optional[str] = None,
                       configuration: Optional[_adm.VulnerabilityAuditConfigurationArgs] = None,
                       defined_tags: Optional[Mapping[str, str]] = None,
                       display_name: Optional[str] = None,
                       freeform_tags: Optional[Mapping[str, str]] = None,
                       source: Optional[_adm.VulnerabilityAuditSourceArgs] = None,
                       usage_data: Optional[_adm.VulnerabilityAuditUsageDataArgs] = None)

func NewVulnerabilityAudit(ctx *Context, name string, args VulnerabilityAuditArgs, opts ...ResourceOption) (*VulnerabilityAudit, error)

public VulnerabilityAudit(string name, VulnerabilityAuditArgs args, CustomResourceOptions? opts = null)

public VulnerabilityAudit(String name, VulnerabilityAuditArgs args)
public VulnerabilityAudit(String name, VulnerabilityAuditArgs args, CustomResourceOptions options)

type: oci:Adm:VulnerabilityAudit
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args VulnerabilityAuditArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args VulnerabilityAuditArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args VulnerabilityAuditArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args VulnerabilityAuditArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args VulnerabilityAuditArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var vulnerabilityAuditResource = new Oci.Adm.VulnerabilityAudit("vulnerabilityAuditResource", new()
{
    KnowledgeBaseId = "string",
    ApplicationDependencies = new[]
    {
        new Oci.Adm.Inputs.VulnerabilityAuditApplicationDependencyArgs
        {
            NodeId = "string",
            ApplicationDependencyNodeIds = new[]
            {
                "string",
            },
            Gav = "string",
            Purl = "string",
        },
    },
    BuildType = "string",
    CompartmentId = "string",
    Configuration = new Oci.Adm.Inputs.VulnerabilityAuditConfigurationArgs
    {
        Exclusions = new[]
        {
            "string",
        },
        MaxPermissibleCvssV2score = 0,
        MaxPermissibleCvssV3score = 0,
        MaxPermissibleSeverity = "string",
    },
    DefinedTags = 
    {
        { "string", "string" },
    },
    DisplayName = "string",
    FreeformTags = 
    {
        { "string", "string" },
    },
    Source = new Oci.Adm.Inputs.VulnerabilityAuditSourceArgs
    {
        Type = "string",
        Description = "string",
        OciResourceId = "string",
    },
    UsageData = new Oci.Adm.Inputs.VulnerabilityAuditUsageDataArgs
    {
        Bucket = "string",
        Namespace = "string",
        Object = "string",
        SourceType = "string",
    },
});

example, err := Adm.NewVulnerabilityAudit(ctx, "vulnerabilityAuditResource", &Adm.VulnerabilityAuditArgs{
	KnowledgeBaseId: pulumi.String("string"),
	ApplicationDependencies: adm.VulnerabilityAuditApplicationDependencyArray{
		&adm.VulnerabilityAuditApplicationDependencyArgs{
			NodeId: pulumi.String("string"),
			ApplicationDependencyNodeIds: pulumi.StringArray{
				pulumi.String("string"),
			},
			Gav:  pulumi.String("string"),
			Purl: pulumi.String("string"),
		},
	},
	BuildType:     pulumi.String("string"),
	CompartmentId: pulumi.String("string"),
	Configuration: &adm.VulnerabilityAuditConfigurationArgs{
		Exclusions: pulumi.StringArray{
			pulumi.String("string"),
		},
		MaxPermissibleCvssV2score: pulumi.Float64(0),
		MaxPermissibleCvssV3score: pulumi.Float64(0),
		MaxPermissibleSeverity:    pulumi.String("string"),
	},
	DefinedTags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	DisplayName: pulumi.String("string"),
	FreeformTags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Source: &adm.VulnerabilityAuditSourceArgs{
		Type:          pulumi.String("string"),
		Description:   pulumi.String("string"),
		OciResourceId: pulumi.String("string"),
	},
	UsageData: &adm.VulnerabilityAuditUsageDataArgs{
		Bucket:     pulumi.String("string"),
		Namespace:  pulumi.String("string"),
		Object:     pulumi.String("string"),
		SourceType: pulumi.String("string"),
	},
})

var vulnerabilityAuditResource = new VulnerabilityAudit("vulnerabilityAuditResource", VulnerabilityAuditArgs.builder()
    .knowledgeBaseId("string")
    .applicationDependencies(VulnerabilityAuditApplicationDependencyArgs.builder()
        .nodeId("string")
        .applicationDependencyNodeIds("string")
        .gav("string")
        .purl("string")
        .build())
    .buildType("string")
    .compartmentId("string")
    .configuration(VulnerabilityAuditConfigurationArgs.builder()
        .exclusions("string")
        .maxPermissibleCvssV2score(0)
        .maxPermissibleCvssV3score(0)
        .maxPermissibleSeverity("string")
        .build())
    .definedTags(Map.of("string", "string"))
    .displayName("string")
    .freeformTags(Map.of("string", "string"))
    .source(VulnerabilityAuditSourceArgs.builder()
        .type("string")
        .description("string")
        .ociResourceId("string")
        .build())
    .usageData(VulnerabilityAuditUsageDataArgs.builder()
        .bucket("string")
        .namespace("string")
        .object("string")
        .sourceType("string")
        .build())
    .build());

vulnerability_audit_resource = oci.adm.VulnerabilityAudit("vulnerabilityAuditResource",
    knowledge_base_id="string",
    application_dependencies=[{
        "node_id": "string",
        "application_dependency_node_ids": ["string"],
        "gav": "string",
        "purl": "string",
    }],
    build_type="string",
    compartment_id="string",
    configuration={
        "exclusions": ["string"],
        "max_permissible_cvss_v2score": 0,
        "max_permissible_cvss_v3score": 0,
        "max_permissible_severity": "string",
    },
    defined_tags={
        "string": "string",
    },
    display_name="string",
    freeform_tags={
        "string": "string",
    },
    source={
        "type": "string",
        "description": "string",
        "oci_resource_id": "string",
    },
    usage_data={
        "bucket": "string",
        "namespace": "string",
        "object": "string",
        "source_type": "string",
    })

const vulnerabilityAuditResource = new oci.adm.VulnerabilityAudit("vulnerabilityAuditResource", {
    knowledgeBaseId: "string",
    applicationDependencies: [{
        nodeId: "string",
        applicationDependencyNodeIds: ["string"],
        gav: "string",
        purl: "string",
    }],
    buildType: "string",
    compartmentId: "string",
    configuration: {
        exclusions: ["string"],
        maxPermissibleCvssV2score: 0,
        maxPermissibleCvssV3score: 0,
        maxPermissibleSeverity: "string",
    },
    definedTags: {
        string: "string",
    },
    displayName: "string",
    freeformTags: {
        string: "string",
    },
    source: {
        type: "string",
        description: "string",
        ociResourceId: "string",
    },
    usageData: {
        bucket: "string",
        namespace: "string",
        object: "string",
        sourceType: "string",
    },
});

type: oci:Adm:VulnerabilityAudit
properties:
    applicationDependencies:
        - applicationDependencyNodeIds:
            - string
          gav: string
          nodeId: string
          purl: string
    buildType: string
    compartmentId: string
    configuration:
        exclusions:
            - string
        maxPermissibleCvssV2score: 0
        maxPermissibleCvssV3score: 0
        maxPermissibleSeverity: string
    definedTags:
        string: string
    displayName: string
    freeformTags:
        string: string
    knowledgeBaseId: string
    source:
        description: string
        ociResourceId: string
        type: string
    usageData:
        bucket: string
        namespace: string
        object: string
        sourceType: string

VulnerabilityAudit Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The VulnerabilityAudit resource accepts the following input properties:

KnowledgeBaseId string: The Oracle Cloud identifier (OCID) of the knowledge base.
ApplicationDependencies List<VulnerabilityAuditApplicationDependency>: List of application dependencies (without vulnerabilities).
BuildType string: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
CompartmentId string: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
Configuration VulnerabilityAuditConfiguration: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
DefinedTags Dictionary<string, string>: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
DisplayName string: (Updatable) The name of the vulnerability audit.
FreeformTags Dictionary<string, string>: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
Source VulnerabilityAuditSource: vulnerability audit source.
UsageData VulnerabilityAuditUsageData: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.

KnowledgeBaseId string: The Oracle Cloud identifier (OCID) of the knowledge base.
ApplicationDependencies []VulnerabilityAuditApplicationDependencyArgs: List of application dependencies (without vulnerabilities).
BuildType string: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
CompartmentId string: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
Configuration VulnerabilityAuditConfigurationArgs: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
DefinedTags map[string]string: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
DisplayName string: (Updatable) The name of the vulnerability audit.
FreeformTags map[string]string: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
Source VulnerabilityAuditSourceArgs: vulnerability audit source.
UsageData VulnerabilityAuditUsageDataArgs: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.

knowledgeBaseId String: The Oracle Cloud identifier (OCID) of the knowledge base.
applicationDependencies List<VulnerabilityAuditApplicationDependency>: List of application dependencies (without vulnerabilities).
buildType String: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId String: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
configuration VulnerabilityAuditConfiguration: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags Map<String,String>: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName String: (Updatable) The name of the vulnerability audit.
freeformTags Map<String,String>: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
source VulnerabilityAuditSource: vulnerability audit source.
usageData VulnerabilityAuditUsageData: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.

knowledgeBaseId string: The Oracle Cloud identifier (OCID) of the knowledge base.
applicationDependencies VulnerabilityAuditApplicationDependency[]: List of application dependencies (without vulnerabilities).
buildType string: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId string: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
configuration VulnerabilityAuditConfiguration: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags {[key: string]: string}: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName string: (Updatable) The name of the vulnerability audit.
freeformTags {[key: string]: string}: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
source VulnerabilityAuditSource: vulnerability audit source.
usageData VulnerabilityAuditUsageData: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.

knowledge_base_id str: The Oracle Cloud identifier (OCID) of the knowledge base.
application_dependencies Sequence[adm.VulnerabilityAuditApplicationDependencyArgs]: List of application dependencies (without vulnerabilities).
build_type str: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartment_id str: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
configuration adm.VulnerabilityAuditConfigurationArgs: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
defined_tags Mapping[str, str]: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
display_name str: (Updatable) The name of the vulnerability audit.
freeform_tags Mapping[str, str]: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
source adm.VulnerabilityAuditSourceArgs: vulnerability audit source.
usage_data adm.VulnerabilityAuditUsageDataArgs: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.

knowledgeBaseId String: The Oracle Cloud identifier (OCID) of the knowledge base.
applicationDependencies List<Property Map>: List of application dependencies (without vulnerabilities).
buildType String: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId String: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
configuration Property Map: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags Map<String>: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName String: (Updatable) The name of the vulnerability audit.
freeformTags Map<String>: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
source Property Map: vulnerability audit source.
usageData Property Map: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.

Outputs

All input properties are implicitly available as output properties. Additionally, the VulnerabilityAudit resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
IsSuccess bool: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
LifecycleDetails string: Details on the lifecycle state.
MaxObservedCvssV2score double: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV2scoreWithIgnored double: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
MaxObservedCvssV3score double: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV3scoreWithIgnored double: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
MaxObservedSeverity string: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
MaxObservedSeverityWithIgnored string: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
State string: The current lifecycle state of the vulnerability audit.
SystemTags Dictionary<string, string>: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
TimeCreated string: The creation date and time of the vulnerability audit (formatted according to RFC3339).
TimeUpdated string: The update date and time of the vulnerability audit (formatted according to RFC3339).
Vulnerabilities List<VulnerabilityAuditVulnerability>: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
VulnerableArtifactsCount int: Count of non-ignored vulnerable application dependencies.
VulnerableArtifactsCountWithIgnored int: Count of all vulnerable application dependencies.

Id string: The provider-assigned unique ID for this managed resource.
IsSuccess bool: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
LifecycleDetails string: Details on the lifecycle state.
MaxObservedCvssV2score float64: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV2scoreWithIgnored float64: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
MaxObservedCvssV3score float64: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV3scoreWithIgnored float64: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
MaxObservedSeverity string: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
MaxObservedSeverityWithIgnored string: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
State string: The current lifecycle state of the vulnerability audit.
SystemTags map[string]string: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
TimeCreated string: The creation date and time of the vulnerability audit (formatted according to RFC3339).
TimeUpdated string: The update date and time of the vulnerability audit (formatted according to RFC3339).
Vulnerabilities []VulnerabilityAuditVulnerability: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
VulnerableArtifactsCount int: Count of non-ignored vulnerable application dependencies.
VulnerableArtifactsCountWithIgnored int: Count of all vulnerable application dependencies.

id String: The provider-assigned unique ID for this managed resource.
isSuccess Boolean: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
lifecycleDetails String: Details on the lifecycle state.
maxObservedCvssV2score Double: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored Double: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score Double: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored Double: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity String: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored String: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
state String: The current lifecycle state of the vulnerability audit.
systemTags Map<String,String>: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated String: The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated String: The update date and time of the vulnerability audit (formatted according to RFC3339).
vulnerabilities List<VulnerabilityAuditVulnerability>: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerableArtifactsCount Integer: Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored Integer: Count of all vulnerable application dependencies.

id string: The provider-assigned unique ID for this managed resource.
isSuccess boolean: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
lifecycleDetails string: Details on the lifecycle state.
maxObservedCvssV2score number: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored number: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score number: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored number: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity string: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored string: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
state string: The current lifecycle state of the vulnerability audit.
systemTags {[key: string]: string}: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated string: The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated string: The update date and time of the vulnerability audit (formatted according to RFC3339).
vulnerabilities VulnerabilityAuditVulnerability[]: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerableArtifactsCount number: Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored number: Count of all vulnerable application dependencies.

id str: The provider-assigned unique ID for this managed resource.
is_success bool: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
lifecycle_details str: Details on the lifecycle state.
max_observed_cvss_v2score float: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
max_observed_cvss_v2score_with_ignored float: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
max_observed_cvss_v3score float: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
max_observed_cvss_v3score_with_ignored float: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
max_observed_severity str: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
max_observed_severity_with_ignored str: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
state str: The current lifecycle state of the vulnerability audit.
system_tags Mapping[str, str]: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
time_created str: The creation date and time of the vulnerability audit (formatted according to RFC3339).
time_updated str: The update date and time of the vulnerability audit (formatted according to RFC3339).
vulnerabilities Sequence[adm.VulnerabilityAuditVulnerability]: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerable_artifacts_count int: Count of non-ignored vulnerable application dependencies.
vulnerable_artifacts_count_with_ignored int: Count of all vulnerable application dependencies.

id String: The provider-assigned unique ID for this managed resource.
isSuccess Boolean: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
lifecycleDetails String: Details on the lifecycle state.
maxObservedCvssV2score Number: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored Number: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score Number: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored Number: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity String: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored String: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
state String: The current lifecycle state of the vulnerability audit.
systemTags Map<String>: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated String: The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated String: The update date and time of the vulnerability audit (formatted according to RFC3339).
vulnerabilities List<Property Map>: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerableArtifactsCount Number: Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored Number: Count of all vulnerable application dependencies.

Look up Existing VulnerabilityAudit Resource

Get an existing VulnerabilityAudit resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: VulnerabilityAuditState, opts?: CustomResourceOptions): VulnerabilityAudit

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        application_dependencies: Optional[Sequence[_adm.VulnerabilityAuditApplicationDependencyArgs]] = None,
        build_type: Optional[str] = None,
        compartment_id: Optional[str] = None,
        configuration: Optional[_adm.VulnerabilityAuditConfigurationArgs] = None,
        defined_tags: Optional[Mapping[str, str]] = None,
        display_name: Optional[str] = None,
        freeform_tags: Optional[Mapping[str, str]] = None,
        is_success: Optional[bool] = None,
        knowledge_base_id: Optional[str] = None,
        lifecycle_details: Optional[str] = None,
        max_observed_cvss_v2score: Optional[float] = None,
        max_observed_cvss_v2score_with_ignored: Optional[float] = None,
        max_observed_cvss_v3score: Optional[float] = None,
        max_observed_cvss_v3score_with_ignored: Optional[float] = None,
        max_observed_severity: Optional[str] = None,
        max_observed_severity_with_ignored: Optional[str] = None,
        source: Optional[_adm.VulnerabilityAuditSourceArgs] = None,
        state: Optional[str] = None,
        system_tags: Optional[Mapping[str, str]] = None,
        time_created: Optional[str] = None,
        time_updated: Optional[str] = None,
        usage_data: Optional[_adm.VulnerabilityAuditUsageDataArgs] = None,
        vulnerabilities: Optional[Sequence[_adm.VulnerabilityAuditVulnerabilityArgs]] = None,
        vulnerable_artifacts_count: Optional[int] = None,
        vulnerable_artifacts_count_with_ignored: Optional[int] = None) -> VulnerabilityAudit

func GetVulnerabilityAudit(ctx *Context, name string, id IDInput, state *VulnerabilityAuditState, opts ...ResourceOption) (*VulnerabilityAudit, error)

public static VulnerabilityAudit Get(string name, Input<string> id, VulnerabilityAuditState? state, CustomResourceOptions? opts = null)

public static VulnerabilityAudit get(String name, Output<String> id, VulnerabilityAuditState state, CustomResourceOptions options)

resources:  _:    type: oci:Adm:VulnerabilityAudit    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ApplicationDependencies List<VulnerabilityAuditApplicationDependency>: List of application dependencies (without vulnerabilities).
BuildType string: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
CompartmentId string: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
Configuration VulnerabilityAuditConfiguration: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
DefinedTags Dictionary<string, string>: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
DisplayName string: (Updatable) The name of the vulnerability audit.
FreeformTags Dictionary<string, string>: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
IsSuccess bool: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
KnowledgeBaseId string: The Oracle Cloud identifier (OCID) of the knowledge base.
LifecycleDetails string: Details on the lifecycle state.
MaxObservedCvssV2score double: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV2scoreWithIgnored double: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
MaxObservedCvssV3score double: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV3scoreWithIgnored double: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
MaxObservedSeverity string: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
MaxObservedSeverityWithIgnored string: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
Source VulnerabilityAuditSource: vulnerability audit source.
State string: The current lifecycle state of the vulnerability audit.
SystemTags Dictionary<string, string>: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
TimeCreated string: The creation date and time of the vulnerability audit (formatted according to RFC3339).
TimeUpdated string: The update date and time of the vulnerability audit (formatted according to RFC3339).
UsageData VulnerabilityAuditUsageData: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
Vulnerabilities List<VulnerabilityAuditVulnerability>: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
VulnerableArtifactsCount int: Count of non-ignored vulnerable application dependencies.
VulnerableArtifactsCountWithIgnored int: Count of all vulnerable application dependencies.

ApplicationDependencies []VulnerabilityAuditApplicationDependencyArgs: List of application dependencies (without vulnerabilities).
BuildType string: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
CompartmentId string: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
Configuration VulnerabilityAuditConfigurationArgs: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
DefinedTags map[string]string: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
DisplayName string: (Updatable) The name of the vulnerability audit.
FreeformTags map[string]string: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
IsSuccess bool: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
KnowledgeBaseId string: The Oracle Cloud identifier (OCID) of the knowledge base.
LifecycleDetails string: Details on the lifecycle state.
MaxObservedCvssV2score float64: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV2scoreWithIgnored float64: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
MaxObservedCvssV3score float64: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV3scoreWithIgnored float64: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
MaxObservedSeverity string: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
MaxObservedSeverityWithIgnored string: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
Source VulnerabilityAuditSourceArgs: vulnerability audit source.
State string: The current lifecycle state of the vulnerability audit.
SystemTags map[string]string: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
TimeCreated string: The creation date and time of the vulnerability audit (formatted according to RFC3339).
TimeUpdated string: The update date and time of the vulnerability audit (formatted according to RFC3339).
UsageData VulnerabilityAuditUsageDataArgs: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
Vulnerabilities []VulnerabilityAuditVulnerabilityArgs: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
VulnerableArtifactsCount int: Count of non-ignored vulnerable application dependencies.
VulnerableArtifactsCountWithIgnored int: Count of all vulnerable application dependencies.

applicationDependencies List<VulnerabilityAuditApplicationDependency>: List of application dependencies (without vulnerabilities).
buildType String: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId String: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
configuration VulnerabilityAuditConfiguration: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags Map<String,String>: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName String: (Updatable) The name of the vulnerability audit.
freeformTags Map<String,String>: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
isSuccess Boolean: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledgeBaseId String: The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycleDetails String: Details on the lifecycle state.
maxObservedCvssV2score Double: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored Double: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score Double: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored Double: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity String: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored String: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
source VulnerabilityAuditSource: vulnerability audit source.
state String: The current lifecycle state of the vulnerability audit.
systemTags Map<String,String>: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated String: The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated String: The update date and time of the vulnerability audit (formatted according to RFC3339).
usageData VulnerabilityAuditUsageData: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities List<VulnerabilityAuditVulnerability>: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerableArtifactsCount Integer: Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored Integer: Count of all vulnerable application dependencies.

applicationDependencies VulnerabilityAuditApplicationDependency[]: List of application dependencies (without vulnerabilities).
buildType string: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId string: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
configuration VulnerabilityAuditConfiguration: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags {[key: string]: string}: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName string: (Updatable) The name of the vulnerability audit.
freeformTags {[key: string]: string}: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
isSuccess boolean: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledgeBaseId string: The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycleDetails string: Details on the lifecycle state.
maxObservedCvssV2score number: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored number: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score number: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored number: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity string: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored string: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
source VulnerabilityAuditSource: vulnerability audit source.
state string: The current lifecycle state of the vulnerability audit.
systemTags {[key: string]: string}: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated string: The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated string: The update date and time of the vulnerability audit (formatted according to RFC3339).
usageData VulnerabilityAuditUsageData: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities VulnerabilityAuditVulnerability[]: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerableArtifactsCount number: Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored number: Count of all vulnerable application dependencies.

application_dependencies Sequence[adm.VulnerabilityAuditApplicationDependencyArgs]: List of application dependencies (without vulnerabilities).
build_type str: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartment_id str: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
configuration adm.VulnerabilityAuditConfigurationArgs: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
defined_tags Mapping[str, str]: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
display_name str: (Updatable) The name of the vulnerability audit.
freeform_tags Mapping[str, str]: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
is_success bool: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledge_base_id str: The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycle_details str: Details on the lifecycle state.
max_observed_cvss_v2score float: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
max_observed_cvss_v2score_with_ignored float: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
max_observed_cvss_v3score float: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
max_observed_cvss_v3score_with_ignored float: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
max_observed_severity str: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
max_observed_severity_with_ignored str: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
source adm.VulnerabilityAuditSourceArgs: vulnerability audit source.
state str: The current lifecycle state of the vulnerability audit.
system_tags Mapping[str, str]: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
time_created str: The creation date and time of the vulnerability audit (formatted according to RFC3339).
time_updated str: The update date and time of the vulnerability audit (formatted according to RFC3339).
usage_data adm.VulnerabilityAuditUsageDataArgs: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities Sequence[adm.VulnerabilityAuditVulnerabilityArgs]: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerable_artifacts_count int: Count of non-ignored vulnerable application dependencies.
vulnerable_artifacts_count_with_ignored int: Count of all vulnerable application dependencies.

applicationDependencies List<Property Map>: List of application dependencies (without vulnerabilities).
buildType String: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId String: (Updatable) The compartment Oracle Cloud identifier (OCID) of the vulnerability audit. If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
configuration Property Map: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags Map<String>: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName String: (Updatable) The name of the vulnerability audit.
freeformTags Map<String>: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
isSuccess Boolean: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledgeBaseId String: The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycleDetails String: Details on the lifecycle state.
maxObservedCvssV2score Number: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored Number: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score Number: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored Number: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity String: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored String: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
source Property Map: vulnerability audit source.
state String: The current lifecycle state of the vulnerability audit.
systemTags Map<String>: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated String: The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated String: The update date and time of the vulnerability audit (formatted according to RFC3339).
usageData Property Map: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities List<Property Map>: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerableArtifactsCount Number: Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored Number: Count of all vulnerable application dependencies.

Supporting Types

VulnerabilityAuditApplicationDependency, VulnerabilityAuditApplicationDependencyArgs

NodeId string: Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
ApplicationDependencyNodeIds List<string>: List of application dependencies on which this application dependency depends, each identified by its nodeId.
Gav string: Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
Purl string: Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0

NodeId string: Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
ApplicationDependencyNodeIds []string: List of application dependencies on which this application dependency depends, each identified by its nodeId.
Gav string: Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
Purl string: Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0

nodeId String: Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
applicationDependencyNodeIds List<String>: List of application dependencies on which this application dependency depends, each identified by its nodeId.
gav String: Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
purl String: Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0

nodeId string: Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
applicationDependencyNodeIds string[]: List of application dependencies on which this application dependency depends, each identified by its nodeId.
gav string: Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
purl string: Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0

node_id str: Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
application_dependency_node_ids Sequence[str]: List of application dependencies on which this application dependency depends, each identified by its nodeId.
gav str: Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
purl str: Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0

nodeId String: Unique identifier of an application dependency, for example nodeId1. The nodeId can be generated by assigning a unique id to each application dependency in the tree of application dependencies. Every node, even those who share the same GAV, should have a different nodeId. The preferred way of constructing a nodeId is to assign incremental integers during a breadth first or depth first search. A nodeId can be reused only it refers to the same subtree of application dependencies. (This is not equivalent to referring to the same GAV, that is, a GAV can have multiple transitive dependencies.)
applicationDependencyNodeIds List<String>: List of application dependencies on which this application dependency depends, each identified by its nodeId.
gav String: Group Artifact Version (GAV) identifier (Group:Artifact:Version). Example: org.graalvm.nativeimage:svm:21.1.0. "N/A" for non-maven artifacts.
purl String: Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0

VulnerabilityAuditConfiguration, VulnerabilityAuditConfigurationArgs

Exclusions List<string>: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
MaxPermissibleCvssV2score double: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleCvssV3score double: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleSeverity string: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

Exclusions []string: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
MaxPermissibleCvssV2score float64: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleCvssV3score float64: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleSeverity string: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

exclusions List<String>: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
maxPermissibleCvssV2score Double: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleCvssV3score Double: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleSeverity String: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

exclusions string[]: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
maxPermissibleCvssV2score number: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleCvssV3score number: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleSeverity string: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

exclusions Sequence[str]: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
max_permissible_cvss_v2score float: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
max_permissible_cvss_v3score float: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
max_permissible_severity str: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

exclusions List<String>: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
maxPermissibleCvssV2score Number: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleCvssV3score Number: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleSeverity String: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

VulnerabilityAuditSource, VulnerabilityAuditSourceArgs

Type string: Source type of the vulnerability audit.
Description string: Description of the external resource source.
OciResourceId string: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.

Type string: Source type of the vulnerability audit.
Description string: Description of the external resource source.
OciResourceId string: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.

type String: Source type of the vulnerability audit.
description String: Description of the external resource source.
ociResourceId String: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.

type string: Source type of the vulnerability audit.
description string: Description of the external resource source.
ociResourceId string: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.

type str: Source type of the vulnerability audit.
description str: Description of the external resource source.
oci_resource_id str: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.

type String: Source type of the vulnerability audit.
description String: Description of the external resource source.
ociResourceId String: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.

VulnerabilityAuditUsageData, VulnerabilityAuditUsageDataArgs

Bucket string

The Object Storage bucket to read the usage data from.

Namespace string

The Object Storage namespace to read the usage data from.

Object string

The Object Storage object name to read the usage data from.

SourceType string

The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

Bucket string

The Object Storage bucket to read the usage data from.

Namespace string

The Object Storage namespace to read the usage data from.

Object string

The Object Storage object name to read the usage data from.

SourceType string

The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

bucket String

The Object Storage bucket to read the usage data from.

namespace String

The Object Storage namespace to read the usage data from.

object String

The Object Storage object name to read the usage data from.

sourceType String

The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

bucket string

The Object Storage bucket to read the usage data from.

namespace string

The Object Storage namespace to read the usage data from.

object string

The Object Storage object name to read the usage data from.

sourceType string

The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

bucket str

The Object Storage bucket to read the usage data from.

namespace str

The Object Storage namespace to read the usage data from.

object str

The Object Storage object name to read the usage data from.

source_type str

The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

bucket String

The Object Storage bucket to read the usage data from.

namespace String

The Object Storage namespace to read the usage data from.

object String

The Object Storage object name to read the usage data from.

sourceType String

The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

VulnerabilityAuditVulnerability, VulnerabilityAuditVulnerabilityArgs

CvssV2score double: Common Vulnerability Scoring System (CVSS) Version 2.
CvssV3score double: Common Vulnerability Scoring System (CVSS) Version 3.
Id string: Unique vulnerability identifier, e.g. CVE-1999-0067.
IsFalsePositive bool: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
IsIgnored bool: Indicates if the vulnerability was ignored according to the audit configuration.
Severity string: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
Source string: vulnerability audit source.

CvssV2score float64: Common Vulnerability Scoring System (CVSS) Version 2.
CvssV3score float64: Common Vulnerability Scoring System (CVSS) Version 3.
Id string: Unique vulnerability identifier, e.g. CVE-1999-0067.
IsFalsePositive bool: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
IsIgnored bool: Indicates if the vulnerability was ignored according to the audit configuration.
Severity string: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
Source string: vulnerability audit source.

cvssV2score Double: Common Vulnerability Scoring System (CVSS) Version 2.
cvssV3score Double: Common Vulnerability Scoring System (CVSS) Version 3.
id String: Unique vulnerability identifier, e.g. CVE-1999-0067.
isFalsePositive Boolean: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
isIgnored Boolean: Indicates if the vulnerability was ignored according to the audit configuration.
severity String: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source String: vulnerability audit source.

cvssV2score number: Common Vulnerability Scoring System (CVSS) Version 2.
cvssV3score number: Common Vulnerability Scoring System (CVSS) Version 3.
id string: Unique vulnerability identifier, e.g. CVE-1999-0067.
isFalsePositive boolean: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
isIgnored boolean: Indicates if the vulnerability was ignored according to the audit configuration.
severity string: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source string: vulnerability audit source.

cvss_v2score float: Common Vulnerability Scoring System (CVSS) Version 2.
cvss_v3score float: Common Vulnerability Scoring System (CVSS) Version 3.
id str: Unique vulnerability identifier, e.g. CVE-1999-0067.
is_false_positive bool: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
is_ignored bool: Indicates if the vulnerability was ignored according to the audit configuration.
severity str: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source str: vulnerability audit source.

cvssV2score Number: Common Vulnerability Scoring System (CVSS) Version 2.
cvssV3score Number: Common Vulnerability Scoring System (CVSS) Version 3.
id String: Unique vulnerability identifier, e.g. CVE-1999-0067.
isFalsePositive Boolean: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
isIgnored Boolean: Indicates if the vulnerability was ignored according to the audit configuration.
severity String: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source String: vulnerability audit source.

Import

VulnerabilityAudits can be imported using the id, e.g.

$ pulumi import oci:Adm/vulnerabilityAudit:VulnerabilityAudit test_vulnerability_audit "id"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi

pulumi/pulumi-oci

oci.Adm.VulnerabilityAudit

On this page

On this page

Example Usage

Create VulnerabilityAudit Resource

Constructor syntax

Parameters

Constructor example

VulnerabilityAudit Resource Properties

Inputs

Outputs

Look up Existing VulnerabilityAudit Resource

Supporting Types

VulnerabilityAuditApplicationDependency, VulnerabilityAuditApplicationDependencyArgs

VulnerabilityAuditConfiguration, VulnerabilityAuditConfigurationArgs

VulnerabilityAuditSource, VulnerabilityAuditSourceArgs

VulnerabilityAuditUsageData, VulnerabilityAuditUsageDataArgs

VulnerabilityAuditVulnerability, VulnerabilityAuditVulnerabilityArgs

Import

Package Details

On this page

On this page