Docs
PackagesGoogle Cloud Native is in preview. Google Cloud Classic is fully supported.
Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi
google-native.containeranalysis/v1alpha1.Note
Explore with Pulumi AI
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi
Creates a new Note.
Create Note Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Note(name: string, args?: NoteArgs, opts?: CustomResourceOptions);@overload
def Note(resource_name: str,
args: Optional[NoteArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def Note(resource_name: str,
opts: Optional[ResourceOptions] = None,
attestation_authority: Optional[AttestationAuthorityArgs] = None,
base_image: Optional[BasisArgs] = None,
build_type: Optional[BuildTypeArgs] = None,
compliance: Optional[ComplianceNoteArgs] = None,
deployable: Optional[DeployableArgs] = None,
discovery: Optional[DiscoveryArgs] = None,
dsse_attestation: Optional[DSSEAttestationNoteArgs] = None,
expiration_time: Optional[str] = None,
long_description: Optional[str] = None,
name: Optional[str] = None,
note_id: Optional[str] = None,
package: Optional[PackageArgs] = None,
project: Optional[str] = None,
related_url: Optional[Sequence[RelatedUrlArgs]] = None,
sbom: Optional[DocumentNoteArgs] = None,
sbom_reference: Optional[SBOMReferenceNoteArgs] = None,
short_description: Optional[str] = None,
spdx_file: Optional[FileNoteArgs] = None,
spdx_package: Optional[PackageInfoNoteArgs] = None,
spdx_relationship: Optional[RelationshipNoteArgs] = None,
upgrade: Optional[UpgradeNoteArgs] = None,
vulnerability_assessment: Optional[VulnerabilityAssessmentNoteArgs] = None,
vulnerability_type: Optional[VulnerabilityTypeArgs] = None)func NewNote(ctx *Context, name string, args *NoteArgs, opts ...ResourceOption) (*Note, error)public Note(string name, NoteArgs? args = null, CustomResourceOptions? opts = null)type: google-native:containeranalysis/v1alpha1:Note
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args NoteArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args NoteArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args NoteArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args NoteArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args NoteArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var google_nativeNoteResource = new GoogleNative.ContainerAnalysis.V1Alpha1.Note("google-nativeNoteResource", new()
{
AttestationAuthority = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.AttestationAuthorityArgs
{
Hint = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.AttestationAuthorityHintArgs
{
HumanReadableName = "string",
},
},
BaseImage = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.BasisArgs
{
Fingerprint = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.FingerprintArgs
{
V1Name = "string",
V2Blob = new[]
{
"string",
},
},
ResourceUrl = "string",
},
BuildType = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.BuildTypeArgs
{
BuilderVersion = "string",
Signature = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.BuildSignatureArgs
{
KeyId = "string",
KeyType = GoogleNative.ContainerAnalysis.V1Alpha1.BuildSignatureKeyType.KeyTypeUnspecified,
PublicKey = "string",
Signature = "string",
},
},
Compliance = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.ComplianceNoteArgs
{
CisBenchmark = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.CisBenchmarkArgs
{
ProfileLevel = 0,
Severity = GoogleNative.ContainerAnalysis.V1Alpha1.CisBenchmarkSeverity.SeverityUnspecified,
},
Description = "string",
Rationale = "string",
Remediation = "string",
ScanInstructions = "string",
Title = "string",
Version = new[]
{
new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.ComplianceVersionArgs
{
BenchmarkDocument = "string",
CpeUri = "string",
Version = "string",
},
},
},
Deployable = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DeployableArgs
{
ResourceUri = new[]
{
"string",
},
},
Discovery = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DiscoveryArgs
{
AnalysisKind = GoogleNative.ContainerAnalysis.V1Alpha1.DiscoveryAnalysisKind.KindUnspecified,
},
DsseAttestation = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DSSEAttestationNoteArgs
{
Hint = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DSSEHintArgs
{
HumanReadableName = "string",
},
},
ExpirationTime = "string",
LongDescription = "string",
Name = "string",
NoteId = "string",
Package = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.PackageArgs
{
Architecture = GoogleNative.ContainerAnalysis.V1Alpha1.PackageArchitecture.ArchitectureUnspecified,
CpeUri = "string",
Description = "string",
Digest = new[]
{
new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DigestArgs
{
Algo = "string",
DigestBytes = "string",
},
},
Distribution = new[]
{
new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DistributionArgs
{
Architecture = GoogleNative.ContainerAnalysis.V1Alpha1.DistributionArchitecture.ArchitectureUnspecified,
CpeUri = "string",
Description = "string",
LatestVersion = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionArgs
{
Epoch = 0,
Inclusive = false,
Kind = GoogleNative.ContainerAnalysis.V1Alpha1.VersionKind.Normal,
Name = "string",
Revision = "string",
},
Maintainer = "string",
Url = "string",
},
},
License = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.LicenseArgs
{
Comments = "string",
Expression = "string",
},
Maintainer = "string",
Name = "string",
PackageType = "string",
Url = "string",
Version = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionArgs
{
Epoch = 0,
Inclusive = false,
Kind = GoogleNative.ContainerAnalysis.V1Alpha1.VersionKind.Normal,
Name = "string",
Revision = "string",
},
},
Project = "string",
RelatedUrl = new[]
{
new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.RelatedUrlArgs
{
Label = "string",
Url = "string",
},
},
Sbom = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DocumentNoteArgs
{
DataLicence = "string",
SpdxVersion = "string",
},
SbomReference = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.SBOMReferenceNoteArgs
{
Format = "string",
Version = "string",
},
ShortDescription = "string",
SpdxFile = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.FileNoteArgs
{
Checksum = new[]
{
"string",
},
FileType = GoogleNative.ContainerAnalysis.V1Alpha1.FileNoteFileType.FileTypeUnspecified,
Title = "string",
},
SpdxPackage = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.PackageInfoNoteArgs
{
Analyzed = false,
Attribution = "string",
Checksum = "string",
Copyright = "string",
DetailedDescription = "string",
DownloadLocation = "string",
ExternalRefs = new[]
{
new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.ExternalRefArgs
{
Category = GoogleNative.ContainerAnalysis.V1Alpha1.ExternalRefCategory.CategoryUnspecified,
Comment = "string",
Locator = "string",
Type = "string",
},
},
FilesLicenseInfo = new[]
{
"string",
},
HomePage = "string",
LicenseDeclared = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.LicenseArgs
{
Comments = "string",
Expression = "string",
},
Originator = "string",
PackageType = "string",
SummaryDescription = "string",
Supplier = "string",
Title = "string",
VerificationCode = "string",
Version = "string",
},
SpdxRelationship = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.RelationshipNoteArgs
{
Type = GoogleNative.ContainerAnalysis.V1Alpha1.RelationshipNoteType.RelationshipTypeUnspecified,
},
Upgrade = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.UpgradeNoteArgs
{
Distributions = new[]
{
new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.UpgradeDistributionArgs
{
Classification = "string",
CpeUri = "string",
Cve = new[]
{
"string",
},
Severity = "string",
},
},
Package = "string",
Version = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionArgs
{
Epoch = 0,
Inclusive = false,
Kind = GoogleNative.ContainerAnalysis.V1Alpha1.VersionKind.Normal,
Name = "string",
Revision = "string",
},
},
VulnerabilityAssessment = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VulnerabilityAssessmentNoteArgs
{
Assessment = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.AssessmentArgs
{
Cve = "string",
Impacts = new[]
{
"string",
},
Justification = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.JustificationArgs
{
Details = "string",
JustificationType = GoogleNative.ContainerAnalysis.V1Alpha1.JustificationJustificationType.JustificationTypeUnspecified,
},
LongDescription = "string",
RelatedUris = new[]
{
new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.URIArgs
{
Label = "string",
Uri = "string",
},
},
Remediations = new[]
{
new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.RemediationArgs
{
Details = "string",
RemediationType = GoogleNative.ContainerAnalysis.V1Alpha1.RemediationRemediationType.RemediationTypeUnspecified,
RemediationUri = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.URIArgs
{
Label = "string",
Uri = "string",
},
},
},
ShortDescription = "string",
State = GoogleNative.ContainerAnalysis.V1Alpha1.AssessmentState.StateUnspecified,
VulnerabilityId = "string",
},
LanguageCode = "string",
LongDescription = "string",
Product = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.ProductArgs
{
Id = "string",
IdentifierHelper = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.IdentifierHelperArgs
{
Field = GoogleNative.ContainerAnalysis.V1Alpha1.IdentifierHelperField.IdentifierHelperFieldUnspecified,
GenericUri = "string",
},
Name = "string",
},
Publisher = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.PublisherArgs
{
IssuingAuthority = "string",
Name = "string",
PublisherNamespace = "string",
},
ShortDescription = "string",
Title = "string",
},
VulnerabilityType = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VulnerabilityTypeArgs
{
CvssScore = 0,
CvssV2 = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.CVSSArgs
{
AttackComplexity = GoogleNative.ContainerAnalysis.V1Alpha1.CVSSAttackComplexity.AttackComplexityUnspecified,
AttackVector = GoogleNative.ContainerAnalysis.V1Alpha1.CVSSAttackVector.AttackVectorUnspecified,
Authentication = GoogleNative.ContainerAnalysis.V1Alpha1.CVSSAuthentication.AuthenticationUnspecified,
AvailabilityImpact = GoogleNative.ContainerAnalysis.V1Alpha1.CVSSAvailabilityImpact.ImpactUnspecified,
BaseScore = 0,
ConfidentialityImpact = GoogleNative.ContainerAnalysis.V1Alpha1.CVSSConfidentialityImpact.ImpactUnspecified,
ExploitabilityScore = 0,
ImpactScore = 0,
IntegrityImpact = GoogleNative.ContainerAnalysis.V1Alpha1.CVSSIntegrityImpact.ImpactUnspecified,
PrivilegesRequired = GoogleNative.ContainerAnalysis.V1Alpha1.CVSSPrivilegesRequired.PrivilegesRequiredUnspecified,
Scope = GoogleNative.ContainerAnalysis.V1Alpha1.CVSSScope.ScopeUnspecified,
UserInteraction = GoogleNative.ContainerAnalysis.V1Alpha1.CVSSUserInteraction.UserInteractionUnspecified,
},
CvssVersion = GoogleNative.ContainerAnalysis.V1Alpha1.VulnerabilityTypeCvssVersion.CvssVersionUnspecified,
Cwe = new[]
{
"string",
},
Details = new[]
{
new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DetailArgs
{
CpeUri = "string",
Description = "string",
FixedLocation = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VulnerabilityLocationArgs
{
CpeUri = "string",
FileLocation = new[]
{
new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.FileLocationArgs
{
FilePath = "string",
},
},
Package = "string",
Version = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionArgs
{
Epoch = 0,
Inclusive = false,
Kind = GoogleNative.ContainerAnalysis.V1Alpha1.VersionKind.Normal,
Name = "string",
Revision = "string",
},
},
IsObsolete = false,
MaxAffectedVersion = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionArgs
{
Epoch = 0,
Inclusive = false,
Kind = GoogleNative.ContainerAnalysis.V1Alpha1.VersionKind.Normal,
Name = "string",
Revision = "string",
},
MinAffectedVersion = new GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionArgs
{
Epoch = 0,
Inclusive = false,
Kind = GoogleNative.ContainerAnalysis.V1Alpha1.VersionKind.Normal,
Name = "string",
Revision = "string",
},
Package = "string",
PackageType = "string",
SeverityName = "string",
Source = "string",
Vendor = "string",
},
},
Severity = GoogleNative.ContainerAnalysis.V1Alpha1.VulnerabilityTypeSeverity.SeverityUnspecified,
},
});
example, err := containeranalysisv1alpha1.NewNote(ctx, "google-nativeNoteResource", &containeranalysisv1alpha1.NoteArgs{
AttestationAuthority: &containeranalysis.AttestationAuthorityArgs{
Hint: &containeranalysis.AttestationAuthorityHintArgs{
HumanReadableName: pulumi.String("string"),
},
},
BaseImage: &containeranalysis.BasisArgs{
Fingerprint: &containeranalysis.FingerprintArgs{
V1Name: pulumi.String("string"),
V2Blob: pulumi.StringArray{
pulumi.String("string"),
},
},
ResourceUrl: pulumi.String("string"),
},
BuildType: &containeranalysis.BuildTypeArgs{
BuilderVersion: pulumi.String("string"),
Signature: &containeranalysis.BuildSignatureArgs{
KeyId: pulumi.String("string"),
KeyType: containeranalysisv1alpha1.BuildSignatureKeyTypeKeyTypeUnspecified,
PublicKey: pulumi.String("string"),
Signature: pulumi.String("string"),
},
},
Compliance: &containeranalysis.ComplianceNoteArgs{
CisBenchmark: &containeranalysis.CisBenchmarkArgs{
ProfileLevel: pulumi.Int(0),
Severity: containeranalysisv1alpha1.CisBenchmarkSeveritySeverityUnspecified,
},
Description: pulumi.String("string"),
Rationale: pulumi.String("string"),
Remediation: pulumi.String("string"),
ScanInstructions: pulumi.String("string"),
Title: pulumi.String("string"),
Version: containeranalysis.ComplianceVersionArray{
&containeranalysis.ComplianceVersionArgs{
BenchmarkDocument: pulumi.String("string"),
CpeUri: pulumi.String("string"),
Version: pulumi.String("string"),
},
},
},
Deployable: &containeranalysis.DeployableArgs{
ResourceUri: pulumi.StringArray{
pulumi.String("string"),
},
},
Discovery: &containeranalysis.DiscoveryArgs{
AnalysisKind: containeranalysisv1alpha1.DiscoveryAnalysisKindKindUnspecified,
},
DsseAttestation: &containeranalysis.DSSEAttestationNoteArgs{
Hint: &containeranalysis.DSSEHintArgs{
HumanReadableName: pulumi.String("string"),
},
},
ExpirationTime: pulumi.String("string"),
LongDescription: pulumi.String("string"),
Name: pulumi.String("string"),
NoteId: pulumi.String("string"),
Package: &containeranalysis.PackageArgs{
Architecture: containeranalysisv1alpha1.PackageArchitectureArchitectureUnspecified,
CpeUri: pulumi.String("string"),
Description: pulumi.String("string"),
Digest: containeranalysis.DigestArray{
&containeranalysis.DigestArgs{
Algo: pulumi.String("string"),
DigestBytes: pulumi.String("string"),
},
},
Distribution: containeranalysis.DistributionArray{
&containeranalysis.DistributionArgs{
Architecture: containeranalysisv1alpha1.DistributionArchitectureArchitectureUnspecified,
CpeUri: pulumi.String("string"),
Description: pulumi.String("string"),
LatestVersion: &containeranalysis.VersionArgs{
Epoch: pulumi.Int(0),
Inclusive: pulumi.Bool(false),
Kind: containeranalysisv1alpha1.VersionKindNormal,
Name: pulumi.String("string"),
Revision: pulumi.String("string"),
},
Maintainer: pulumi.String("string"),
Url: pulumi.String("string"),
},
},
License: &containeranalysis.LicenseArgs{
Comments: pulumi.String("string"),
Expression: pulumi.String("string"),
},
Maintainer: pulumi.String("string"),
Name: pulumi.String("string"),
PackageType: pulumi.String("string"),
Url: pulumi.String("string"),
Version: &containeranalysis.VersionArgs{
Epoch: pulumi.Int(0),
Inclusive: pulumi.Bool(false),
Kind: containeranalysisv1alpha1.VersionKindNormal,
Name: pulumi.String("string"),
Revision: pulumi.String("string"),
},
},
Project: pulumi.String("string"),
RelatedUrl: containeranalysis.RelatedUrlArray{
&containeranalysis.RelatedUrlArgs{
Label: pulumi.String("string"),
Url: pulumi.String("string"),
},
},
Sbom: &containeranalysis.DocumentNoteArgs{
DataLicence: pulumi.String("string"),
SpdxVersion: pulumi.String("string"),
},
SbomReference: &containeranalysis.SBOMReferenceNoteArgs{
Format: pulumi.String("string"),
Version: pulumi.String("string"),
},
ShortDescription: pulumi.String("string"),
SpdxFile: &containeranalysis.FileNoteArgs{
Checksum: pulumi.StringArray{
pulumi.String("string"),
},
FileType: containeranalysisv1alpha1.FileNoteFileTypeFileTypeUnspecified,
Title: pulumi.String("string"),
},
SpdxPackage: &containeranalysis.PackageInfoNoteArgs{
Analyzed: pulumi.Bool(false),
Attribution: pulumi.String("string"),
Checksum: pulumi.String("string"),
Copyright: pulumi.String("string"),
DetailedDescription: pulumi.String("string"),
DownloadLocation: pulumi.String("string"),
ExternalRefs: containeranalysis.ExternalRefArray{
&containeranalysis.ExternalRefArgs{
Category: containeranalysisv1alpha1.ExternalRefCategoryCategoryUnspecified,
Comment: pulumi.String("string"),
Locator: pulumi.String("string"),
Type: pulumi.String("string"),
},
},
FilesLicenseInfo: pulumi.StringArray{
pulumi.String("string"),
},
HomePage: pulumi.String("string"),
LicenseDeclared: &containeranalysis.LicenseArgs{
Comments: pulumi.String("string"),
Expression: pulumi.String("string"),
},
Originator: pulumi.String("string"),
PackageType: pulumi.String("string"),
SummaryDescription: pulumi.String("string"),
Supplier: pulumi.String("string"),
Title: pulumi.String("string"),
VerificationCode: pulumi.String("string"),
Version: pulumi.String("string"),
},
SpdxRelationship: &containeranalysis.RelationshipNoteArgs{
Type: containeranalysisv1alpha1.RelationshipNoteTypeRelationshipTypeUnspecified,
},
Upgrade: &containeranalysis.UpgradeNoteArgs{
Distributions: containeranalysis.UpgradeDistributionArray{
&containeranalysis.UpgradeDistributionArgs{
Classification: pulumi.String("string"),
CpeUri: pulumi.String("string"),
Cve: pulumi.StringArray{
pulumi.String("string"),
},
Severity: pulumi.String("string"),
},
},
Package: pulumi.String("string"),
Version: &containeranalysis.VersionArgs{
Epoch: pulumi.Int(0),
Inclusive: pulumi.Bool(false),
Kind: containeranalysisv1alpha1.VersionKindNormal,
Name: pulumi.String("string"),
Revision: pulumi.String("string"),
},
},
VulnerabilityAssessment: &containeranalysis.VulnerabilityAssessmentNoteArgs{
Assessment: &containeranalysis.AssessmentArgs{
Cve: pulumi.String("string"),
Impacts: pulumi.StringArray{
pulumi.String("string"),
},
Justification: &containeranalysis.JustificationArgs{
Details: pulumi.String("string"),
JustificationType: containeranalysisv1alpha1.JustificationJustificationTypeJustificationTypeUnspecified,
},
LongDescription: pulumi.String("string"),
RelatedUris: containeranalysis.URIArray{
&containeranalysis.URIArgs{
Label: pulumi.String("string"),
Uri: pulumi.String("string"),
},
},
Remediations: containeranalysis.RemediationArray{
&containeranalysis.RemediationArgs{
Details: pulumi.String("string"),
RemediationType: containeranalysisv1alpha1.RemediationRemediationTypeRemediationTypeUnspecified,
RemediationUri: &containeranalysis.URIArgs{
Label: pulumi.String("string"),
Uri: pulumi.String("string"),
},
},
},
ShortDescription: pulumi.String("string"),
State: containeranalysisv1alpha1.AssessmentStateStateUnspecified,
VulnerabilityId: pulumi.String("string"),
},
LanguageCode: pulumi.String("string"),
LongDescription: pulumi.String("string"),
Product: &containeranalysis.ProductArgs{
Id: pulumi.String("string"),
IdentifierHelper: &containeranalysis.IdentifierHelperArgs{
Field: containeranalysisv1alpha1.IdentifierHelperFieldIdentifierHelperFieldUnspecified,
GenericUri: pulumi.String("string"),
},
Name: pulumi.String("string"),
},
Publisher: &containeranalysis.PublisherArgs{
IssuingAuthority: pulumi.String("string"),
Name: pulumi.String("string"),
PublisherNamespace: pulumi.String("string"),
},
ShortDescription: pulumi.String("string"),
Title: pulumi.String("string"),
},
VulnerabilityType: &containeranalysis.VulnerabilityTypeArgs{
CvssScore: pulumi.Float64(0),
CvssV2: &containeranalysis.CVSSArgs{
AttackComplexity: containeranalysisv1alpha1.CVSSAttackComplexityAttackComplexityUnspecified,
AttackVector: containeranalysisv1alpha1.CVSSAttackVectorAttackVectorUnspecified,
Authentication: containeranalysisv1alpha1.CVSSAuthenticationAuthenticationUnspecified,
AvailabilityImpact: containeranalysisv1alpha1.CVSSAvailabilityImpactImpactUnspecified,
BaseScore: pulumi.Float64(0),
ConfidentialityImpact: containeranalysisv1alpha1.CVSSConfidentialityImpactImpactUnspecified,
ExploitabilityScore: pulumi.Float64(0),
ImpactScore: pulumi.Float64(0),
IntegrityImpact: containeranalysisv1alpha1.CVSSIntegrityImpactImpactUnspecified,
PrivilegesRequired: containeranalysisv1alpha1.CVSSPrivilegesRequiredPrivilegesRequiredUnspecified,
Scope: containeranalysisv1alpha1.CVSSScopeScopeUnspecified,
UserInteraction: containeranalysisv1alpha1.CVSSUserInteractionUserInteractionUnspecified,
},
CvssVersion: containeranalysisv1alpha1.VulnerabilityTypeCvssVersionCvssVersionUnspecified,
Cwe: pulumi.StringArray{
pulumi.String("string"),
},
Details: containeranalysis.DetailArray{
&containeranalysis.DetailArgs{
CpeUri: pulumi.String("string"),
Description: pulumi.String("string"),
FixedLocation: &containeranalysis.VulnerabilityLocationArgs{
CpeUri: pulumi.String("string"),
FileLocation: containeranalysis.FileLocationArray{
&containeranalysis.FileLocationArgs{
FilePath: pulumi.String("string"),
},
},
Package: pulumi.String("string"),
Version: &containeranalysis.VersionArgs{
Epoch: pulumi.Int(0),
Inclusive: pulumi.Bool(false),
Kind: containeranalysisv1alpha1.VersionKindNormal,
Name: pulumi.String("string"),
Revision: pulumi.String("string"),
},
},
IsObsolete: pulumi.Bool(false),
MaxAffectedVersion: &containeranalysis.VersionArgs{
Epoch: pulumi.Int(0),
Inclusive: pulumi.Bool(false),
Kind: containeranalysisv1alpha1.VersionKindNormal,
Name: pulumi.String("string"),
Revision: pulumi.String("string"),
},
MinAffectedVersion: &containeranalysis.VersionArgs{
Epoch: pulumi.Int(0),
Inclusive: pulumi.Bool(false),
Kind: containeranalysisv1alpha1.VersionKindNormal,
Name: pulumi.String("string"),
Revision: pulumi.String("string"),
},
Package: pulumi.String("string"),
PackageType: pulumi.String("string"),
SeverityName: pulumi.String("string"),
Source: pulumi.String("string"),
Vendor: pulumi.String("string"),
},
},
Severity: containeranalysisv1alpha1.VulnerabilityTypeSeveritySeverityUnspecified,
},
})
var google_nativeNoteResource = new Note("google-nativeNoteResource", NoteArgs.builder()
.attestationAuthority(AttestationAuthorityArgs.builder()
.hint(AttestationAuthorityHintArgs.builder()
.humanReadableName("string")
.build())
.build())
.baseImage(BasisArgs.builder()
.fingerprint(FingerprintArgs.builder()
.v1Name("string")
.v2Blob("string")
.build())
.resourceUrl("string")
.build())
.buildType(BuildTypeArgs.builder()
.builderVersion("string")
.signature(BuildSignatureArgs.builder()
.keyId("string")
.keyType("KEY_TYPE_UNSPECIFIED")
.publicKey("string")
.signature("string")
.build())
.build())
.compliance(ComplianceNoteArgs.builder()
.cisBenchmark(CisBenchmarkArgs.builder()
.profileLevel(0)
.severity("SEVERITY_UNSPECIFIED")
.build())
.description("string")
.rationale("string")
.remediation("string")
.scanInstructions("string")
.title("string")
.version(ComplianceVersionArgs.builder()
.benchmarkDocument("string")
.cpeUri("string")
.version("string")
.build())
.build())
.deployable(DeployableArgs.builder()
.resourceUri("string")
.build())
.discovery(DiscoveryArgs.builder()
.analysisKind("KIND_UNSPECIFIED")
.build())
.dsseAttestation(DSSEAttestationNoteArgs.builder()
.hint(DSSEHintArgs.builder()
.humanReadableName("string")
.build())
.build())
.expirationTime("string")
.longDescription("string")
.name("string")
.noteId("string")
.package_(PackageArgs.builder()
.architecture("ARCHITECTURE_UNSPECIFIED")
.cpeUri("string")
.description("string")
.digest(DigestArgs.builder()
.algo("string")
.digestBytes("string")
.build())
.distribution(DistributionArgs.builder()
.architecture("ARCHITECTURE_UNSPECIFIED")
.cpeUri("string")
.description("string")
.latestVersion(VersionArgs.builder()
.epoch(0)
.inclusive(false)
.kind("NORMAL")
.name("string")
.revision("string")
.build())
.maintainer("string")
.url("string")
.build())
.license(LicenseArgs.builder()
.comments("string")
.expression("string")
.build())
.maintainer("string")
.name("string")
.packageType("string")
.url("string")
.version(VersionArgs.builder()
.epoch(0)
.inclusive(false)
.kind("NORMAL")
.name("string")
.revision("string")
.build())
.build())
.project("string")
.relatedUrl(RelatedUrlArgs.builder()
.label("string")
.url("string")
.build())
.sbom(DocumentNoteArgs.builder()
.dataLicence("string")
.spdxVersion("string")
.build())
.sbomReference(SBOMReferenceNoteArgs.builder()
.format("string")
.version("string")
.build())
.shortDescription("string")
.spdxFile(FileNoteArgs.builder()
.checksum("string")
.fileType("FILE_TYPE_UNSPECIFIED")
.title("string")
.build())
.spdxPackage(PackageInfoNoteArgs.builder()
.analyzed(false)
.attribution("string")
.checksum("string")
.copyright("string")
.detailedDescription("string")
.downloadLocation("string")
.externalRefs(ExternalRefArgs.builder()
.category("CATEGORY_UNSPECIFIED")
.comment("string")
.locator("string")
.type("string")
.build())
.filesLicenseInfo("string")
.homePage("string")
.licenseDeclared(LicenseArgs.builder()
.comments("string")
.expression("string")
.build())
.originator("string")
.packageType("string")
.summaryDescription("string")
.supplier("string")
.title("string")
.verificationCode("string")
.version("string")
.build())
.spdxRelationship(RelationshipNoteArgs.builder()
.type("RELATIONSHIP_TYPE_UNSPECIFIED")
.build())
.upgrade(UpgradeNoteArgs.builder()
.distributions(UpgradeDistributionArgs.builder()
.classification("string")
.cpeUri("string")
.cve("string")
.severity("string")
.build())
.package_("string")
.version(VersionArgs.builder()
.epoch(0)
.inclusive(false)
.kind("NORMAL")
.name("string")
.revision("string")
.build())
.build())
.vulnerabilityAssessment(VulnerabilityAssessmentNoteArgs.builder()
.assessment(AssessmentArgs.builder()
.cve("string")
.impacts("string")
.justification(JustificationArgs.builder()
.details("string")
.justificationType("JUSTIFICATION_TYPE_UNSPECIFIED")
.build())
.longDescription("string")
.relatedUris(URIArgs.builder()
.label("string")
.uri("string")
.build())
.remediations(RemediationArgs.builder()
.details("string")
.remediationType("REMEDIATION_TYPE_UNSPECIFIED")
.remediationUri(URIArgs.builder()
.label("string")
.uri("string")
.build())
.build())
.shortDescription("string")
.state("STATE_UNSPECIFIED")
.vulnerabilityId("string")
.build())
.languageCode("string")
.longDescription("string")
.product(ProductArgs.builder()
.id("string")
.identifierHelper(IdentifierHelperArgs.builder()
.field("IDENTIFIER_HELPER_FIELD_UNSPECIFIED")
.genericUri("string")
.build())
.name("string")
.build())
.publisher(PublisherArgs.builder()
.issuingAuthority("string")
.name("string")
.publisherNamespace("string")
.build())
.shortDescription("string")
.title("string")
.build())
.vulnerabilityType(VulnerabilityTypeArgs.builder()
.cvssScore(0)
.cvssV2(CVSSArgs.builder()
.attackComplexity("ATTACK_COMPLEXITY_UNSPECIFIED")
.attackVector("ATTACK_VECTOR_UNSPECIFIED")
.authentication("AUTHENTICATION_UNSPECIFIED")
.availabilityImpact("IMPACT_UNSPECIFIED")
.baseScore(0)
.confidentialityImpact("IMPACT_UNSPECIFIED")
.exploitabilityScore(0)
.impactScore(0)
.integrityImpact("IMPACT_UNSPECIFIED")
.privilegesRequired("PRIVILEGES_REQUIRED_UNSPECIFIED")
.scope("SCOPE_UNSPECIFIED")
.userInteraction("USER_INTERACTION_UNSPECIFIED")
.build())
.cvssVersion("CVSS_VERSION_UNSPECIFIED")
.cwe("string")
.details(DetailArgs.builder()
.cpeUri("string")
.description("string")
.fixedLocation(VulnerabilityLocationArgs.builder()
.cpeUri("string")
.fileLocation(FileLocationArgs.builder()
.filePath("string")
.build())
.package_("string")
.version(VersionArgs.builder()
.epoch(0)
.inclusive(false)
.kind("NORMAL")
.name("string")
.revision("string")
.build())
.build())
.isObsolete(false)
.maxAffectedVersion(VersionArgs.builder()
.epoch(0)
.inclusive(false)
.kind("NORMAL")
.name("string")
.revision("string")
.build())
.minAffectedVersion(VersionArgs.builder()
.epoch(0)
.inclusive(false)
.kind("NORMAL")
.name("string")
.revision("string")
.build())
.package_("string")
.packageType("string")
.severityName("string")
.source("string")
.vendor("string")
.build())
.severity("SEVERITY_UNSPECIFIED")
.build())
.build());
google_native_note_resource = google_native.containeranalysis.v1alpha1.Note("google-nativeNoteResource",
attestation_authority=google_native.containeranalysis.v1alpha1.AttestationAuthorityArgs(
hint=google_native.containeranalysis.v1alpha1.AttestationAuthorityHintArgs(
human_readable_name="string",
),
),
base_image=google_native.containeranalysis.v1alpha1.BasisArgs(
fingerprint=google_native.containeranalysis.v1alpha1.FingerprintArgs(
v1_name="string",
v2_blob=["string"],
),
resource_url="string",
),
build_type=google_native.containeranalysis.v1alpha1.BuildTypeArgs(
builder_version="string",
signature=google_native.containeranalysis.v1alpha1.BuildSignatureArgs(
key_id="string",
key_type=google_native.containeranalysis.v1alpha1.BuildSignatureKeyType.KEY_TYPE_UNSPECIFIED,
public_key="string",
signature="string",
),
),
compliance=google_native.containeranalysis.v1alpha1.ComplianceNoteArgs(
cis_benchmark=google_native.containeranalysis.v1alpha1.CisBenchmarkArgs(
profile_level=0,
severity=google_native.containeranalysis.v1alpha1.CisBenchmarkSeverity.SEVERITY_UNSPECIFIED,
),
description="string",
rationale="string",
remediation="string",
scan_instructions="string",
title="string",
version=[google_native.containeranalysis.v1alpha1.ComplianceVersionArgs(
benchmark_document="string",
cpe_uri="string",
version="string",
)],
),
deployable=google_native.containeranalysis.v1alpha1.DeployableArgs(
resource_uri=["string"],
),
discovery=google_native.containeranalysis.v1alpha1.DiscoveryArgs(
analysis_kind=google_native.containeranalysis.v1alpha1.DiscoveryAnalysisKind.KIND_UNSPECIFIED,
),
dsse_attestation=google_native.containeranalysis.v1alpha1.DSSEAttestationNoteArgs(
hint=google_native.containeranalysis.v1alpha1.DSSEHintArgs(
human_readable_name="string",
),
),
expiration_time="string",
long_description="string",
name="string",
note_id="string",
package=google_native.containeranalysis.v1alpha1.PackageArgs(
architecture=google_native.containeranalysis.v1alpha1.PackageArchitecture.ARCHITECTURE_UNSPECIFIED,
cpe_uri="string",
description="string",
digest=[google_native.containeranalysis.v1alpha1.DigestArgs(
algo="string",
digest_bytes="string",
)],
distribution=[google_native.containeranalysis.v1alpha1.DistributionArgs(
architecture=google_native.containeranalysis.v1alpha1.DistributionArchitecture.ARCHITECTURE_UNSPECIFIED,
cpe_uri="string",
description="string",
latest_version=google_native.containeranalysis.v1alpha1.VersionArgs(
epoch=0,
inclusive=False,
kind=google_native.containeranalysis.v1alpha1.VersionKind.NORMAL,
name="string",
revision="string",
),
maintainer="string",
url="string",
)],
license=google_native.containeranalysis.v1alpha1.LicenseArgs(
comments="string",
expression="string",
),
maintainer="string",
name="string",
package_type="string",
url="string",
version=google_native.containeranalysis.v1alpha1.VersionArgs(
epoch=0,
inclusive=False,
kind=google_native.containeranalysis.v1alpha1.VersionKind.NORMAL,
name="string",
revision="string",
),
),
project="string",
related_url=[google_native.containeranalysis.v1alpha1.RelatedUrlArgs(
label="string",
url="string",
)],
sbom=google_native.containeranalysis.v1alpha1.DocumentNoteArgs(
data_licence="string",
spdx_version="string",
),
sbom_reference=google_native.containeranalysis.v1alpha1.SBOMReferenceNoteArgs(
format="string",
version="string",
),
short_description="string",
spdx_file=google_native.containeranalysis.v1alpha1.FileNoteArgs(
checksum=["string"],
file_type=google_native.containeranalysis.v1alpha1.FileNoteFileType.FILE_TYPE_UNSPECIFIED,
title="string",
),
spdx_package=google_native.containeranalysis.v1alpha1.PackageInfoNoteArgs(
analyzed=False,
attribution="string",
checksum="string",
copyright="string",
detailed_description="string",
download_location="string",
external_refs=[google_native.containeranalysis.v1alpha1.ExternalRefArgs(
category=google_native.containeranalysis.v1alpha1.ExternalRefCategory.CATEGORY_UNSPECIFIED,
comment="string",
locator="string",
type="string",
)],
files_license_info=["string"],
home_page="string",
license_declared=google_native.containeranalysis.v1alpha1.LicenseArgs(
comments="string",
expression="string",
),
originator="string",
package_type="string",
summary_description="string",
supplier="string",
title="string",
verification_code="string",
version="string",
),
spdx_relationship=google_native.containeranalysis.v1alpha1.RelationshipNoteArgs(
type=google_native.containeranalysis.v1alpha1.RelationshipNoteType.RELATIONSHIP_TYPE_UNSPECIFIED,
),
upgrade=google_native.containeranalysis.v1alpha1.UpgradeNoteArgs(
distributions=[google_native.containeranalysis.v1alpha1.UpgradeDistributionArgs(
classification="string",
cpe_uri="string",
cve=["string"],
severity="string",
)],
package="string",
version=google_native.containeranalysis.v1alpha1.VersionArgs(
epoch=0,
inclusive=False,
kind=google_native.containeranalysis.v1alpha1.VersionKind.NORMAL,
name="string",
revision="string",
),
),
vulnerability_assessment=google_native.containeranalysis.v1alpha1.VulnerabilityAssessmentNoteArgs(
assessment=google_native.containeranalysis.v1alpha1.AssessmentArgs(
cve="string",
impacts=["string"],
justification=google_native.containeranalysis.v1alpha1.JustificationArgs(
details="string",
justification_type=google_native.containeranalysis.v1alpha1.JustificationJustificationType.JUSTIFICATION_TYPE_UNSPECIFIED,
),
long_description="string",
related_uris=[google_native.containeranalysis.v1alpha1.URIArgs(
label="string",
uri="string",
)],
remediations=[google_native.containeranalysis.v1alpha1.RemediationArgs(
details="string",
remediation_type=google_native.containeranalysis.v1alpha1.RemediationRemediationType.REMEDIATION_TYPE_UNSPECIFIED,
remediation_uri=google_native.containeranalysis.v1alpha1.URIArgs(
label="string",
uri="string",
),
)],
short_description="string",
state=google_native.containeranalysis.v1alpha1.AssessmentState.STATE_UNSPECIFIED,
vulnerability_id="string",
),
language_code="string",
long_description="string",
product=google_native.containeranalysis.v1alpha1.ProductArgs(
id="string",
identifier_helper=google_native.containeranalysis.v1alpha1.IdentifierHelperArgs(
field=google_native.containeranalysis.v1alpha1.IdentifierHelperField.IDENTIFIER_HELPER_FIELD_UNSPECIFIED,
generic_uri="string",
),
name="string",
),
publisher=google_native.containeranalysis.v1alpha1.PublisherArgs(
issuing_authority="string",
name="string",
publisher_namespace="string",
),
short_description="string",
title="string",
),
vulnerability_type=google_native.containeranalysis.v1alpha1.VulnerabilityTypeArgs(
cvss_score=0,
cvss_v2=google_native.containeranalysis.v1alpha1.CVSSArgs(
attack_complexity=google_native.containeranalysis.v1alpha1.CVSSAttackComplexity.ATTACK_COMPLEXITY_UNSPECIFIED,
attack_vector=google_native.containeranalysis.v1alpha1.CVSSAttackVector.ATTACK_VECTOR_UNSPECIFIED,
authentication=google_native.containeranalysis.v1alpha1.CVSSAuthentication.AUTHENTICATION_UNSPECIFIED,
availability_impact=google_native.containeranalysis.v1alpha1.CVSSAvailabilityImpact.IMPACT_UNSPECIFIED,
base_score=0,
confidentiality_impact=google_native.containeranalysis.v1alpha1.CVSSConfidentialityImpact.IMPACT_UNSPECIFIED,
exploitability_score=0,
impact_score=0,
integrity_impact=google_native.containeranalysis.v1alpha1.CVSSIntegrityImpact.IMPACT_UNSPECIFIED,
privileges_required=google_native.containeranalysis.v1alpha1.CVSSPrivilegesRequired.PRIVILEGES_REQUIRED_UNSPECIFIED,
scope=google_native.containeranalysis.v1alpha1.CVSSScope.SCOPE_UNSPECIFIED,
user_interaction=google_native.containeranalysis.v1alpha1.CVSSUserInteraction.USER_INTERACTION_UNSPECIFIED,
),
cvss_version=google_native.containeranalysis.v1alpha1.VulnerabilityTypeCvssVersion.CVSS_VERSION_UNSPECIFIED,
cwe=["string"],
details=[google_native.containeranalysis.v1alpha1.DetailArgs(
cpe_uri="string",
description="string",
fixed_location=google_native.containeranalysis.v1alpha1.VulnerabilityLocationArgs(
cpe_uri="string",
file_location=[google_native.containeranalysis.v1alpha1.FileLocationArgs(
file_path="string",
)],
package="string",
version=google_native.containeranalysis.v1alpha1.VersionArgs(
epoch=0,
inclusive=False,
kind=google_native.containeranalysis.v1alpha1.VersionKind.NORMAL,
name="string",
revision="string",
),
),
is_obsolete=False,
max_affected_version=google_native.containeranalysis.v1alpha1.VersionArgs(
epoch=0,
inclusive=False,
kind=google_native.containeranalysis.v1alpha1.VersionKind.NORMAL,
name="string",
revision="string",
),
min_affected_version=google_native.containeranalysis.v1alpha1.VersionArgs(
epoch=0,
inclusive=False,
kind=google_native.containeranalysis.v1alpha1.VersionKind.NORMAL,
name="string",
revision="string",
),
package="string",
package_type="string",
severity_name="string",
source="string",
vendor="string",
)],
severity=google_native.containeranalysis.v1alpha1.VulnerabilityTypeSeverity.SEVERITY_UNSPECIFIED,
))
const google_nativeNoteResource = new google_native.containeranalysis.v1alpha1.Note("google-nativeNoteResource", {
attestationAuthority: {
hint: {
humanReadableName: "string",
},
},
baseImage: {
fingerprint: {
v1Name: "string",
v2Blob: ["string"],
},
resourceUrl: "string",
},
buildType: {
builderVersion: "string",
signature: {
keyId: "string",
keyType: google_native.containeranalysis.v1alpha1.BuildSignatureKeyType.KeyTypeUnspecified,
publicKey: "string",
signature: "string",
},
},
compliance: {
cisBenchmark: {
profileLevel: 0,
severity: google_native.containeranalysis.v1alpha1.CisBenchmarkSeverity.SeverityUnspecified,
},
description: "string",
rationale: "string",
remediation: "string",
scanInstructions: "string",
title: "string",
version: [{
benchmarkDocument: "string",
cpeUri: "string",
version: "string",
}],
},
deployable: {
resourceUri: ["string"],
},
discovery: {
analysisKind: google_native.containeranalysis.v1alpha1.DiscoveryAnalysisKind.KindUnspecified,
},
dsseAttestation: {
hint: {
humanReadableName: "string",
},
},
expirationTime: "string",
longDescription: "string",
name: "string",
noteId: "string",
"package": {
architecture: google_native.containeranalysis.v1alpha1.PackageArchitecture.ArchitectureUnspecified,
cpeUri: "string",
description: "string",
digest: [{
algo: "string",
digestBytes: "string",
}],
distribution: [{
architecture: google_native.containeranalysis.v1alpha1.DistributionArchitecture.ArchitectureUnspecified,
cpeUri: "string",
description: "string",
latestVersion: {
epoch: 0,
inclusive: false,
kind: google_native.containeranalysis.v1alpha1.VersionKind.Normal,
name: "string",
revision: "string",
},
maintainer: "string",
url: "string",
}],
license: {
comments: "string",
expression: "string",
},
maintainer: "string",
name: "string",
packageType: "string",
url: "string",
version: {
epoch: 0,
inclusive: false,
kind: google_native.containeranalysis.v1alpha1.VersionKind.Normal,
name: "string",
revision: "string",
},
},
project: "string",
relatedUrl: [{
label: "string",
url: "string",
}],
sbom: {
dataLicence: "string",
spdxVersion: "string",
},
sbomReference: {
format: "string",
version: "string",
},
shortDescription: "string",
spdxFile: {
checksum: ["string"],
fileType: google_native.containeranalysis.v1alpha1.FileNoteFileType.FileTypeUnspecified,
title: "string",
},
spdxPackage: {
analyzed: false,
attribution: "string",
checksum: "string",
copyright: "string",
detailedDescription: "string",
downloadLocation: "string",
externalRefs: [{
category: google_native.containeranalysis.v1alpha1.ExternalRefCategory.CategoryUnspecified,
comment: "string",
locator: "string",
type: "string",
}],
filesLicenseInfo: ["string"],
homePage: "string",
licenseDeclared: {
comments: "string",
expression: "string",
},
originator: "string",
packageType: "string",
summaryDescription: "string",
supplier: "string",
title: "string",
verificationCode: "string",
version: "string",
},
spdxRelationship: {
type: google_native.containeranalysis.v1alpha1.RelationshipNoteType.RelationshipTypeUnspecified,
},
upgrade: {
distributions: [{
classification: "string",
cpeUri: "string",
cve: ["string"],
severity: "string",
}],
"package": "string",
version: {
epoch: 0,
inclusive: false,
kind: google_native.containeranalysis.v1alpha1.VersionKind.Normal,
name: "string",
revision: "string",
},
},
vulnerabilityAssessment: {
assessment: {
cve: "string",
impacts: ["string"],
justification: {
details: "string",
justificationType: google_native.containeranalysis.v1alpha1.JustificationJustificationType.JustificationTypeUnspecified,
},
longDescription: "string",
relatedUris: [{
label: "string",
uri: "string",
}],
remediations: [{
details: "string",
remediationType: google_native.containeranalysis.v1alpha1.RemediationRemediationType.RemediationTypeUnspecified,
remediationUri: {
label: "string",
uri: "string",
},
}],
shortDescription: "string",
state: google_native.containeranalysis.v1alpha1.AssessmentState.StateUnspecified,
vulnerabilityId: "string",
},
languageCode: "string",
longDescription: "string",
product: {
id: "string",
identifierHelper: {
field: google_native.containeranalysis.v1alpha1.IdentifierHelperField.IdentifierHelperFieldUnspecified,
genericUri: "string",
},
name: "string",
},
publisher: {
issuingAuthority: "string",
name: "string",
publisherNamespace: "string",
},
shortDescription: "string",
title: "string",
},
vulnerabilityType: {
cvssScore: 0,
cvssV2: {
attackComplexity: google_native.containeranalysis.v1alpha1.CVSSAttackComplexity.AttackComplexityUnspecified,
attackVector: google_native.containeranalysis.v1alpha1.CVSSAttackVector.AttackVectorUnspecified,
authentication: google_native.containeranalysis.v1alpha1.CVSSAuthentication.AuthenticationUnspecified,
availabilityImpact: google_native.containeranalysis.v1alpha1.CVSSAvailabilityImpact.ImpactUnspecified,
baseScore: 0,
confidentialityImpact: google_native.containeranalysis.v1alpha1.CVSSConfidentialityImpact.ImpactUnspecified,
exploitabilityScore: 0,
impactScore: 0,
integrityImpact: google_native.containeranalysis.v1alpha1.CVSSIntegrityImpact.ImpactUnspecified,
privilegesRequired: google_native.containeranalysis.v1alpha1.CVSSPrivilegesRequired.PrivilegesRequiredUnspecified,
scope: google_native.containeranalysis.v1alpha1.CVSSScope.ScopeUnspecified,
userInteraction: google_native.containeranalysis.v1alpha1.CVSSUserInteraction.UserInteractionUnspecified,
},
cvssVersion: google_native.containeranalysis.v1alpha1.VulnerabilityTypeCvssVersion.CvssVersionUnspecified,
cwe: ["string"],
details: [{
cpeUri: "string",
description: "string",
fixedLocation: {
cpeUri: "string",
fileLocation: [{
filePath: "string",
}],
"package": "string",
version: {
epoch: 0,
inclusive: false,
kind: google_native.containeranalysis.v1alpha1.VersionKind.Normal,
name: "string",
revision: "string",
},
},
isObsolete: false,
maxAffectedVersion: {
epoch: 0,
inclusive: false,
kind: google_native.containeranalysis.v1alpha1.VersionKind.Normal,
name: "string",
revision: "string",
},
minAffectedVersion: {
epoch: 0,
inclusive: false,
kind: google_native.containeranalysis.v1alpha1.VersionKind.Normal,
name: "string",
revision: "string",
},
"package": "string",
packageType: "string",
severityName: "string",
source: "string",
vendor: "string",
}],
severity: google_native.containeranalysis.v1alpha1.VulnerabilityTypeSeverity.SeverityUnspecified,
},
});
type: google-native:containeranalysis/v1alpha1:Note
properties:
attestationAuthority:
hint:
humanReadableName: string
baseImage:
fingerprint:
v1Name: string
v2Blob:
- string
resourceUrl: string
buildType:
builderVersion: string
signature:
keyId: string
keyType: KEY_TYPE_UNSPECIFIED
publicKey: string
signature: string
compliance:
cisBenchmark:
profileLevel: 0
severity: SEVERITY_UNSPECIFIED
description: string
rationale: string
remediation: string
scanInstructions: string
title: string
version:
- benchmarkDocument: string
cpeUri: string
version: string
deployable:
resourceUri:
- string
discovery:
analysisKind: KIND_UNSPECIFIED
dsseAttestation:
hint:
humanReadableName: string
expirationTime: string
longDescription: string
name: string
noteId: string
package:
architecture: ARCHITECTURE_UNSPECIFIED
cpeUri: string
description: string
digest:
- algo: string
digestBytes: string
distribution:
- architecture: ARCHITECTURE_UNSPECIFIED
cpeUri: string
description: string
latestVersion:
epoch: 0
inclusive: false
kind: NORMAL
name: string
revision: string
maintainer: string
url: string
license:
comments: string
expression: string
maintainer: string
name: string
packageType: string
url: string
version:
epoch: 0
inclusive: false
kind: NORMAL
name: string
revision: string
project: string
relatedUrl:
- label: string
url: string
sbom:
dataLicence: string
spdxVersion: string
sbomReference:
format: string
version: string
shortDescription: string
spdxFile:
checksum:
- string
fileType: FILE_TYPE_UNSPECIFIED
title: string
spdxPackage:
analyzed: false
attribution: string
checksum: string
copyright: string
detailedDescription: string
downloadLocation: string
externalRefs:
- category: CATEGORY_UNSPECIFIED
comment: string
locator: string
type: string
filesLicenseInfo:
- string
homePage: string
licenseDeclared:
comments: string
expression: string
originator: string
packageType: string
summaryDescription: string
supplier: string
title: string
verificationCode: string
version: string
spdxRelationship:
type: RELATIONSHIP_TYPE_UNSPECIFIED
upgrade:
distributions:
- classification: string
cpeUri: string
cve:
- string
severity: string
package: string
version:
epoch: 0
inclusive: false
kind: NORMAL
name: string
revision: string
vulnerabilityAssessment:
assessment:
cve: string
impacts:
- string
justification:
details: string
justificationType: JUSTIFICATION_TYPE_UNSPECIFIED
longDescription: string
relatedUris:
- label: string
uri: string
remediations:
- details: string
remediationType: REMEDIATION_TYPE_UNSPECIFIED
remediationUri:
label: string
uri: string
shortDescription: string
state: STATE_UNSPECIFIED
vulnerabilityId: string
languageCode: string
longDescription: string
product:
id: string
identifierHelper:
field: IDENTIFIER_HELPER_FIELD_UNSPECIFIED
genericUri: string
name: string
publisher:
issuingAuthority: string
name: string
publisherNamespace: string
shortDescription: string
title: string
vulnerabilityType:
cvssScore: 0
cvssV2:
attackComplexity: ATTACK_COMPLEXITY_UNSPECIFIED
attackVector: ATTACK_VECTOR_UNSPECIFIED
authentication: AUTHENTICATION_UNSPECIFIED
availabilityImpact: IMPACT_UNSPECIFIED
baseScore: 0
confidentialityImpact: IMPACT_UNSPECIFIED
exploitabilityScore: 0
impactScore: 0
integrityImpact: IMPACT_UNSPECIFIED
privilegesRequired: PRIVILEGES_REQUIRED_UNSPECIFIED
scope: SCOPE_UNSPECIFIED
userInteraction: USER_INTERACTION_UNSPECIFIED
cvssVersion: CVSS_VERSION_UNSPECIFIED
cwe:
- string
details:
- cpeUri: string
description: string
fixedLocation:
cpeUri: string
fileLocation:
- filePath: string
package: string
version:
epoch: 0
inclusive: false
kind: NORMAL
name: string
revision: string
isObsolete: false
maxAffectedVersion:
epoch: 0
inclusive: false
kind: NORMAL
name: string
revision: string
minAffectedVersion:
epoch: 0
inclusive: false
kind: NORMAL
name: string
revision: string
package: string
packageType: string
severityName: string
source: string
vendor: string
severity: SEVERITY_UNSPECIFIED
Note Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Note resource accepts the following input properties:
-
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Attestation Authority - A note describing an attestation role.
- Base
Image Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Basis - A note describing a base image.
- Build
Type Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Build Type - Build provenance type for a verifiable build.
- Compliance
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Compliance Note - A note describing a compliance check.
- Deployable
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Deployable - A note describing something that can be deployed.
- Discovery
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Discovery - A note describing a provider/analysis type.
- Dsse
Attestation Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. DSSEAttestation Note - A note describing a dsse attestation note.
- Expiration
Time string - Time of expiration for this note, null if note does not expire.
- Long
Description string - A detailed description of this
Note. - Name string
- The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"
- Note
Id string - The ID to use for this note.
- Package
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Package - A note describing a package hosted by various package managers.
- Project string
-
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Related Url> - URLs associated with this note
- Sbom
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Document Note - A note describing a software bill of materials.
- Sbom
Reference Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. SBOMReference Note - A note describing a reference to an SBOM.
- Short
Description string - A one sentence description of this
Note. - Spdx
File Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. File Note - A note describing an SPDX File.
- Spdx
Package Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Package Info Note - A note describing an SPDX Package.
- Spdx
Relationship Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Relationship Note - A note describing a relationship between SPDX elements.
- Upgrade
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Upgrade Note - A note describing an upgrade.
- Vulnerability
Assessment Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Vulnerability Assessment Note - A note describing a vulnerability assessment.
- Vulnerability
Type Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Vulnerability Type - A package vulnerability type of note.
-
Attestation
Authority Args - A note describing an attestation role.
- Base
Image BasisArgs - A note describing a base image.
- Build
Type BuildType Args - Build provenance type for a verifiable build.
- Compliance
Compliance
Note Args - A note describing a compliance check.
- Deployable
Deployable
Args - A note describing something that can be deployed.
- Discovery
Discovery
Args - A note describing a provider/analysis type.
- Dsse
Attestation DSSEAttestationNote Args - A note describing a dsse attestation note.
- Expiration
Time string - Time of expiration for this note, null if note does not expire.
- Long
Description string - A detailed description of this
Note. - Name string
- The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"
- Note
Id string - The ID to use for this note.
- Package
Package
Args - A note describing a package hosted by various package managers.
- Project string
-
[]Related
Url Args - URLs associated with this note
- Sbom
Document
Note Args - A note describing a software bill of materials.
- Sbom
Reference SBOMReferenceNote Args - A note describing a reference to an SBOM.
- Short
Description string - A one sentence description of this
Note. - Spdx
File FileNote Args - A note describing an SPDX File.
- Spdx
Package PackageInfo Note Args - A note describing an SPDX Package.
- Spdx
Relationship RelationshipNote Args - A note describing a relationship between SPDX elements.
- Upgrade
Upgrade
Note Args - A note describing an upgrade.
- Vulnerability
Assessment VulnerabilityAssessment Note Args - A note describing a vulnerability assessment.
- Vulnerability
Type VulnerabilityType Args - A package vulnerability type of note.
-
Attestation
Authority - A note describing an attestation role.
- base
Image Basis - A note describing a base image.
- build
Type BuildType - Build provenance type for a verifiable build.
- compliance
Compliance
Note - A note describing a compliance check.
- deployable Deployable
- A note describing something that can be deployed.
- discovery Discovery
- A note describing a provider/analysis type.
- dsse
Attestation DSSEAttestationNote - A note describing a dsse attestation note.
- expiration
Time String - Time of expiration for this note, null if note does not expire.
- long
Description String - A detailed description of this
Note. - name String
- The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"
- note
Id String - The ID to use for this note.
- package_ Package
- A note describing a package hosted by various package managers.
- project String
-
List<Related
Url> - URLs associated with this note
- sbom
Document
Note - A note describing a software bill of materials.
- sbom
Reference SBOMReferenceNote - A note describing a reference to an SBOM.
- short
Description String - A one sentence description of this
Note. - spdx
File FileNote - A note describing an SPDX File.
- spdx
Package PackageInfo Note - A note describing an SPDX Package.
- spdx
Relationship RelationshipNote - A note describing a relationship between SPDX elements.
- upgrade
Upgrade
Note - A note describing an upgrade.
- vulnerability
Assessment VulnerabilityAssessment Note - A note describing a vulnerability assessment.
- vulnerability
Type VulnerabilityType - A package vulnerability type of note.
-
Attestation
Authority - A note describing an attestation role.
- base
Image Basis - A note describing a base image.
- build
Type BuildType - Build provenance type for a verifiable build.
- compliance
Compliance
Note - A note describing a compliance check.
- deployable Deployable
- A note describing something that can be deployed.
- discovery Discovery
- A note describing a provider/analysis type.
- dsse
Attestation DSSEAttestationNote - A note describing a dsse attestation note.
- expiration
Time string - Time of expiration for this note, null if note does not expire.
- long
Description string - A detailed description of this
Note. - name string
- The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"
- note
Id string - The ID to use for this note.
- package Package
- A note describing a package hosted by various package managers.
- project string
-
Related
Url[] - URLs associated with this note
- sbom
Document
Note - A note describing a software bill of materials.
- sbom
Reference SBOMReferenceNote - A note describing a reference to an SBOM.
- short
Description string - A one sentence description of this
Note. - spdx
File FileNote - A note describing an SPDX File.
- spdx
Package PackageInfo Note - A note describing an SPDX Package.
- spdx
Relationship RelationshipNote - A note describing a relationship between SPDX elements.
- upgrade
Upgrade
Note - A note describing an upgrade.
- vulnerability
Assessment VulnerabilityAssessment Note - A note describing a vulnerability assessment.
- vulnerability
Type VulnerabilityType - A package vulnerability type of note.
-
Attestation
Authority Args - A note describing an attestation role.
- base_
image BasisArgs - A note describing a base image.
- build_
type BuildType Args - Build provenance type for a verifiable build.
- compliance
Compliance
Note Args - A note describing a compliance check.
- deployable
Deployable
Args - A note describing something that can be deployed.
- discovery
Discovery
Args - A note describing a provider/analysis type.
- dsse_
attestation DSSEAttestationNote Args - A note describing a dsse attestation note.
- expiration_
time str - Time of expiration for this note, null if note does not expire.
- long_
description str - A detailed description of this
Note. - name str
- The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"
- note_
id str - The ID to use for this note.
- package
Package
Args - A note describing a package hosted by various package managers.
- project str
-
Sequence[Related
Url Args] - URLs associated with this note
- sbom
Document
Note Args - A note describing a software bill of materials.
- sbom_
reference SBOMReferenceNote Args - A note describing a reference to an SBOM.
- short_
description str - A one sentence description of this
Note. - spdx_
file FileNote Args - A note describing an SPDX File.
- spdx_
package PackageInfo Note Args - A note describing an SPDX Package.
- spdx_
relationship RelationshipNote Args - A note describing a relationship between SPDX elements.
- upgrade
Upgrade
Note Args - A note describing an upgrade.
- vulnerability_
assessment VulnerabilityAssessment Note Args - A note describing a vulnerability assessment.
- vulnerability_
type VulnerabilityType Args - A package vulnerability type of note.
- Property Map
- A note describing an attestation role.
- base
Image Property Map - A note describing a base image.
- build
Type Property Map - Build provenance type for a verifiable build.
- compliance Property Map
- A note describing a compliance check.
- deployable Property Map
- A note describing something that can be deployed.
- discovery Property Map
- A note describing a provider/analysis type.
- dsse
Attestation Property Map - A note describing a dsse attestation note.
- expiration
Time String - Time of expiration for this note, null if note does not expire.
- long
Description String - A detailed description of this
Note. - name String
- The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"
- note
Id String - The ID to use for this note.
- package Property Map
- A note describing a package hosted by various package managers.
- project String
- List<Property Map>
- URLs associated with this note
- sbom Property Map
- A note describing a software bill of materials.
- sbom
Reference Property Map - A note describing a reference to an SBOM.
- short
Description String - A one sentence description of this
Note. - spdx
File Property Map - A note describing an SPDX File.
- spdx
Package Property Map - A note describing an SPDX Package.
- spdx
Relationship Property Map - A note describing a relationship between SPDX elements.
- upgrade Property Map
- A note describing an upgrade.
- vulnerability
Assessment Property Map - A note describing a vulnerability assessment.
- vulnerability
Type Property Map - A package vulnerability type of note.
Outputs
All input properties are implicitly available as output properties. Additionally, the Note resource produces the following output properties:
- Create
Time string - The time this note was created. This field can be used as a filter in list requests.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kind string
- This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.
- Update
Time string - The time this note was last updated. This field can be used as a filter in list requests.
- Create
Time string - The time this note was created. This field can be used as a filter in list requests.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kind string
- This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.
- Update
Time string - The time this note was last updated. This field can be used as a filter in list requests.
- create
Time String - The time this note was created. This field can be used as a filter in list requests.
- id String
- The provider-assigned unique ID for this managed resource.
- kind String
- This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.
- update
Time String - The time this note was last updated. This field can be used as a filter in list requests.
- create
Time string - The time this note was created. This field can be used as a filter in list requests.
- id string
- The provider-assigned unique ID for this managed resource.
- kind string
- This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.
- update
Time string - The time this note was last updated. This field can be used as a filter in list requests.
- create_
time str - The time this note was created. This field can be used as a filter in list requests.
- id str
- The provider-assigned unique ID for this managed resource.
- kind str
- This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.
- update_
time str - The time this note was last updated. This field can be used as a filter in list requests.
- create
Time String - The time this note was created. This field can be used as a filter in list requests.
- id String
- The provider-assigned unique ID for this managed resource.
- kind String
- This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.
- update
Time String - The time this note was last updated. This field can be used as a filter in list requests.
Supporting Types
Assessment, AssessmentArgs
- Cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- Impacts List<string>
- Contains information about the impact of this vulnerability, this will change with time.
- Justification
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Justification - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- Long
Description string - A detailed description of this Vex.
-
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. URI> - Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- Remediations
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Remediation> - Specifies details on how to handle (and presumably, fix) a vulnerability.
- Short
Description string - A one sentence description of this Vex.
- State
Pulumi.
Google Native. Container Analysis. V1Alpha1. Assessment State - Provides the state of this Vulnerability assessment.
- Vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- Cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- Impacts []string
- Contains information about the impact of this vulnerability, this will change with time.
- Justification Justification
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- Long
Description string - A detailed description of this Vex.
- []URI
- Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- Remediations []Remediation
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- Short
Description string - A one sentence description of this Vex.
- State
Assessment
State - Provides the state of this Vulnerability assessment.
- Vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve String
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- impacts List<String>
- Contains information about the impact of this vulnerability, this will change with time.
- justification Justification
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- long
Description String - A detailed description of this Vex.
- List<URI>
- Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- remediations List<Remediation>
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- short
Description String - A one sentence description of this Vex.
- state
Assessment
State - Provides the state of this Vulnerability assessment.
- vulnerability
Id String - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- impacts string[]
- Contains information about the impact of this vulnerability, this will change with time.
- justification Justification
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- long
Description string - A detailed description of this Vex.
- URI[]
- Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- remediations Remediation[]
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- short
Description string - A one sentence description of this Vex.
- state
Assessment
State - Provides the state of this Vulnerability assessment.
- vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve str
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- impacts Sequence[str]
- Contains information about the impact of this vulnerability, this will change with time.
- justification Justification
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- long_
description str - A detailed description of this Vex.
- Sequence[URI]
- Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- remediations Sequence[Remediation]
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- short_
description str - A one sentence description of this Vex.
- state
Assessment
State - Provides the state of this Vulnerability assessment.
- vulnerability_
id str - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve String
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- impacts List<String>
- Contains information about the impact of this vulnerability, this will change with time.
- justification Property Map
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- long
Description String - A detailed description of this Vex.
- List<Property Map>
- Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- remediations List<Property Map>
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- short
Description String - A one sentence description of this Vex.
- state "STATE_UNSPECIFIED" | "AFFECTED" | "NOT_AFFECTED" | "FIXED" | "UNDER_INVESTIGATION"
- Provides the state of this Vulnerability assessment.
- vulnerability
Id String - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
AssessmentResponse, AssessmentResponseArgs
- Cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- Impacts List<string>
- Contains information about the impact of this vulnerability, this will change with time.
- Justification
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Justification Response - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- Long
Description string - A detailed description of this Vex.
-
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. URIResponse> - Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- Remediations
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Remediation Response> - Specifies details on how to handle (and presumably, fix) a vulnerability.
- Short
Description string - A one sentence description of this Vex.
- State string
- Provides the state of this Vulnerability assessment.
- Vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- Cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- Impacts []string
- Contains information about the impact of this vulnerability, this will change with time.
- Justification
Justification
Response - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- Long
Description string - A detailed description of this Vex.
- []URIResponse
- Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- Remediations
[]Remediation
Response - Specifies details on how to handle (and presumably, fix) a vulnerability.
- Short
Description string - A one sentence description of this Vex.
- State string
- Provides the state of this Vulnerability assessment.
- Vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve String
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- impacts List<String>
- Contains information about the impact of this vulnerability, this will change with time.
- justification
Justification
Response - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- long
Description String - A detailed description of this Vex.
- List<URIResponse>
- Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- remediations
List<Remediation
Response> - Specifies details on how to handle (and presumably, fix) a vulnerability.
- short
Description String - A one sentence description of this Vex.
- state String
- Provides the state of this Vulnerability assessment.
- vulnerability
Id String - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- impacts string[]
- Contains information about the impact of this vulnerability, this will change with time.
- justification
Justification
Response - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- long
Description string - A detailed description of this Vex.
- URIResponse[]
- Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- remediations
Remediation
Response[] - Specifies details on how to handle (and presumably, fix) a vulnerability.
- short
Description string - A one sentence description of this Vex.
- state string
- Provides the state of this Vulnerability assessment.
- vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve str
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- impacts Sequence[str]
- Contains information about the impact of this vulnerability, this will change with time.
- justification
Justification
Response - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- long_
description str - A detailed description of this Vex.
- Sequence[URIResponse]
- Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- remediations
Sequence[Remediation
Response] - Specifies details on how to handle (and presumably, fix) a vulnerability.
- short_
description str - A one sentence description of this Vex.
- state str
- Provides the state of this Vulnerability assessment.
- vulnerability_
id str - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve String
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
- impacts List<String>
- Contains information about the impact of this vulnerability, this will change with time.
- justification Property Map
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- long
Description String - A detailed description of this Vex.
- List<Property Map>
- Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
- remediations List<Property Map>
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- short
Description String - A one sentence description of this Vex.
- state String
- Provides the state of this Vulnerability assessment.
- vulnerability
Id String - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
AssessmentState, AssessmentStateArgs
- State
Unspecified - STATE_UNSPECIFIEDNo state is specified.
- Affected
- AFFECTEDThis product is known to be affected by this vulnerability.
- Not
Affected - NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- Fixed
- FIXEDThis product contains a fix for this vulnerability.
- Under
Investigation - UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
- Assessment
State State Unspecified - STATE_UNSPECIFIEDNo state is specified.
- Assessment
State Affected - AFFECTEDThis product is known to be affected by this vulnerability.
- Assessment
State Not Affected - NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- Assessment
State Fixed - FIXEDThis product contains a fix for this vulnerability.
- Assessment
State Under Investigation - UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
- State
Unspecified - STATE_UNSPECIFIEDNo state is specified.
- Affected
- AFFECTEDThis product is known to be affected by this vulnerability.
- Not
Affected - NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- Fixed
- FIXEDThis product contains a fix for this vulnerability.
- Under
Investigation - UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
- State
Unspecified - STATE_UNSPECIFIEDNo state is specified.
- Affected
- AFFECTEDThis product is known to be affected by this vulnerability.
- Not
Affected - NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- Fixed
- FIXEDThis product contains a fix for this vulnerability.
- Under
Investigation - UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
- STATE_UNSPECIFIED
- STATE_UNSPECIFIEDNo state is specified.
- AFFECTED
- AFFECTEDThis product is known to be affected by this vulnerability.
- NOT_AFFECTED
- NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- FIXED
- FIXEDThis product contains a fix for this vulnerability.
- UNDER_INVESTIGATION
- UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
- "STATE_UNSPECIFIED"
- STATE_UNSPECIFIEDNo state is specified.
- "AFFECTED"
- AFFECTEDThis product is known to be affected by this vulnerability.
- "NOT_AFFECTED"
- NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- "FIXED"
- FIXEDThis product contains a fix for this vulnerability.
- "UNDER_INVESTIGATION"
- UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
AttestationAuthority, AttestationAuthorityArgs
AttestationAuthorityHint, AttestationAuthorityHintArgs
- Human
Readable stringName - The human readable name of this Attestation Authority, for example "qa".
- Human
Readable stringName - The human readable name of this Attestation Authority, for example "qa".
- human
Readable StringName - The human readable name of this Attestation Authority, for example "qa".
- human
Readable stringName - The human readable name of this Attestation Authority, for example "qa".
- human_
readable_ strname - The human readable name of this Attestation Authority, for example "qa".
- human
Readable StringName - The human readable name of this Attestation Authority, for example "qa".
AttestationAuthorityHintResponse, AttestationAuthorityHintResponseArgs
- Human
Readable stringName - The human readable name of this Attestation Authority, for example "qa".
- Human
Readable stringName - The human readable name of this Attestation Authority, for example "qa".
- human
Readable StringName - The human readable name of this Attestation Authority, for example "qa".
- human
Readable stringName - The human readable name of this Attestation Authority, for example "qa".
- human_
readable_ strname - The human readable name of this Attestation Authority, for example "qa".
- human
Readable StringName - The human readable name of this Attestation Authority, for example "qa".
AttestationAuthorityResponse, AttestationAuthorityResponseArgs
Basis, BasisArgs
- Fingerprint
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Fingerprint - The fingerprint of the base image.
- Resource
Url string - The resource_url for the resource representing the basis of associated occurrence images.
- Fingerprint Fingerprint
- The fingerprint of the base image.
- Resource
Url string - The resource_url for the resource representing the basis of associated occurrence images.
- fingerprint Fingerprint
- The fingerprint of the base image.
- resource
Url String - The resource_url for the resource representing the basis of associated occurrence images.
- fingerprint Fingerprint
- The fingerprint of the base image.
- resource
Url string - The resource_url for the resource representing the basis of associated occurrence images.
- fingerprint Fingerprint
- The fingerprint of the base image.
- resource_
url str - The resource_url for the resource representing the basis of associated occurrence images.
- fingerprint Property Map
- The fingerprint of the base image.
- resource
Url String - The resource_url for the resource representing the basis of associated occurrence images.
BasisResponse, BasisResponseArgs
- Fingerprint
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Fingerprint Response - The fingerprint of the base image.
- Resource
Url string - The resource_url for the resource representing the basis of associated occurrence images.
- Fingerprint
Fingerprint
Response - The fingerprint of the base image.
- Resource
Url string - The resource_url for the resource representing the basis of associated occurrence images.
- fingerprint
Fingerprint
Response - The fingerprint of the base image.
- resource
Url String - The resource_url for the resource representing the basis of associated occurrence images.
- fingerprint
Fingerprint
Response - The fingerprint of the base image.
- resource
Url string - The resource_url for the resource representing the basis of associated occurrence images.
- fingerprint
Fingerprint
Response - The fingerprint of the base image.
- resource_
url str - The resource_url for the resource representing the basis of associated occurrence images.
- fingerprint Property Map
- The fingerprint of the base image.
- resource
Url String - The resource_url for the resource representing the basis of associated occurrence images.
BuildSignature, BuildSignatureArgs
- Key
Id string - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - Key
Type Pulumi.Google Native. Container Analysis. V1Alpha1. Build Signature Key Type - The type of the key, either stored in
public_keyor referenced inkey_id - Public
Key string - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - Signature string
- Signature of the related
BuildProvenance, encoded in a base64 string.
- Key
Id string - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - Key
Type BuildSignature Key Type - The type of the key, either stored in
public_keyor referenced inkey_id - Public
Key string - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - Signature string
- Signature of the related
BuildProvenance, encoded in a base64 string.
- key
Id String - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - key
Type BuildSignature Key Type - The type of the key, either stored in
public_keyor referenced inkey_id - public
Key String - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - signature String
- Signature of the related
BuildProvenance, encoded in a base64 string.
- key
Id string - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - key
Type BuildSignature Key Type - The type of the key, either stored in
public_keyor referenced inkey_id - public
Key string - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - signature string
- Signature of the related
BuildProvenance, encoded in a base64 string.
- key_
id str - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - key_
type BuildSignature Key Type - The type of the key, either stored in
public_keyor referenced inkey_id - public_
key str - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - signature str
- Signature of the related
BuildProvenance, encoded in a base64 string.
- key
Id String - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - key
Type "KEY_TYPE_UNSPECIFIED" | "PGP_ASCII_ARMORED" | "PKIX_PEM" - The type of the key, either stored in
public_keyor referenced inkey_id - public
Key String - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - signature String
- Signature of the related
BuildProvenance, encoded in a base64 string.
BuildSignatureKeyType, BuildSignatureKeyTypeArgs
- Key
Type Unspecified - KEY_TYPE_UNSPECIFIED
KeyTypeis not set. - Pgp
Ascii Armored - PGP_ASCII_ARMORED
PGP ASCII Armoredpublic key. - Pkix
Pem - PKIX_PEM
PKIX PEMpublic key.
- Build
Signature Key Type Key Type Unspecified - KEY_TYPE_UNSPECIFIED
KeyTypeis not set. - Build
Signature Key Type Pgp Ascii Armored - PGP_ASCII_ARMORED
PGP ASCII Armoredpublic key. - Build
Signature Key Type Pkix Pem - PKIX_PEM
PKIX PEMpublic key.
- Key
Type Unspecified - KEY_TYPE_UNSPECIFIED
KeyTypeis not set. - Pgp
Ascii Armored - PGP_ASCII_ARMORED
PGP ASCII Armoredpublic key. - Pkix
Pem - PKIX_PEM
PKIX PEMpublic key.
- Key
Type Unspecified - KEY_TYPE_UNSPECIFIED
KeyTypeis not set. - Pgp
Ascii Armored - PGP_ASCII_ARMORED
PGP ASCII Armoredpublic key. - Pkix
Pem - PKIX_PEM
PKIX PEMpublic key.
- KEY_TYPE_UNSPECIFIED
- KEY_TYPE_UNSPECIFIED
KeyTypeis not set. - PGP_ASCII_ARMORED
- PGP_ASCII_ARMORED
PGP ASCII Armoredpublic key. - PKIX_PEM
- PKIX_PEM
PKIX PEMpublic key.
- "KEY_TYPE_UNSPECIFIED"
- KEY_TYPE_UNSPECIFIED
KeyTypeis not set. - "PGP_ASCII_ARMORED"
- PGP_ASCII_ARMORED
PGP ASCII Armoredpublic key. - "PKIX_PEM"
- PKIX_PEM
PKIX PEMpublic key.
BuildSignatureResponse, BuildSignatureResponseArgs
- Key
Id string - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - Key
Type string - The type of the key, either stored in
public_keyor referenced inkey_id - Public
Key string - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - Signature string
- Signature of the related
BuildProvenance, encoded in a base64 string.
- Key
Id string - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - Key
Type string - The type of the key, either stored in
public_keyor referenced inkey_id - Public
Key string - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - Signature string
- Signature of the related
BuildProvenance, encoded in a base64 string.
- key
Id String - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - key
Type String - The type of the key, either stored in
public_keyor referenced inkey_id - public
Key String - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - signature String
- Signature of the related
BuildProvenance, encoded in a base64 string.
- key
Id string - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - key
Type string - The type of the key, either stored in
public_keyor referenced inkey_id - public
Key string - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - signature string
- Signature of the related
BuildProvenance, encoded in a base64 string.
- key_
id str - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - key_
type str - The type of the key, either stored in
public_keyor referenced inkey_id - public_
key str - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - signature str
- Signature of the related
BuildProvenance, encoded in a base64 string.
- key
Id String - An Id for the key used to sign. This could be either an Id for the key stored in
public_key(such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). - key
Type String - The type of the key, either stored in
public_keyor referenced inkey_id - public
Key String - Public key of the builder which can be used to verify that the related findings are valid and unchanged. If
key_typeis empty, this defaults to PEM encoded public keys. This field may be empty ifkey_idreferences an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes fromBuildDetailsare base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature:openssl sha256 -verify public.pem -signature signature.bin signed.bin - signature String
- Signature of the related
BuildProvenance, encoded in a base64 string.
BuildType, BuildTypeArgs
- Builder
Version string - Version of the builder which produced this Note.
- Signature
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Build Signature - Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
- Builder
Version string - Version of the builder which produced this Note.
- Signature
Build
Signature - Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
- builder
Version String - Version of the builder which produced this Note.
- signature
Build
Signature - Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
- builder
Version string - Version of the builder which produced this Note.
- signature
Build
Signature - Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
- builder_
version str - Version of the builder which produced this Note.
- signature
Build
Signature - Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
- builder
Version String - Version of the builder which produced this Note.
- signature Property Map
- Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
BuildTypeResponse, BuildTypeResponseArgs
- Builder
Version string - Version of the builder which produced this Note.
- Signature
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Build Signature Response - Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
- Builder
Version string - Version of the builder which produced this Note.
- Signature
Build
Signature Response - Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
- builder
Version String - Version of the builder which produced this Note.
- signature
Build
Signature Response - Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
- builder
Version string - Version of the builder which produced this Note.
- signature
Build
Signature Response - Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
- builder_
version str - Version of the builder which produced this Note.
- signature
Build
Signature Response - Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
- builder
Version String - Version of the builder which produced this Note.
- signature Property Map
- Signature of the build in Occurrences pointing to the Note containing this
BuilderDetails.
CVSS, CVSSArgs
- Attack
Complexity Pulumi.Google Native. Container Analysis. V1Alpha1. CVSSAttack Complexity - Defined in CVSS v3, CVSS v2
- Attack
Vector Pulumi.Google Native. Container Analysis. V1Alpha1. CVSSAttack Vector - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- Authentication
Pulumi.
Google Native. Container Analysis. V1Alpha1. CVSSAuthentication - Defined in CVSS v2
- Availability
Impact Pulumi.Google Native. Container Analysis. V1Alpha1. CVSSAvailability Impact - Defined in CVSS v3, CVSS v2
- Base
Score double - The base score is a function of the base metric scores.
- Confidentiality
Impact Pulumi.Google Native. Container Analysis. V1Alpha1. CVSSConfidentiality Impact - Defined in CVSS v3, CVSS v2
- Exploitability
Score double - Impact
Score double - Integrity
Impact Pulumi.Google Native. Container Analysis. V1Alpha1. CVSSIntegrity Impact - Defined in CVSS v3, CVSS v2
- Privileges
Required Pulumi.Google Native. Container Analysis. V1Alpha1. CVSSPrivileges Required - Defined in CVSS v3
- Scope
Pulumi.
Google Native. Container Analysis. V1Alpha1. CVSSScope - Defined in CVSS v3
- User
Interaction Pulumi.Google Native. Container Analysis. V1Alpha1. CVSSUser Interaction - Defined in CVSS v3
- Attack
Complexity CVSSAttackComplexity - Defined in CVSS v3, CVSS v2
- Attack
Vector CVSSAttackVector - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- Authentication CVSSAuthentication
- Defined in CVSS v2
- Availability
Impact CVSSAvailabilityImpact - Defined in CVSS v3, CVSS v2
- Base
Score float64 - The base score is a function of the base metric scores.
- Confidentiality
Impact CVSSConfidentialityImpact - Defined in CVSS v3, CVSS v2
- Exploitability
Score float64 - Impact
Score float64 - Integrity
Impact CVSSIntegrityImpact - Defined in CVSS v3, CVSS v2
- Privileges
Required CVSSPrivilegesRequired - Defined in CVSS v3
- Scope CVSSScope
- Defined in CVSS v3
- User
Interaction CVSSUserInteraction - Defined in CVSS v3
- attack
Complexity CVSSAttackComplexity - Defined in CVSS v3, CVSS v2
- attack
Vector CVSSAttackVector - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- authentication CVSSAuthentication
- Defined in CVSS v2
- availability
Impact CVSSAvailabilityImpact - Defined in CVSS v3, CVSS v2
- base
Score Double - The base score is a function of the base metric scores.
- confidentiality
Impact CVSSConfidentialityImpact - Defined in CVSS v3, CVSS v2
- exploitability
Score Double - impact
Score Double - integrity
Impact CVSSIntegrityImpact - Defined in CVSS v3, CVSS v2
- privileges
Required CVSSPrivilegesRequired - Defined in CVSS v3
- scope CVSSScope
- Defined in CVSS v3
- user
Interaction CVSSUserInteraction - Defined in CVSS v3
- attack
Complexity CVSSAttackComplexity - Defined in CVSS v3, CVSS v2
- attack
Vector CVSSAttackVector - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- authentication CVSSAuthentication
- Defined in CVSS v2
- availability
Impact CVSSAvailabilityImpact - Defined in CVSS v3, CVSS v2
- base
Score number - The base score is a function of the base metric scores.
- confidentiality
Impact CVSSConfidentialityImpact - Defined in CVSS v3, CVSS v2
- exploitability
Score number - impact
Score number - integrity
Impact CVSSIntegrityImpact - Defined in CVSS v3, CVSS v2
- privileges
Required CVSSPrivilegesRequired - Defined in CVSS v3
- scope CVSSScope
- Defined in CVSS v3
- user
Interaction CVSSUserInteraction - Defined in CVSS v3
- attack_
complexity CVSSAttackComplexity - Defined in CVSS v3, CVSS v2
- attack_
vector CVSSAttackVector - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- authentication CVSSAuthentication
- Defined in CVSS v2
- availability_
impact CVSSAvailabilityImpact - Defined in CVSS v3, CVSS v2
- base_
score float - The base score is a function of the base metric scores.
- confidentiality_
impact CVSSConfidentialityImpact - Defined in CVSS v3, CVSS v2
- exploitability_
score float - impact_
score float - integrity_
impact CVSSIntegrityImpact - Defined in CVSS v3, CVSS v2
- privileges_
required CVSSPrivilegesRequired - Defined in CVSS v3
- scope CVSSScope
- Defined in CVSS v3
- user_
interaction CVSSUserInteraction - Defined in CVSS v3
- attack
Complexity "ATTACK_COMPLEXITY_UNSPECIFIED" | "ATTACK_COMPLEXITY_LOW" | "ATTACK_COMPLEXITY_HIGH" | "ATTACK_COMPLEXITY_MEDIUM" - Defined in CVSS v3, CVSS v2
- attack
Vector "ATTACK_VECTOR_UNSPECIFIED" | "ATTACK_VECTOR_NETWORK" | "ATTACK_VECTOR_ADJACENT" | "ATTACK_VECTOR_LOCAL" | "ATTACK_VECTOR_PHYSICAL" - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- authentication "AUTHENTICATION_UNSPECIFIED" | "AUTHENTICATION_MULTIPLE" | "AUTHENTICATION_SINGLE" | "AUTHENTICATION_NONE"
- Defined in CVSS v2
- availability
Impact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE" - Defined in CVSS v3, CVSS v2
- base
Score Number - The base score is a function of the base metric scores.
- confidentiality
Impact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE" - Defined in CVSS v3, CVSS v2
- exploitability
Score Number - impact
Score Number - integrity
Impact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE" - Defined in CVSS v3, CVSS v2
- privileges
Required "PRIVILEGES_REQUIRED_UNSPECIFIED" | "PRIVILEGES_REQUIRED_NONE" | "PRIVILEGES_REQUIRED_LOW" | "PRIVILEGES_REQUIRED_HIGH" - Defined in CVSS v3
- scope "SCOPE_UNSPECIFIED" | "SCOPE_UNCHANGED" | "SCOPE_CHANGED"
- Defined in CVSS v3
- user
Interaction "USER_INTERACTION_UNSPECIFIED" | "USER_INTERACTION_NONE" | "USER_INTERACTION_REQUIRED" - Defined in CVSS v3
CVSSAttackComplexity, CVSSAttackComplexityArgs
- Attack
Complexity Unspecified - ATTACK_COMPLEXITY_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Attack
Complexity Low - ATTACK_COMPLEXITY_LOWDefined in CVSS v3, CVSS v2
- Attack
Complexity High - ATTACK_COMPLEXITY_HIGHDefined in CVSS v3, CVSS v2
- Attack
Complexity Medium - ATTACK_COMPLEXITY_MEDIUMDefined in CVSS v2
- CVSSAttack
Complexity Attack Complexity Unspecified - ATTACK_COMPLEXITY_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- CVSSAttack
Complexity Attack Complexity Low - ATTACK_COMPLEXITY_LOWDefined in CVSS v3, CVSS v2
- CVSSAttack
Complexity Attack Complexity High - ATTACK_COMPLEXITY_HIGHDefined in CVSS v3, CVSS v2
- CVSSAttack
Complexity Attack Complexity Medium - ATTACK_COMPLEXITY_MEDIUMDefined in CVSS v2
- Attack
Complexity Unspecified - ATTACK_COMPLEXITY_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Attack
Complexity Low - ATTACK_COMPLEXITY_LOWDefined in CVSS v3, CVSS v2
- Attack
Complexity High - ATTACK_COMPLEXITY_HIGHDefined in CVSS v3, CVSS v2
- Attack
Complexity Medium - ATTACK_COMPLEXITY_MEDIUMDefined in CVSS v2
- Attack
Complexity Unspecified - ATTACK_COMPLEXITY_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Attack
Complexity Low - ATTACK_COMPLEXITY_LOWDefined in CVSS v3, CVSS v2
- Attack
Complexity High - ATTACK_COMPLEXITY_HIGHDefined in CVSS v3, CVSS v2
- Attack
Complexity Medium - ATTACK_COMPLEXITY_MEDIUMDefined in CVSS v2
- ATTACK_COMPLEXITY_UNSPECIFIED
- ATTACK_COMPLEXITY_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- ATTACK_COMPLEXITY_LOW
- ATTACK_COMPLEXITY_LOWDefined in CVSS v3, CVSS v2
- ATTACK_COMPLEXITY_HIGH
- ATTACK_COMPLEXITY_HIGHDefined in CVSS v3, CVSS v2
- ATTACK_COMPLEXITY_MEDIUM
- ATTACK_COMPLEXITY_MEDIUMDefined in CVSS v2
- "ATTACK_COMPLEXITY_UNSPECIFIED"
- ATTACK_COMPLEXITY_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- "ATTACK_COMPLEXITY_LOW"
- ATTACK_COMPLEXITY_LOWDefined in CVSS v3, CVSS v2
- "ATTACK_COMPLEXITY_HIGH"
- ATTACK_COMPLEXITY_HIGHDefined in CVSS v3, CVSS v2
- "ATTACK_COMPLEXITY_MEDIUM"
- ATTACK_COMPLEXITY_MEDIUMDefined in CVSS v2
CVSSAttackVector, CVSSAttackVectorArgs
- Attack
Vector Unspecified - ATTACK_VECTOR_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Attack
Vector Network - ATTACK_VECTOR_NETWORKDefined in CVSS v3, CVSS v2
- Attack
Vector Adjacent - ATTACK_VECTOR_ADJACENTDefined in CVSS v3, CVSS v2
- Attack
Vector Local - ATTACK_VECTOR_LOCALDefined in CVSS v3, CVSS v2
- Attack
Vector Physical - ATTACK_VECTOR_PHYSICALDefined in CVSS v3
- CVSSAttack
Vector Attack Vector Unspecified - ATTACK_VECTOR_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- CVSSAttack
Vector Attack Vector Network - ATTACK_VECTOR_NETWORKDefined in CVSS v3, CVSS v2
- CVSSAttack
Vector Attack Vector Adjacent - ATTACK_VECTOR_ADJACENTDefined in CVSS v3, CVSS v2
- CVSSAttack
Vector Attack Vector Local - ATTACK_VECTOR_LOCALDefined in CVSS v3, CVSS v2
- CVSSAttack
Vector Attack Vector Physical - ATTACK_VECTOR_PHYSICALDefined in CVSS v3
- Attack
Vector Unspecified - ATTACK_VECTOR_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Attack
Vector Network - ATTACK_VECTOR_NETWORKDefined in CVSS v3, CVSS v2
- Attack
Vector Adjacent - ATTACK_VECTOR_ADJACENTDefined in CVSS v3, CVSS v2
- Attack
Vector Local - ATTACK_VECTOR_LOCALDefined in CVSS v3, CVSS v2
- Attack
Vector Physical - ATTACK_VECTOR_PHYSICALDefined in CVSS v3
- Attack
Vector Unspecified - ATTACK_VECTOR_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Attack
Vector Network - ATTACK_VECTOR_NETWORKDefined in CVSS v3, CVSS v2
- Attack
Vector Adjacent - ATTACK_VECTOR_ADJACENTDefined in CVSS v3, CVSS v2
- Attack
Vector Local - ATTACK_VECTOR_LOCALDefined in CVSS v3, CVSS v2
- Attack
Vector Physical - ATTACK_VECTOR_PHYSICALDefined in CVSS v3
- ATTACK_VECTOR_UNSPECIFIED
- ATTACK_VECTOR_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- ATTACK_VECTOR_NETWORK
- ATTACK_VECTOR_NETWORKDefined in CVSS v3, CVSS v2
- ATTACK_VECTOR_ADJACENT
- ATTACK_VECTOR_ADJACENTDefined in CVSS v3, CVSS v2
- ATTACK_VECTOR_LOCAL
- ATTACK_VECTOR_LOCALDefined in CVSS v3, CVSS v2
- ATTACK_VECTOR_PHYSICAL
- ATTACK_VECTOR_PHYSICALDefined in CVSS v3
- "ATTACK_VECTOR_UNSPECIFIED"
- ATTACK_VECTOR_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- "ATTACK_VECTOR_NETWORK"
- ATTACK_VECTOR_NETWORKDefined in CVSS v3, CVSS v2
- "ATTACK_VECTOR_ADJACENT"
- ATTACK_VECTOR_ADJACENTDefined in CVSS v3, CVSS v2
- "ATTACK_VECTOR_LOCAL"
- ATTACK_VECTOR_LOCALDefined in CVSS v3, CVSS v2
- "ATTACK_VECTOR_PHYSICAL"
- ATTACK_VECTOR_PHYSICALDefined in CVSS v3
CVSSAuthentication, CVSSAuthenticationArgs
- Authentication
Unspecified - AUTHENTICATION_UNSPECIFIEDDefined in CVSS v2
- Authentication
Multiple - AUTHENTICATION_MULTIPLEDefined in CVSS v2
- Authentication
Single - AUTHENTICATION_SINGLEDefined in CVSS v2
- Authentication
None - AUTHENTICATION_NONEDefined in CVSS v2
- CVSSAuthentication
Authentication Unspecified - AUTHENTICATION_UNSPECIFIEDDefined in CVSS v2
- CVSSAuthentication
Authentication Multiple - AUTHENTICATION_MULTIPLEDefined in CVSS v2
- CVSSAuthentication
Authentication Single - AUTHENTICATION_SINGLEDefined in CVSS v2
- CVSSAuthentication
Authentication None - AUTHENTICATION_NONEDefined in CVSS v2
- Authentication
Unspecified - AUTHENTICATION_UNSPECIFIEDDefined in CVSS v2
- Authentication
Multiple - AUTHENTICATION_MULTIPLEDefined in CVSS v2
- Authentication
Single - AUTHENTICATION_SINGLEDefined in CVSS v2
- Authentication
None - AUTHENTICATION_NONEDefined in CVSS v2
- Authentication
Unspecified - AUTHENTICATION_UNSPECIFIEDDefined in CVSS v2
- Authentication
Multiple - AUTHENTICATION_MULTIPLEDefined in CVSS v2
- Authentication
Single - AUTHENTICATION_SINGLEDefined in CVSS v2
- Authentication
None - AUTHENTICATION_NONEDefined in CVSS v2
- AUTHENTICATION_UNSPECIFIED
- AUTHENTICATION_UNSPECIFIEDDefined in CVSS v2
- AUTHENTICATION_MULTIPLE
- AUTHENTICATION_MULTIPLEDefined in CVSS v2
- AUTHENTICATION_SINGLE
- AUTHENTICATION_SINGLEDefined in CVSS v2
- AUTHENTICATION_NONE
- AUTHENTICATION_NONEDefined in CVSS v2
- "AUTHENTICATION_UNSPECIFIED"
- AUTHENTICATION_UNSPECIFIEDDefined in CVSS v2
- "AUTHENTICATION_MULTIPLE"
- AUTHENTICATION_MULTIPLEDefined in CVSS v2
- "AUTHENTICATION_SINGLE"
- AUTHENTICATION_SINGLEDefined in CVSS v2
- "AUTHENTICATION_NONE"
- AUTHENTICATION_NONEDefined in CVSS v2
CVSSAvailabilityImpact, CVSSAvailabilityImpactArgs
- Impact
Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Impact
High - IMPACT_HIGHDefined in CVSS v3
- Impact
Low - IMPACT_LOWDefined in CVSS v3
- Impact
None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- Impact
Partial - IMPACT_PARTIALDefined in CVSS v2
- Impact
Complete - IMPACT_COMPLETEDefined in CVSS v2
- CVSSAvailability
Impact Impact Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- CVSSAvailability
Impact Impact High - IMPACT_HIGHDefined in CVSS v3
- CVSSAvailability
Impact Impact Low - IMPACT_LOWDefined in CVSS v3
- CVSSAvailability
Impact Impact None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- CVSSAvailability
Impact Impact Partial - IMPACT_PARTIALDefined in CVSS v2
- CVSSAvailability
Impact Impact Complete - IMPACT_COMPLETEDefined in CVSS v2
- Impact
Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Impact
High - IMPACT_HIGHDefined in CVSS v3
- Impact
Low - IMPACT_LOWDefined in CVSS v3
- Impact
None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- Impact
Partial - IMPACT_PARTIALDefined in CVSS v2
- Impact
Complete - IMPACT_COMPLETEDefined in CVSS v2
- Impact
Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Impact
High - IMPACT_HIGHDefined in CVSS v3
- Impact
Low - IMPACT_LOWDefined in CVSS v3
- Impact
None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- Impact
Partial - IMPACT_PARTIALDefined in CVSS v2
- Impact
Complete - IMPACT_COMPLETEDefined in CVSS v2
- IMPACT_UNSPECIFIED
- IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- IMPACT_HIGH
- IMPACT_HIGHDefined in CVSS v3
- IMPACT_LOW
- IMPACT_LOWDefined in CVSS v3
- IMPACT_NONE
- IMPACT_NONEDefined in CVSS v3, CVSS v2
- IMPACT_PARTIAL
- IMPACT_PARTIALDefined in CVSS v2
- IMPACT_COMPLETE
- IMPACT_COMPLETEDefined in CVSS v2
- "IMPACT_UNSPECIFIED"
- IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- "IMPACT_HIGH"
- IMPACT_HIGHDefined in CVSS v3
- "IMPACT_LOW"
- IMPACT_LOWDefined in CVSS v3
- "IMPACT_NONE"
- IMPACT_NONEDefined in CVSS v3, CVSS v2
- "IMPACT_PARTIAL"
- IMPACT_PARTIALDefined in CVSS v2
- "IMPACT_COMPLETE"
- IMPACT_COMPLETEDefined in CVSS v2
CVSSConfidentialityImpact, CVSSConfidentialityImpactArgs
- Impact
Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Impact
High - IMPACT_HIGHDefined in CVSS v3
- Impact
Low - IMPACT_LOWDefined in CVSS v3
- Impact
None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- Impact
Partial - IMPACT_PARTIALDefined in CVSS v2
- Impact
Complete - IMPACT_COMPLETEDefined in CVSS v2
- CVSSConfidentiality
Impact Impact Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- CVSSConfidentiality
Impact Impact High - IMPACT_HIGHDefined in CVSS v3
- CVSSConfidentiality
Impact Impact Low - IMPACT_LOWDefined in CVSS v3
- CVSSConfidentiality
Impact Impact None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- CVSSConfidentiality
Impact Impact Partial - IMPACT_PARTIALDefined in CVSS v2
- CVSSConfidentiality
Impact Impact Complete - IMPACT_COMPLETEDefined in CVSS v2
- Impact
Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Impact
High - IMPACT_HIGHDefined in CVSS v3
- Impact
Low - IMPACT_LOWDefined in CVSS v3
- Impact
None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- Impact
Partial - IMPACT_PARTIALDefined in CVSS v2
- Impact
Complete - IMPACT_COMPLETEDefined in CVSS v2
- Impact
Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Impact
High - IMPACT_HIGHDefined in CVSS v3
- Impact
Low - IMPACT_LOWDefined in CVSS v3
- Impact
None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- Impact
Partial - IMPACT_PARTIALDefined in CVSS v2
- Impact
Complete - IMPACT_COMPLETEDefined in CVSS v2
- IMPACT_UNSPECIFIED
- IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- IMPACT_HIGH
- IMPACT_HIGHDefined in CVSS v3
- IMPACT_LOW
- IMPACT_LOWDefined in CVSS v3
- IMPACT_NONE
- IMPACT_NONEDefined in CVSS v3, CVSS v2
- IMPACT_PARTIAL
- IMPACT_PARTIALDefined in CVSS v2
- IMPACT_COMPLETE
- IMPACT_COMPLETEDefined in CVSS v2
- "IMPACT_UNSPECIFIED"
- IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- "IMPACT_HIGH"
- IMPACT_HIGHDefined in CVSS v3
- "IMPACT_LOW"
- IMPACT_LOWDefined in CVSS v3
- "IMPACT_NONE"
- IMPACT_NONEDefined in CVSS v3, CVSS v2
- "IMPACT_PARTIAL"
- IMPACT_PARTIALDefined in CVSS v2
- "IMPACT_COMPLETE"
- IMPACT_COMPLETEDefined in CVSS v2
CVSSIntegrityImpact, CVSSIntegrityImpactArgs
- Impact
Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Impact
High - IMPACT_HIGHDefined in CVSS v3
- Impact
Low - IMPACT_LOWDefined in CVSS v3
- Impact
None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- Impact
Partial - IMPACT_PARTIALDefined in CVSS v2
- Impact
Complete - IMPACT_COMPLETEDefined in CVSS v2
- CVSSIntegrity
Impact Impact Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- CVSSIntegrity
Impact Impact High - IMPACT_HIGHDefined in CVSS v3
- CVSSIntegrity
Impact Impact Low - IMPACT_LOWDefined in CVSS v3
- CVSSIntegrity
Impact Impact None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- CVSSIntegrity
Impact Impact Partial - IMPACT_PARTIALDefined in CVSS v2
- CVSSIntegrity
Impact Impact Complete - IMPACT_COMPLETEDefined in CVSS v2
- Impact
Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Impact
High - IMPACT_HIGHDefined in CVSS v3
- Impact
Low - IMPACT_LOWDefined in CVSS v3
- Impact
None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- Impact
Partial - IMPACT_PARTIALDefined in CVSS v2
- Impact
Complete - IMPACT_COMPLETEDefined in CVSS v2
- Impact
Unspecified - IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- Impact
High - IMPACT_HIGHDefined in CVSS v3
- Impact
Low - IMPACT_LOWDefined in CVSS v3
- Impact
None - IMPACT_NONEDefined in CVSS v3, CVSS v2
- Impact
Partial - IMPACT_PARTIALDefined in CVSS v2
- Impact
Complete - IMPACT_COMPLETEDefined in CVSS v2
- IMPACT_UNSPECIFIED
- IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- IMPACT_HIGH
- IMPACT_HIGHDefined in CVSS v3
- IMPACT_LOW
- IMPACT_LOWDefined in CVSS v3
- IMPACT_NONE
- IMPACT_NONEDefined in CVSS v3, CVSS v2
- IMPACT_PARTIAL
- IMPACT_PARTIALDefined in CVSS v2
- IMPACT_COMPLETE
- IMPACT_COMPLETEDefined in CVSS v2
- "IMPACT_UNSPECIFIED"
- IMPACT_UNSPECIFIEDDefined in CVSS v3, CVSS v2
- "IMPACT_HIGH"
- IMPACT_HIGHDefined in CVSS v3
- "IMPACT_LOW"
- IMPACT_LOWDefined in CVSS v3
- "IMPACT_NONE"
- IMPACT_NONEDefined in CVSS v3, CVSS v2
- "IMPACT_PARTIAL"
- IMPACT_PARTIALDefined in CVSS v2
- "IMPACT_COMPLETE"
- IMPACT_COMPLETEDefined in CVSS v2
CVSSPrivilegesRequired, CVSSPrivilegesRequiredArgs
- Privileges
Required Unspecified - PRIVILEGES_REQUIRED_UNSPECIFIEDDefined in CVSS v3
- Privileges
Required None - PRIVILEGES_REQUIRED_NONEDefined in CVSS v3
- Privileges
Required Low - PRIVILEGES_REQUIRED_LOWDefined in CVSS v3
- Privileges
Required High - PRIVILEGES_REQUIRED_HIGHDefined in CVSS v3
- CVSSPrivileges
Required Privileges Required Unspecified - PRIVILEGES_REQUIRED_UNSPECIFIEDDefined in CVSS v3
- CVSSPrivileges
Required Privileges Required None - PRIVILEGES_REQUIRED_NONEDefined in CVSS v3
- CVSSPrivileges
Required Privileges Required Low - PRIVILEGES_REQUIRED_LOWDefined in CVSS v3
- CVSSPrivileges
Required Privileges Required High - PRIVILEGES_REQUIRED_HIGHDefined in CVSS v3
- Privileges
Required Unspecified - PRIVILEGES_REQUIRED_UNSPECIFIEDDefined in CVSS v3
- Privileges
Required None - PRIVILEGES_REQUIRED_NONEDefined in CVSS v3
- Privileges
Required Low - PRIVILEGES_REQUIRED_LOWDefined in CVSS v3
- Privileges
Required High - PRIVILEGES_REQUIRED_HIGHDefined in CVSS v3
- Privileges
Required Unspecified - PRIVILEGES_REQUIRED_UNSPECIFIEDDefined in CVSS v3
- Privileges
Required None - PRIVILEGES_REQUIRED_NONEDefined in CVSS v3
- Privileges
Required Low - PRIVILEGES_REQUIRED_LOWDefined in CVSS v3
- Privileges
Required High - PRIVILEGES_REQUIRED_HIGHDefined in CVSS v3
- PRIVILEGES_REQUIRED_UNSPECIFIED
- PRIVILEGES_REQUIRED_UNSPECIFIEDDefined in CVSS v3
- PRIVILEGES_REQUIRED_NONE
- PRIVILEGES_REQUIRED_NONEDefined in CVSS v3
- PRIVILEGES_REQUIRED_LOW
- PRIVILEGES_REQUIRED_LOWDefined in CVSS v3
- PRIVILEGES_REQUIRED_HIGH
- PRIVILEGES_REQUIRED_HIGHDefined in CVSS v3
- "PRIVILEGES_REQUIRED_UNSPECIFIED"
- PRIVILEGES_REQUIRED_UNSPECIFIEDDefined in CVSS v3
- "PRIVILEGES_REQUIRED_NONE"
- PRIVILEGES_REQUIRED_NONEDefined in CVSS v3
- "PRIVILEGES_REQUIRED_LOW"
- PRIVILEGES_REQUIRED_LOWDefined in CVSS v3
- "PRIVILEGES_REQUIRED_HIGH"
- PRIVILEGES_REQUIRED_HIGHDefined in CVSS v3
CVSSResponse, CVSSResponseArgs
- Attack
Complexity string - Defined in CVSS v3, CVSS v2
- Attack
Vector string - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- Authentication string
- Defined in CVSS v2
- Availability
Impact string - Defined in CVSS v3, CVSS v2
- Base
Score double - The base score is a function of the base metric scores.
- Confidentiality
Impact string - Defined in CVSS v3, CVSS v2
- Exploitability
Score double - Impact
Score double - Integrity
Impact string - Defined in CVSS v3, CVSS v2
- Privileges
Required string - Defined in CVSS v3
- Scope string
- Defined in CVSS v3
- User
Interaction string - Defined in CVSS v3
- Attack
Complexity string - Defined in CVSS v3, CVSS v2
- Attack
Vector string - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- Authentication string
- Defined in CVSS v2
- Availability
Impact string - Defined in CVSS v3, CVSS v2
- Base
Score float64 - The base score is a function of the base metric scores.
- Confidentiality
Impact string - Defined in CVSS v3, CVSS v2
- Exploitability
Score float64 - Impact
Score float64 - Integrity
Impact string - Defined in CVSS v3, CVSS v2
- Privileges
Required string - Defined in CVSS v3
- Scope string
- Defined in CVSS v3
- User
Interaction string - Defined in CVSS v3
- attack
Complexity String - Defined in CVSS v3, CVSS v2
- attack
Vector String - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- authentication String
- Defined in CVSS v2
- availability
Impact String - Defined in CVSS v3, CVSS v2
- base
Score Double - The base score is a function of the base metric scores.
- confidentiality
Impact String - Defined in CVSS v3, CVSS v2
- exploitability
Score Double - impact
Score Double - integrity
Impact String - Defined in CVSS v3, CVSS v2
- privileges
Required String - Defined in CVSS v3
- scope String
- Defined in CVSS v3
- user
Interaction String - Defined in CVSS v3
- attack
Complexity string - Defined in CVSS v3, CVSS v2
- attack
Vector string - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- authentication string
- Defined in CVSS v2
- availability
Impact string - Defined in CVSS v3, CVSS v2
- base
Score number - The base score is a function of the base metric scores.
- confidentiality
Impact string - Defined in CVSS v3, CVSS v2
- exploitability
Score number - impact
Score number - integrity
Impact string - Defined in CVSS v3, CVSS v2
- privileges
Required string - Defined in CVSS v3
- scope string
- Defined in CVSS v3
- user
Interaction string - Defined in CVSS v3
- attack_
complexity str - Defined in CVSS v3, CVSS v2
- attack_
vector str - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- authentication str
- Defined in CVSS v2
- availability_
impact str - Defined in CVSS v3, CVSS v2
- base_
score float - The base score is a function of the base metric scores.
- confidentiality_
impact str - Defined in CVSS v3, CVSS v2
- exploitability_
score float - impact_
score float - integrity_
impact str - Defined in CVSS v3, CVSS v2
- privileges_
required str - Defined in CVSS v3
- scope str
- Defined in CVSS v3
- user_
interaction str - Defined in CVSS v3
- attack
Complexity String - Defined in CVSS v3, CVSS v2
- attack
Vector String - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
- authentication String
- Defined in CVSS v2
- availability
Impact String - Defined in CVSS v3, CVSS v2
- base
Score Number - The base score is a function of the base metric scores.
- confidentiality
Impact String - Defined in CVSS v3, CVSS v2
- exploitability
Score Number - impact
Score Number - integrity
Impact String - Defined in CVSS v3, CVSS v2
- privileges
Required String - Defined in CVSS v3
- scope String
- Defined in CVSS v3
- user
Interaction String - Defined in CVSS v3
CVSSScope, CVSSScopeArgs
- Scope
Unspecified - SCOPE_UNSPECIFIEDDefined in CVSS v3
- Scope
Unchanged - SCOPE_UNCHANGEDDefined in CVSS v3
- Scope
Changed - SCOPE_CHANGEDDefined in CVSS v3
- CVSSScope
Scope Unspecified - SCOPE_UNSPECIFIEDDefined in CVSS v3
- CVSSScope
Scope Unchanged - SCOPE_UNCHANGEDDefined in CVSS v3
- CVSSScope
Scope Changed - SCOPE_CHANGEDDefined in CVSS v3
- Scope
Unspecified - SCOPE_UNSPECIFIEDDefined in CVSS v3
- Scope
Unchanged - SCOPE_UNCHANGEDDefined in CVSS v3
- Scope
Changed - SCOPE_CHANGEDDefined in CVSS v3
- Scope
Unspecified - SCOPE_UNSPECIFIEDDefined in CVSS v3
- Scope
Unchanged - SCOPE_UNCHANGEDDefined in CVSS v3
- Scope
Changed - SCOPE_CHANGEDDefined in CVSS v3
- SCOPE_UNSPECIFIED
- SCOPE_UNSPECIFIEDDefined in CVSS v3
- SCOPE_UNCHANGED
- SCOPE_UNCHANGEDDefined in CVSS v3
- SCOPE_CHANGED
- SCOPE_CHANGEDDefined in CVSS v3
- "SCOPE_UNSPECIFIED"
- SCOPE_UNSPECIFIEDDefined in CVSS v3
- "SCOPE_UNCHANGED"
- SCOPE_UNCHANGEDDefined in CVSS v3
- "SCOPE_CHANGED"
- SCOPE_CHANGEDDefined in CVSS v3
CVSSUserInteraction, CVSSUserInteractionArgs
- User
Interaction Unspecified - USER_INTERACTION_UNSPECIFIEDDefined in CVSS v3
- User
Interaction None - USER_INTERACTION_NONEDefined in CVSS v3
- User
Interaction Required - USER_INTERACTION_REQUIREDDefined in CVSS v3
- CVSSUser
Interaction User Interaction Unspecified - USER_INTERACTION_UNSPECIFIEDDefined in CVSS v3
- CVSSUser
Interaction User Interaction None - USER_INTERACTION_NONEDefined in CVSS v3
- CVSSUser
Interaction User Interaction Required - USER_INTERACTION_REQUIREDDefined in CVSS v3
- User
Interaction Unspecified - USER_INTERACTION_UNSPECIFIEDDefined in CVSS v3
- User
Interaction None - USER_INTERACTION_NONEDefined in CVSS v3
- User
Interaction Required - USER_INTERACTION_REQUIREDDefined in CVSS v3
- User
Interaction Unspecified - USER_INTERACTION_UNSPECIFIEDDefined in CVSS v3
- User
Interaction None - USER_INTERACTION_NONEDefined in CVSS v3
- User
Interaction Required - USER_INTERACTION_REQUIREDDefined in CVSS v3
- USER_INTERACTION_UNSPECIFIED
- USER_INTERACTION_UNSPECIFIEDDefined in CVSS v3
- USER_INTERACTION_NONE
- USER_INTERACTION_NONEDefined in CVSS v3
- USER_INTERACTION_REQUIRED
- USER_INTERACTION_REQUIREDDefined in CVSS v3
- "USER_INTERACTION_UNSPECIFIED"
- USER_INTERACTION_UNSPECIFIEDDefined in CVSS v3
- "USER_INTERACTION_NONE"
- USER_INTERACTION_NONEDefined in CVSS v3
- "USER_INTERACTION_REQUIRED"
- USER_INTERACTION_REQUIREDDefined in CVSS v3
CisBenchmark, CisBenchmarkArgs
- Profile
Level int - The profile level of this CIS benchmark check.
- Severity
Pulumi.
Google Native. Container Analysis. V1Alpha1. Cis Benchmark Severity - The severity level of this CIS benchmark check.
- Profile
Level int - The profile level of this CIS benchmark check.
- Severity
Cis
Benchmark Severity - The severity level of this CIS benchmark check.
- profile
Level Integer - The profile level of this CIS benchmark check.
- severity
Cis
Benchmark Severity - The severity level of this CIS benchmark check.
- profile
Level number - The profile level of this CIS benchmark check.
- severity
Cis
Benchmark Severity - The severity level of this CIS benchmark check.
- profile_
level int - The profile level of this CIS benchmark check.
- severity
Cis
Benchmark Severity - The severity level of this CIS benchmark check.
- profile
Level Number - The profile level of this CIS benchmark check.
- severity "SEVERITY_UNSPECIFIED" | "MINIMAL" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL"
- The severity level of this CIS benchmark check.
CisBenchmarkResponse, CisBenchmarkResponseArgs
- Profile
Level int - The profile level of this CIS benchmark check.
- Severity string
- The severity level of this CIS benchmark check.
- Profile
Level int - The profile level of this CIS benchmark check.
- Severity string
- The severity level of this CIS benchmark check.
- profile
Level Integer - The profile level of this CIS benchmark check.
- severity String
- The severity level of this CIS benchmark check.
- profile
Level number - The profile level of this CIS benchmark check.
- severity string
- The severity level of this CIS benchmark check.
- profile_
level int - The profile level of this CIS benchmark check.
- severity str
- The severity level of this CIS benchmark check.
- profile
Level Number - The profile level of this CIS benchmark check.
- severity String
- The severity level of this CIS benchmark check.
CisBenchmarkSeverity, CisBenchmarkSeverityArgs
- Severity
Unspecified - SEVERITY_UNSPECIFIEDUnknown Impact
- Minimal
- MINIMALMinimal Impact
- Low
- LOWLow Impact
- Medium
- MEDIUMMedium Impact
- High
- HIGHHigh Impact
- Critical
- CRITICALCritical Impact
- Cis
Benchmark Severity Severity Unspecified - SEVERITY_UNSPECIFIEDUnknown Impact
- Cis
Benchmark Severity Minimal - MINIMALMinimal Impact
- Cis
Benchmark Severity Low - LOWLow Impact
- Cis
Benchmark Severity Medium - MEDIUMMedium Impact
- Cis
Benchmark Severity High - HIGHHigh Impact
- Cis
Benchmark Severity Critical - CRITICALCritical Impact
- Severity
Unspecified - SEVERITY_UNSPECIFIEDUnknown Impact
- Minimal
- MINIMALMinimal Impact
- Low
- LOWLow Impact
- Medium
- MEDIUMMedium Impact
- High
- HIGHHigh Impact
- Critical
- CRITICALCritical Impact
- Severity
Unspecified - SEVERITY_UNSPECIFIEDUnknown Impact
- Minimal
- MINIMALMinimal Impact
- Low
- LOWLow Impact
- Medium
- MEDIUMMedium Impact
- High
- HIGHHigh Impact
- Critical
- CRITICALCritical Impact
- SEVERITY_UNSPECIFIED
- SEVERITY_UNSPECIFIEDUnknown Impact
- MINIMAL
- MINIMALMinimal Impact
- LOW
- LOWLow Impact
- MEDIUM
- MEDIUMMedium Impact
- HIGH
- HIGHHigh Impact
- CRITICAL
- CRITICALCritical Impact
- "SEVERITY_UNSPECIFIED"
- SEVERITY_UNSPECIFIEDUnknown Impact
- "MINIMAL"
- MINIMALMinimal Impact
- "LOW"
- LOWLow Impact
- "MEDIUM"
- MEDIUMMedium Impact
- "HIGH"
- HIGHHigh Impact
- "CRITICAL"
- CRITICALCritical Impact
ComplianceNote, ComplianceNoteArgs
- Cis
Benchmark Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Cis Benchmark - Right now we only have one compliance type, but we may add additional types in the future.
- Description string
- A description about this compliance check.
- Rationale string
- A rationale for the existence of this compliance check.
- Remediation string
- A description of remediation steps if the compliance check fails.
- Scan
Instructions string - Serialized scan instructions with a predefined format.
- Title string
- The title that identifies this compliance check.
- Version
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Compliance Version> - The OS and config versions the benchmark applies to.
- Cis
Benchmark CisBenchmark - Right now we only have one compliance type, but we may add additional types in the future.
- Description string
- A description about this compliance check.
- Rationale string
- A rationale for the existence of this compliance check.
- Remediation string
- A description of remediation steps if the compliance check fails.
- Scan
Instructions string - Serialized scan instructions with a predefined format.
- Title string
- The title that identifies this compliance check.
- Version
[]Compliance
Version - The OS and config versions the benchmark applies to.
- cis
Benchmark CisBenchmark - Right now we only have one compliance type, but we may add additional types in the future.
- description String
- A description about this compliance check.
- rationale String
- A rationale for the existence of this compliance check.
- remediation String
- A description of remediation steps if the compliance check fails.
- scan
Instructions String - Serialized scan instructions with a predefined format.
- title String
- The title that identifies this compliance check.
- version
List<Compliance
Version> - The OS and config versions the benchmark applies to.
- cis
Benchmark CisBenchmark - Right now we only have one compliance type, but we may add additional types in the future.
- description string
- A description about this compliance check.
- rationale string
- A rationale for the existence of this compliance check.
- remediation string
- A description of remediation steps if the compliance check fails.
- scan
Instructions string - Serialized scan instructions with a predefined format.
- title string
- The title that identifies this compliance check.
- version
Compliance
Version[] - The OS and config versions the benchmark applies to.
- cis_
benchmark CisBenchmark - Right now we only have one compliance type, but we may add additional types in the future.
- description str
- A description about this compliance check.
- rationale str
- A rationale for the existence of this compliance check.
- remediation str
- A description of remediation steps if the compliance check fails.
- scan_
instructions str - Serialized scan instructions with a predefined format.
- title str
- The title that identifies this compliance check.
- version
Sequence[Compliance
Version] - The OS and config versions the benchmark applies to.
- cis
Benchmark Property Map - Right now we only have one compliance type, but we may add additional types in the future.
- description String
- A description about this compliance check.
- rationale String
- A rationale for the existence of this compliance check.
- remediation String
- A description of remediation steps if the compliance check fails.
- scan
Instructions String - Serialized scan instructions with a predefined format.
- title String
- The title that identifies this compliance check.
- version List<Property Map>
- The OS and config versions the benchmark applies to.
ComplianceNoteResponse, ComplianceNoteResponseArgs
- Cis
Benchmark Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Cis Benchmark Response - Right now we only have one compliance type, but we may add additional types in the future.
- Description string
- A description about this compliance check.
- Rationale string
- A rationale for the existence of this compliance check.
- Remediation string
- A description of remediation steps if the compliance check fails.
- Scan
Instructions string - Serialized scan instructions with a predefined format.
- Title string
- The title that identifies this compliance check.
- Version
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Compliance Version Response> - The OS and config versions the benchmark applies to.
- Cis
Benchmark CisBenchmark Response - Right now we only have one compliance type, but we may add additional types in the future.
- Description string
- A description about this compliance check.
- Rationale string
- A rationale for the existence of this compliance check.
- Remediation string
- A description of remediation steps if the compliance check fails.
- Scan
Instructions string - Serialized scan instructions with a predefined format.
- Title string
- The title that identifies this compliance check.
- Version
[]Compliance
Version Response - The OS and config versions the benchmark applies to.
- cis
Benchmark CisBenchmark Response - Right now we only have one compliance type, but we may add additional types in the future.
- description String
- A description about this compliance check.
- rationale String
- A rationale for the existence of this compliance check.
- remediation String
- A description of remediation steps if the compliance check fails.
- scan
Instructions String - Serialized scan instructions with a predefined format.
- title String
- The title that identifies this compliance check.
- version
List<Compliance
Version Response> - The OS and config versions the benchmark applies to.
- cis
Benchmark CisBenchmark Response - Right now we only have one compliance type, but we may add additional types in the future.
- description string
- A description about this compliance check.
- rationale string
- A rationale for the existence of this compliance check.
- remediation string
- A description of remediation steps if the compliance check fails.
- scan
Instructions string - Serialized scan instructions with a predefined format.
- title string
- The title that identifies this compliance check.
- version
Compliance
Version Response[] - The OS and config versions the benchmark applies to.
- cis_
benchmark CisBenchmark Response - Right now we only have one compliance type, but we may add additional types in the future.
- description str
- A description about this compliance check.
- rationale str
- A rationale for the existence of this compliance check.
- remediation str
- A description of remediation steps if the compliance check fails.
- scan_
instructions str - Serialized scan instructions with a predefined format.
- title str
- The title that identifies this compliance check.
- version
Sequence[Compliance
Version Response] - The OS and config versions the benchmark applies to.
- cis
Benchmark Property Map - Right now we only have one compliance type, but we may add additional types in the future.
- description String
- A description about this compliance check.
- rationale String
- A rationale for the existence of this compliance check.
- remediation String
- A description of remediation steps if the compliance check fails.
- scan
Instructions String - Serialized scan instructions with a predefined format.
- title String
- The title that identifies this compliance check.
- version List<Property Map>
- The OS and config versions the benchmark applies to.
ComplianceVersion, ComplianceVersionArgs
- Benchmark
Document string - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- Cpe
Uri string - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- Version string
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
- Benchmark
Document string - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- Cpe
Uri string - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- Version string
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
- benchmark
Document String - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- cpe
Uri String - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- version String
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
- benchmark
Document string - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- cpe
Uri string - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- version string
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
- benchmark_
document str - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- cpe_
uri str - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- version str
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
- benchmark
Document String - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- cpe
Uri String - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- version String
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
ComplianceVersionResponse, ComplianceVersionResponseArgs
- Benchmark
Document string - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- Cpe
Uri string - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- Version string
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
- Benchmark
Document string - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- Cpe
Uri string - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- Version string
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
- benchmark
Document String - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- cpe
Uri String - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- version String
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
- benchmark
Document string - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- cpe
Uri string - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- version string
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
- benchmark_
document str - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- cpe_
uri str - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- version str
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
- benchmark
Document String - The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".
- cpe
Uri String - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.
- version String
- The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.
DSSEAttestationNote, DSSEAttestationNoteArgs
- Hint
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. DSSEHint - DSSEHint hints at the purpose of the attestation authority.
- hint Property Map
- DSSEHint hints at the purpose of the attestation authority.
DSSEAttestationNoteResponse, DSSEAttestationNoteResponseArgs
- Hint
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. DSSEHint Response - DSSEHint hints at the purpose of the attestation authority.
- Hint
DSSEHint
Response - DSSEHint hints at the purpose of the attestation authority.
- hint
DSSEHint
Response - DSSEHint hints at the purpose of the attestation authority.
- hint
DSSEHint
Response - DSSEHint hints at the purpose of the attestation authority.
- hint
DSSEHint
Response - DSSEHint hints at the purpose of the attestation authority.
- hint Property Map
- DSSEHint hints at the purpose of the attestation authority.
DSSEHint, DSSEHintArgs
- Human
Readable stringName - The human readable name of this attestation authority, for example "cloudbuild-prod".
- Human
Readable stringName - The human readable name of this attestation authority, for example "cloudbuild-prod".
- human
Readable StringName - The human readable name of this attestation authority, for example "cloudbuild-prod".
- human
Readable stringName - The human readable name of this attestation authority, for example "cloudbuild-prod".
- human_
readable_ strname - The human readable name of this attestation authority, for example "cloudbuild-prod".
- human
Readable StringName - The human readable name of this attestation authority, for example "cloudbuild-prod".
DSSEHintResponse, DSSEHintResponseArgs
- Human
Readable stringName - The human readable name of this attestation authority, for example "cloudbuild-prod".
- Human
Readable stringName - The human readable name of this attestation authority, for example "cloudbuild-prod".
- human
Readable StringName - The human readable name of this attestation authority, for example "cloudbuild-prod".
- human
Readable stringName - The human readable name of this attestation authority, for example "cloudbuild-prod".
- human_
readable_ strname - The human readable name of this attestation authority, for example "cloudbuild-prod".
- human
Readable StringName - The human readable name of this attestation authority, for example "cloudbuild-prod".
Deployable, DeployableArgs
- Resource
Uri List<string> - Resource URI for the artifact being deployed.
- Resource
Uri []string - Resource URI for the artifact being deployed.
- resource
Uri List<String> - Resource URI for the artifact being deployed.
- resource
Uri string[] - Resource URI for the artifact being deployed.
- resource_
uri Sequence[str] - Resource URI for the artifact being deployed.
- resource
Uri List<String> - Resource URI for the artifact being deployed.
DeployableResponse, DeployableResponseArgs
- Resource
Uri List<string> - Resource URI for the artifact being deployed.
- Resource
Uri []string - Resource URI for the artifact being deployed.
- resource
Uri List<String> - Resource URI for the artifact being deployed.
- resource
Uri string[] - Resource URI for the artifact being deployed.
- resource_
uri Sequence[str] - Resource URI for the artifact being deployed.
- resource
Uri List<String> - Resource URI for the artifact being deployed.
Detail, DetailArgs
- Cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- Description string
- A vendor-specific description of this note.
- Fixed
Location Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Vulnerability Location - The fix for this specific package version.
- Is
Obsolete bool - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- Max
Affected Pulumi.Version Google Native. Container Analysis. V1Alpha1. Inputs. Version - The max version of the package in which the vulnerability exists.
- Min
Affected Pulumi.Version Google Native. Container Analysis. V1Alpha1. Inputs. Version - The min version of the package in which the vulnerability exists.
- Package string
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- Package
Type string - The type of package; whether native or non native(ruby gems, node.js packages etc)
- Severity
Name string - The severity (eg: distro assigned severity) for this vulnerability.
- Source string
- The source from which the information in this Detail was obtained.
- Vendor string
- The vendor of the product. e.g. "google"
- Cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- Description string
- A vendor-specific description of this note.
- Fixed
Location VulnerabilityLocation - The fix for this specific package version.
- Is
Obsolete bool - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- Max
Affected VersionVersion - The max version of the package in which the vulnerability exists.
- Min
Affected VersionVersion - The min version of the package in which the vulnerability exists.
- Package string
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- Package
Type string - The type of package; whether native or non native(ruby gems, node.js packages etc)
- Severity
Name string - The severity (eg: distro assigned severity) for this vulnerability.
- Source string
- The source from which the information in this Detail was obtained.
- Vendor string
- The vendor of the product. e.g. "google"
- cpe
Uri String - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- description String
- A vendor-specific description of this note.
- fixed
Location VulnerabilityLocation - The fix for this specific package version.
- is
Obsolete Boolean - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- max
Affected VersionVersion - The max version of the package in which the vulnerability exists.
- min
Affected VersionVersion - The min version of the package in which the vulnerability exists.
- package
Type String - The type of package; whether native or non native(ruby gems, node.js packages etc)
- package_ String
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- severity
Name String - The severity (eg: distro assigned severity) for this vulnerability.
- source String
- The source from which the information in this Detail was obtained.
- vendor String
- The vendor of the product. e.g. "google"
- cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- description string
- A vendor-specific description of this note.
- fixed
Location VulnerabilityLocation - The fix for this specific package version.
- is
Obsolete boolean - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- max
Affected VersionVersion - The max version of the package in which the vulnerability exists.
- min
Affected VersionVersion - The min version of the package in which the vulnerability exists.
- package string
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- package
Type string - The type of package; whether native or non native(ruby gems, node.js packages etc)
- severity
Name string - The severity (eg: distro assigned severity) for this vulnerability.
- source string
- The source from which the information in this Detail was obtained.
- vendor string
- The vendor of the product. e.g. "google"
- cpe_
uri str - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- description str
- A vendor-specific description of this note.
- fixed_
location VulnerabilityLocation - The fix for this specific package version.
- is_
obsolete bool - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- max_
affected_ Versionversion - The max version of the package in which the vulnerability exists.
- min_
affected_ Versionversion - The min version of the package in which the vulnerability exists.
- package str
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- package_
type str - The type of package; whether native or non native(ruby gems, node.js packages etc)
- severity_
name str - The severity (eg: distro assigned severity) for this vulnerability.
- source str
- The source from which the information in this Detail was obtained.
- vendor str
- The vendor of the product. e.g. "google"
- cpe
Uri String - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- description String
- A vendor-specific description of this note.
- fixed
Location Property Map - The fix for this specific package version.
- is
Obsolete Boolean - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- max
Affected Property MapVersion - The max version of the package in which the vulnerability exists.
- min
Affected Property MapVersion - The min version of the package in which the vulnerability exists.
- package String
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- package
Type String - The type of package; whether native or non native(ruby gems, node.js packages etc)
- severity
Name String - The severity (eg: distro assigned severity) for this vulnerability.
- source String
- The source from which the information in this Detail was obtained.
- vendor String
- The vendor of the product. e.g. "google"
DetailResponse, DetailResponseArgs
- Cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- Description string
- A vendor-specific description of this note.
- Fixed
Location Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Vulnerability Location Response - The fix for this specific package version.
- Is
Obsolete bool - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- Max
Affected Pulumi.Version Google Native. Container Analysis. V1Alpha1. Inputs. Version Response - The max version of the package in which the vulnerability exists.
- Min
Affected Pulumi.Version Google Native. Container Analysis. V1Alpha1. Inputs. Version Response - The min version of the package in which the vulnerability exists.
- Package string
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- Package
Type string - The type of package; whether native or non native(ruby gems, node.js packages etc)
- Severity
Name string - The severity (eg: distro assigned severity) for this vulnerability.
- Source string
- The source from which the information in this Detail was obtained.
- Vendor string
- The vendor of the product. e.g. "google"
- Cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- Description string
- A vendor-specific description of this note.
- Fixed
Location VulnerabilityLocation Response - The fix for this specific package version.
- Is
Obsolete bool - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- Max
Affected VersionVersion Response - The max version of the package in which the vulnerability exists.
- Min
Affected VersionVersion Response - The min version of the package in which the vulnerability exists.
- Package string
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- Package
Type string - The type of package; whether native or non native(ruby gems, node.js packages etc)
- Severity
Name string - The severity (eg: distro assigned severity) for this vulnerability.
- Source string
- The source from which the information in this Detail was obtained.
- Vendor string
- The vendor of the product. e.g. "google"
- cpe
Uri String - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- description String
- A vendor-specific description of this note.
- fixed
Location VulnerabilityLocation Response - The fix for this specific package version.
- is
Obsolete Boolean - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- max
Affected VersionVersion Response - The max version of the package in which the vulnerability exists.
- min
Affected VersionVersion Response - The min version of the package in which the vulnerability exists.
- package
Type String - The type of package; whether native or non native(ruby gems, node.js packages etc)
- package_ String
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- severity
Name String - The severity (eg: distro assigned severity) for this vulnerability.
- source String
- The source from which the information in this Detail was obtained.
- vendor String
- The vendor of the product. e.g. "google"
- cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- description string
- A vendor-specific description of this note.
- fixed
Location VulnerabilityLocation Response - The fix for this specific package version.
- is
Obsolete boolean - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- max
Affected VersionVersion Response - The max version of the package in which the vulnerability exists.
- min
Affected VersionVersion Response - The min version of the package in which the vulnerability exists.
- package string
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- package
Type string - The type of package; whether native or non native(ruby gems, node.js packages etc)
- severity
Name string - The severity (eg: distro assigned severity) for this vulnerability.
- source string
- The source from which the information in this Detail was obtained.
- vendor string
- The vendor of the product. e.g. "google"
- cpe_
uri str - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- description str
- A vendor-specific description of this note.
- fixed_
location VulnerabilityLocation Response - The fix for this specific package version.
- is_
obsolete bool - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- max_
affected_ Versionversion Response - The max version of the package in which the vulnerability exists.
- min_
affected_ Versionversion Response - The min version of the package in which the vulnerability exists.
- package str
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- package_
type str - The type of package; whether native or non native(ruby gems, node.js packages etc)
- severity_
name str - The severity (eg: distro assigned severity) for this vulnerability.
- source str
- The source from which the information in this Detail was obtained.
- vendor str
- The vendor of the product. e.g. "google"
- cpe
Uri String - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- description String
- A vendor-specific description of this note.
- fixed
Location Property Map - The fix for this specific package version.
- is
Obsolete Boolean - Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.
- max
Affected Property MapVersion - The max version of the package in which the vulnerability exists.
- min
Affected Property MapVersion - The min version of the package in which the vulnerability exists.
- package String
- The name of the package where the vulnerability was found. This field can be used as a filter in list requests.
- package
Type String - The type of package; whether native or non native(ruby gems, node.js packages etc)
- severity
Name String - The severity (eg: distro assigned severity) for this vulnerability.
- source String
- The source from which the information in this Detail was obtained.
- vendor String
- The vendor of the product. e.g. "google"
Digest, DigestArgs
- Algo string
SHA1,SHA512etc.- Digest
Bytes string - Value of the digest.
- Algo string
SHA1,SHA512etc.- Digest
Bytes string - Value of the digest.
- algo String
SHA1,SHA512etc.- digest
Bytes String - Value of the digest.
- algo string
SHA1,SHA512etc.- digest
Bytes string - Value of the digest.
- algo str
SHA1,SHA512etc.- digest_
bytes str - Value of the digest.
- algo String
SHA1,SHA512etc.- digest
Bytes String - Value of the digest.
DigestResponse, DigestResponseArgs
- Algo string
SHA1,SHA512etc.- Digest
Bytes string - Value of the digest.
- Algo string
SHA1,SHA512etc.- Digest
Bytes string - Value of the digest.
- algo String
SHA1,SHA512etc.- digest
Bytes String - Value of the digest.
- algo string
SHA1,SHA512etc.- digest
Bytes string - Value of the digest.
- algo str
SHA1,SHA512etc.- digest_
bytes str - Value of the digest.
- algo String
SHA1,SHA512etc.- digest
Bytes String - Value of the digest.
Discovery, DiscoveryArgs
- Analysis
Kind Pulumi.Google Native. Container Analysis. V1Alpha1. Discovery Analysis Kind - The kind of analysis that is handled by this discovery.
- Analysis
Kind DiscoveryAnalysis Kind - The kind of analysis that is handled by this discovery.
- analysis
Kind DiscoveryAnalysis Kind - The kind of analysis that is handled by this discovery.
- analysis
Kind DiscoveryAnalysis Kind - The kind of analysis that is handled by this discovery.
- analysis_
kind DiscoveryAnalysis Kind - The kind of analysis that is handled by this discovery.
- analysis
Kind "KIND_UNSPECIFIED" | "PACKAGE_VULNERABILITY" | "BUILD_DETAILS" | "IMAGE_BASIS" | "PACKAGE_MANAGER" | "DEPLOYABLE" | "DISCOVERY" | "ATTESTATION_AUTHORITY" | "UPGRADE" | "COMPLIANCE" | "SBOM" | "SPDX_PACKAGE" | "SPDX_FILE" | "SPDX_RELATIONSHIP" | "DSSE_ATTESTATION" | "VULNERABILITY_ASSESSMENT" | "SBOM_REFERENCE" - The kind of analysis that is handled by this discovery.
DiscoveryAnalysisKind, DiscoveryAnalysisKindArgs
- Kind
Unspecified - KIND_UNSPECIFIEDUnknown
- Package
Vulnerability - PACKAGE_VULNERABILITYThe note and occurrence represent a package vulnerability.
- Build
Details - BUILD_DETAILSThe note and occurrence assert build provenance.
- Image
Basis - IMAGE_BASISThis represents an image basis relationship.
- Package
Manager - PACKAGE_MANAGERThis represents a package installed via a package manager.
- Deployable
- DEPLOYABLEThe note and occurrence track deployment events.
- Discovery
- DISCOVERYThe note and occurrence track the initial discovery status of a resource.
- Attestation
Authority - ATTESTATION_AUTHORITYThis represents a logical "role" that can attest to artifacts.
- Upgrade
- UPGRADEThis represents an available software upgrade.
- Compliance
- COMPLIANCEThis represents a compliance check that can be applied to a resource.
- Sbom
- SBOMThis represents a software bill of materials.
- Spdx
Package - SPDX_PACKAGEThis represents an SPDX Package.
- Spdx
File - SPDX_FILEThis represents an SPDX File.
- Spdx
Relationship - SPDX_RELATIONSHIPThis represents an SPDX Relationship.
- Dsse
Attestation - DSSE_ATTESTATIONThis represents a DSSE attestation Note
- Vulnerability
Assessment - VULNERABILITY_ASSESSMENTThis represents a Vulnerability Assessment.
- Sbom
Reference - SBOM_REFERENCEThis represents a reference to an SBOM.
- Discovery
Analysis Kind Kind Unspecified - KIND_UNSPECIFIEDUnknown
- Discovery
Analysis Kind Package Vulnerability - PACKAGE_VULNERABILITYThe note and occurrence represent a package vulnerability.
- Discovery
Analysis Kind Build Details - BUILD_DETAILSThe note and occurrence assert build provenance.
- Discovery
Analysis Kind Image Basis - IMAGE_BASISThis represents an image basis relationship.
- Discovery
Analysis Kind Package Manager - PACKAGE_MANAGERThis represents a package installed via a package manager.
- Discovery
Analysis Kind Deployable - DEPLOYABLEThe note and occurrence track deployment events.
- Discovery
Analysis Kind Discovery - DISCOVERYThe note and occurrence track the initial discovery status of a resource.
- Discovery
Analysis Kind Attestation Authority - ATTESTATION_AUTHORITYThis represents a logical "role" that can attest to artifacts.
- Discovery
Analysis Kind Upgrade - UPGRADEThis represents an available software upgrade.
- Discovery
Analysis Kind Compliance - COMPLIANCEThis represents a compliance check that can be applied to a resource.
- Discovery
Analysis Kind Sbom - SBOMThis represents a software bill of materials.
- Discovery
Analysis Kind Spdx Package - SPDX_PACKAGEThis represents an SPDX Package.
- Discovery
Analysis Kind Spdx File - SPDX_FILEThis represents an SPDX File.
- Discovery
Analysis Kind Spdx Relationship - SPDX_RELATIONSHIPThis represents an SPDX Relationship.
- Discovery
Analysis Kind Dsse Attestation - DSSE_ATTESTATIONThis represents a DSSE attestation Note
- Discovery
Analysis Kind Vulnerability Assessment - VULNERABILITY_ASSESSMENTThis represents a Vulnerability Assessment.
- Discovery
Analysis Kind Sbom Reference - SBOM_REFERENCEThis represents a reference to an SBOM.
- Kind
Unspecified - KIND_UNSPECIFIEDUnknown
- Package
Vulnerability - PACKAGE_VULNERABILITYThe note and occurrence represent a package vulnerability.
- Build
Details - BUILD_DETAILSThe note and occurrence assert build provenance.
- Image
Basis - IMAGE_BASISThis represents an image basis relationship.
- Package
Manager - PACKAGE_MANAGERThis represents a package installed via a package manager.
- Deployable
- DEPLOYABLEThe note and occurrence track deployment events.
- Discovery
- DISCOVERYThe note and occurrence track the initial discovery status of a resource.
- Attestation
Authority - ATTESTATION_AUTHORITYThis represents a logical "role" that can attest to artifacts.
- Upgrade
- UPGRADEThis represents an available software upgrade.
- Compliance
- COMPLIANCEThis represents a compliance check that can be applied to a resource.
- Sbom
- SBOMThis represents a software bill of materials.
- Spdx
Package - SPDX_PACKAGEThis represents an SPDX Package.
- Spdx
File - SPDX_FILEThis represents an SPDX File.
- Spdx
Relationship - SPDX_RELATIONSHIPThis represents an SPDX Relationship.
- Dsse
Attestation - DSSE_ATTESTATIONThis represents a DSSE attestation Note
- Vulnerability
Assessment - VULNERABILITY_ASSESSMENTThis represents a Vulnerability Assessment.
- Sbom
Reference - SBOM_REFERENCEThis represents a reference to an SBOM.
- Kind
Unspecified - KIND_UNSPECIFIEDUnknown
- Package
Vulnerability - PACKAGE_VULNERABILITYThe note and occurrence represent a package vulnerability.
- Build
Details - BUILD_DETAILSThe note and occurrence assert build provenance.
- Image
Basis - IMAGE_BASISThis represents an image basis relationship.
- Package
Manager - PACKAGE_MANAGERThis represents a package installed via a package manager.
- Deployable
- DEPLOYABLEThe note and occurrence track deployment events.
- Discovery
- DISCOVERYThe note and occurrence track the initial discovery status of a resource.
- Attestation
Authority - ATTESTATION_AUTHORITYThis represents a logical "role" that can attest to artifacts.
- Upgrade
- UPGRADEThis represents an available software upgrade.
- Compliance
- COMPLIANCEThis represents a compliance check that can be applied to a resource.
- Sbom
- SBOMThis represents a software bill of materials.
- Spdx
Package - SPDX_PACKAGEThis represents an SPDX Package.
- Spdx
File - SPDX_FILEThis represents an SPDX File.
- Spdx
Relationship - SPDX_RELATIONSHIPThis represents an SPDX Relationship.
- Dsse
Attestation - DSSE_ATTESTATIONThis represents a DSSE attestation Note
- Vulnerability
Assessment - VULNERABILITY_ASSESSMENTThis represents a Vulnerability Assessment.
- Sbom
Reference - SBOM_REFERENCEThis represents a reference to an SBOM.
- KIND_UNSPECIFIED
- KIND_UNSPECIFIEDUnknown
- PACKAGE_VULNERABILITY
- PACKAGE_VULNERABILITYThe note and occurrence represent a package vulnerability.
- BUILD_DETAILS
- BUILD_DETAILSThe note and occurrence assert build provenance.
- IMAGE_BASIS
- IMAGE_BASISThis represents an image basis relationship.
- PACKAGE_MANAGER
- PACKAGE_MANAGERThis represents a package installed via a package manager.
- DEPLOYABLE
- DEPLOYABLEThe note and occurrence track deployment events.
- DISCOVERY
- DISCOVERYThe note and occurrence track the initial discovery status of a resource.
- ATTESTATION_AUTHORITY
- ATTESTATION_AUTHORITYThis represents a logical "role" that can attest to artifacts.
- UPGRADE
- UPGRADEThis represents an available software upgrade.
- COMPLIANCE
- COMPLIANCEThis represents a compliance check that can be applied to a resource.
- SBOM
- SBOMThis represents a software bill of materials.
- SPDX_PACKAGE
- SPDX_PACKAGEThis represents an SPDX Package.
- SPDX_FILE
- SPDX_FILEThis represents an SPDX File.
- SPDX_RELATIONSHIP
- SPDX_RELATIONSHIPThis represents an SPDX Relationship.
- DSSE_ATTESTATION
- DSSE_ATTESTATIONThis represents a DSSE attestation Note
- VULNERABILITY_ASSESSMENT
- VULNERABILITY_ASSESSMENTThis represents a Vulnerability Assessment.
- SBOM_REFERENCE
- SBOM_REFERENCEThis represents a reference to an SBOM.
- "KIND_UNSPECIFIED"
- KIND_UNSPECIFIEDUnknown
- "PACKAGE_VULNERABILITY"
- PACKAGE_VULNERABILITYThe note and occurrence represent a package vulnerability.
- "BUILD_DETAILS"
- BUILD_DETAILSThe note and occurrence assert build provenance.
- "IMAGE_BASIS"
- IMAGE_BASISThis represents an image basis relationship.
- "PACKAGE_MANAGER"
- PACKAGE_MANAGERThis represents a package installed via a package manager.
- "DEPLOYABLE"
- DEPLOYABLEThe note and occurrence track deployment events.
- "DISCOVERY"
- DISCOVERYThe note and occurrence track the initial discovery status of a resource.
- "ATTESTATION_AUTHORITY"
- ATTESTATION_AUTHORITYThis represents a logical "role" that can attest to artifacts.
- "UPGRADE"
- UPGRADEThis represents an available software upgrade.
- "COMPLIANCE"
- COMPLIANCEThis represents a compliance check that can be applied to a resource.
- "SBOM"
- SBOMThis represents a software bill of materials.
- "SPDX_PACKAGE"
- SPDX_PACKAGEThis represents an SPDX Package.
- "SPDX_FILE"
- SPDX_FILEThis represents an SPDX File.
- "SPDX_RELATIONSHIP"
- SPDX_RELATIONSHIPThis represents an SPDX Relationship.
- "DSSE_ATTESTATION"
- DSSE_ATTESTATIONThis represents a DSSE attestation Note
- "VULNERABILITY_ASSESSMENT"
- VULNERABILITY_ASSESSMENTThis represents a Vulnerability Assessment.
- "SBOM_REFERENCE"
- SBOM_REFERENCEThis represents a reference to an SBOM.
DiscoveryResponse, DiscoveryResponseArgs
- Analysis
Kind string - The kind of analysis that is handled by this discovery.
- Analysis
Kind string - The kind of analysis that is handled by this discovery.
- analysis
Kind String - The kind of analysis that is handled by this discovery.
- analysis
Kind string - The kind of analysis that is handled by this discovery.
- analysis_
kind str - The kind of analysis that is handled by this discovery.
- analysis
Kind String - The kind of analysis that is handled by this discovery.
Distribution, DistributionArgs
- Architecture
Pulumi.
Google Native. Container Analysis. V1Alpha1. Distribution Architecture - The CPU architecture for which packages in this distribution channel were built
- Cpe
Uri string - The cpe_uri in cpe format denoting the package manager version distributing a package.
- Description string
- The distribution channel-specific description of this package.
- Latest
Version Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Version - The latest available version of this package in this distribution channel.
- Maintainer string
- A freeform string denoting the maintainer of this package.
- Url string
- The distribution channel-specific homepage for this package.
- Architecture
Distribution
Architecture - The CPU architecture for which packages in this distribution channel were built
- Cpe
Uri string - The cpe_uri in cpe format denoting the package manager version distributing a package.
- Description string
- The distribution channel-specific description of this package.
- Latest
Version Version - The latest available version of this package in this distribution channel.
- Maintainer string
- A freeform string denoting the maintainer of this package.
- Url string
- The distribution channel-specific homepage for this package.
- architecture
Distribution
Architecture - The CPU architecture for which packages in this distribution channel were built
- cpe
Uri String - The cpe_uri in cpe format denoting the package manager version distributing a package.
- description String
- The distribution channel-specific description of this package.
- latest
Version Version - The latest available version of this package in this distribution channel.
- maintainer String
- A freeform string denoting the maintainer of this package.
- url String
- The distribution channel-specific homepage for this package.
- architecture
Distribution
Architecture - The CPU architecture for which packages in this distribution channel were built
- cpe
Uri string - The cpe_uri in cpe format denoting the package manager version distributing a package.
- description string
- The distribution channel-specific description of this package.
- latest
Version Version - The latest available version of this package in this distribution channel.
- maintainer string
- A freeform string denoting the maintainer of this package.
- url string
- The distribution channel-specific homepage for this package.
- architecture
Distribution
Architecture - The CPU architecture for which packages in this distribution channel were built
- cpe_
uri str - The cpe_uri in cpe format denoting the package manager version distributing a package.
- description str
- The distribution channel-specific description of this package.
- latest_
version Version - The latest available version of this package in this distribution channel.
- maintainer str
- A freeform string denoting the maintainer of this package.
- url str
- The distribution channel-specific homepage for this package.
- architecture "ARCHITECTURE_UNSPECIFIED" | "X86" | "X64"
- The CPU architecture for which packages in this distribution channel were built
- cpe
Uri String - The cpe_uri in cpe format denoting the package manager version distributing a package.
- description String
- The distribution channel-specific description of this package.
- latest
Version Property Map - The latest available version of this package in this distribution channel.
- maintainer String
- A freeform string denoting the maintainer of this package.
- url String
- The distribution channel-specific homepage for this package.
DistributionArchitecture, DistributionArchitectureArgs
- Architecture
Unspecified - ARCHITECTURE_UNSPECIFIEDUnknown architecture
- X86
- X86X86 architecture
- X64
- X64X64 architecture
- Distribution
Architecture Architecture Unspecified - ARCHITECTURE_UNSPECIFIEDUnknown architecture
- Distribution
Architecture X86 - X86X86 architecture
- Distribution
Architecture X64 - X64X64 architecture
- Architecture
Unspecified - ARCHITECTURE_UNSPECIFIEDUnknown architecture
- X86
- X86X86 architecture
- X64
- X64X64 architecture
- Architecture
Unspecified - ARCHITECTURE_UNSPECIFIEDUnknown architecture
- X86
- X86X86 architecture
- X64
- X64X64 architecture
- ARCHITECTURE_UNSPECIFIED
- ARCHITECTURE_UNSPECIFIEDUnknown architecture
- X86
- X86X86 architecture
- X64
- X64X64 architecture
- "ARCHITECTURE_UNSPECIFIED"
- ARCHITECTURE_UNSPECIFIEDUnknown architecture
- "X86"
- X86X86 architecture
- "X64"
- X64X64 architecture
DistributionResponse, DistributionResponseArgs
- Architecture string
- The CPU architecture for which packages in this distribution channel were built
- Cpe
Uri string - The cpe_uri in cpe format denoting the package manager version distributing a package.
- Description string
- The distribution channel-specific description of this package.
- Latest
Version Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Version Response - The latest available version of this package in this distribution channel.
- Maintainer string
- A freeform string denoting the maintainer of this package.
- Url string
- The distribution channel-specific homepage for this package.
- Architecture string
- The CPU architecture for which packages in this distribution channel were built
- Cpe
Uri string - The cpe_uri in cpe format denoting the package manager version distributing a package.
- Description string
- The distribution channel-specific description of this package.
- Latest
Version VersionResponse - The latest available version of this package in this distribution channel.
- Maintainer string
- A freeform string denoting the maintainer of this package.
- Url string
- The distribution channel-specific homepage for this package.
- architecture String
- The CPU architecture for which packages in this distribution channel were built
- cpe
Uri String - The cpe_uri in cpe format denoting the package manager version distributing a package.
- description String
- The distribution channel-specific description of this package.
- latest
Version VersionResponse - The latest available version of this package in this distribution channel.
- maintainer String
- A freeform string denoting the maintainer of this package.
- url String
- The distribution channel-specific homepage for this package.
- architecture string
- The CPU architecture for which packages in this distribution channel were built
- cpe
Uri string - The cpe_uri in cpe format denoting the package manager version distributing a package.
- description string
- The distribution channel-specific description of this package.
- latest
Version VersionResponse - The latest available version of this package in this distribution channel.
- maintainer string
- A freeform string denoting the maintainer of this package.
- url string
- The distribution channel-specific homepage for this package.
- architecture str
- The CPU architecture for which packages in this distribution channel were built
- cpe_
uri str - The cpe_uri in cpe format denoting the package manager version distributing a package.
- description str
- The distribution channel-specific description of this package.
- latest_
version VersionResponse - The latest available version of this package in this distribution channel.
- maintainer str
- A freeform string denoting the maintainer of this package.
- url str
- The distribution channel-specific homepage for this package.
- architecture String
- The CPU architecture for which packages in this distribution channel were built
- cpe
Uri String - The cpe_uri in cpe format denoting the package manager version distributing a package.
- description String
- The distribution channel-specific description of this package.
- latest
Version Property Map - The latest available version of this package in this distribution channel.
- maintainer String
- A freeform string denoting the maintainer of this package.
- url String
- The distribution channel-specific homepage for this package.
DocumentNote, DocumentNoteArgs
- Data
Licence string - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- Spdx
Version string - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
- Data
Licence string - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- Spdx
Version string - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
- data
Licence String - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- spdx
Version String - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
- data
Licence string - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- spdx
Version string - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
- data_
licence str - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- spdx_
version str - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
- data
Licence String - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- spdx
Version String - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
DocumentNoteResponse, DocumentNoteResponseArgs
- Data
Licence string - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- Spdx
Version string - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
- Data
Licence string - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- Spdx
Version string - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
- data
Licence String - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- spdx
Version String - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
- data
Licence string - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- spdx
Version string - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
- data_
licence str - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- spdx_
version str - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
- data
Licence String - Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
- spdx
Version String - Provide a reference number that can be used to understand how to parse and interpret the rest of the file
ExternalRef, ExternalRefArgs
- Category
Pulumi.
Google Native. Container Analysis. V1Alpha1. External Ref Category - An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- Comment string
- Human-readable information about the purpose and target of the reference
- Locator string
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- Type string
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
- Category
External
Ref Category - An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- Comment string
- Human-readable information about the purpose and target of the reference
- Locator string
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- Type string
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
- category
External
Ref Category - An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- comment String
- Human-readable information about the purpose and target of the reference
- locator String
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- type String
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
- category
External
Ref Category - An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- comment string
- Human-readable information about the purpose and target of the reference
- locator string
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- type string
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
- category
External
Ref Category - An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- comment str
- Human-readable information about the purpose and target of the reference
- locator str
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- type str
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
- category "CATEGORY_UNSPECIFIED" | "SECURITY" | "PACKAGE_MANAGER" | "PERSISTENT_ID" | "OTHER"
- An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- comment String
- Human-readable information about the purpose and target of the reference
- locator String
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- type String
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
ExternalRefCategory, ExternalRefCategoryArgs
- Category
Unspecified - CATEGORY_UNSPECIFIEDUnspecified
- Security
- SECURITYSecurity (e.g. cpe22Type, cpe23Type)
- Package
Manager - PACKAGE_MANAGERPackage Manager (e.g. maven-central, npm, nuget, bower, purl)
- Persistent
Id - PERSISTENT_IDPersistent-Id (e.g. swh)
- Other
- OTHEROther
- External
Ref Category Category Unspecified - CATEGORY_UNSPECIFIEDUnspecified
- External
Ref Category Security - SECURITYSecurity (e.g. cpe22Type, cpe23Type)
- External
Ref Category Package Manager - PACKAGE_MANAGERPackage Manager (e.g. maven-central, npm, nuget, bower, purl)
- External
Ref Category Persistent Id - PERSISTENT_IDPersistent-Id (e.g. swh)
- External
Ref Category Other - OTHEROther
- Category
Unspecified - CATEGORY_UNSPECIFIEDUnspecified
- Security
- SECURITYSecurity (e.g. cpe22Type, cpe23Type)
- Package
Manager - PACKAGE_MANAGERPackage Manager (e.g. maven-central, npm, nuget, bower, purl)
- Persistent
Id - PERSISTENT_IDPersistent-Id (e.g. swh)
- Other
- OTHEROther
- Category
Unspecified - CATEGORY_UNSPECIFIEDUnspecified
- Security
- SECURITYSecurity (e.g. cpe22Type, cpe23Type)
- Package
Manager - PACKAGE_MANAGERPackage Manager (e.g. maven-central, npm, nuget, bower, purl)
- Persistent
Id - PERSISTENT_IDPersistent-Id (e.g. swh)
- Other
- OTHEROther
- CATEGORY_UNSPECIFIED
- CATEGORY_UNSPECIFIEDUnspecified
- SECURITY
- SECURITYSecurity (e.g. cpe22Type, cpe23Type)
- PACKAGE_MANAGER
- PACKAGE_MANAGERPackage Manager (e.g. maven-central, npm, nuget, bower, purl)
- PERSISTENT_ID
- PERSISTENT_IDPersistent-Id (e.g. swh)
- OTHER
- OTHEROther
- "CATEGORY_UNSPECIFIED"
- CATEGORY_UNSPECIFIEDUnspecified
- "SECURITY"
- SECURITYSecurity (e.g. cpe22Type, cpe23Type)
- "PACKAGE_MANAGER"
- PACKAGE_MANAGERPackage Manager (e.g. maven-central, npm, nuget, bower, purl)
- "PERSISTENT_ID"
- PERSISTENT_IDPersistent-Id (e.g. swh)
- "OTHER"
- OTHEROther
ExternalRefResponse, ExternalRefResponseArgs
- Category string
- An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- Comment string
- Human-readable information about the purpose and target of the reference
- Locator string
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- Type string
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
- Category string
- An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- Comment string
- Human-readable information about the purpose and target of the reference
- Locator string
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- Type string
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
- category String
- An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- comment String
- Human-readable information about the purpose and target of the reference
- locator String
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- type String
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
- category string
- An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- comment string
- Human-readable information about the purpose and target of the reference
- locator string
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- type string
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
- category str
- An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- comment str
- Human-readable information about the purpose and target of the reference
- locator str
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- type str
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
- category String
- An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- comment String
- Human-readable information about the purpose and target of the reference
- locator String
- The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
- type String
- Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
FileLocation, FileLocationArgs
- File
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- File
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path String - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file_
path str - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path String - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
FileLocationResponse, FileLocationResponseArgs
- File
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- File
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path String - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file_
path str - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path String - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
FileNote, FileNoteArgs
- Checksum List<string>
- Provide a unique identifier to match analysis information on each specific file in a package
- File
Type Pulumi.Google Native. Container Analysis. V1Alpha1. File Note File Type - This field provides information about the type of file identified
- Title string
- Identify the full path and filename that corresponds to the file information in this section
- Checksum []string
- Provide a unique identifier to match analysis information on each specific file in a package
- File
Type FileNote File Type - This field provides information about the type of file identified
- Title string
- Identify the full path and filename that corresponds to the file information in this section
- checksum List<String>
- Provide a unique identifier to match analysis information on each specific file in a package
- file
Type FileNote File Type - This field provides information about the type of file identified
- title String
- Identify the full path and filename that corresponds to the file information in this section
- checksum string[]
- Provide a unique identifier to match analysis information on each specific file in a package
- file
Type FileNote File Type - This field provides information about the type of file identified
- title string
- Identify the full path and filename that corresponds to the file information in this section
- checksum Sequence[str]
- Provide a unique identifier to match analysis information on each specific file in a package
- file_
type FileNote File Type - This field provides information about the type of file identified
- title str
- Identify the full path and filename that corresponds to the file information in this section
- checksum List<String>
- Provide a unique identifier to match analysis information on each specific file in a package
- file
Type "FILE_TYPE_UNSPECIFIED" | "SOURCE" | "BINARY" | "ARCHIVE" | "APPLICATION" | "AUDIO" | "IMAGE" | "TEXT" | "VIDEO" | "DOCUMENTATION" | "SPDX" | "OTHER" - This field provides information about the type of file identified
- title String
- Identify the full path and filename that corresponds to the file information in this section
FileNoteFileType, FileNoteFileTypeArgs
- File
Type Unspecified - FILE_TYPE_UNSPECIFIEDUnspecified
- Source
- SOURCEThe file is human readable source code (.c, .html, etc.)
- Binary
- BINARYThe file is a compiled object, target image or binary executable (.o, .a, etc.)
- Archive
- ARCHIVEThe file represents an archive (.tar, .jar, etc.)
- Application
- APPLICATIONThe file is associated with a specific application type (MIME type of application/*)
- Audio
- AUDIOThe file is associated with an audio file (MIME type of audio/* , e.g. .mp3)
- Image
- IMAGEThe file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)
- Text
- TEXTThe file is human readable text file (MIME type of text/*)
- Video
- VIDEOThe file is associated with a video file type (MIME type of video/*)
- Documentation
- DOCUMENTATIONThe file serves as documentation
- Spdx
- SPDXThe file is an SPDX document
- Other
- OTHERThe file doesn't fit into the above categories (generated artifacts, data files, etc.)
- File
Note File Type File Type Unspecified - FILE_TYPE_UNSPECIFIEDUnspecified
- File
Note File Type Source - SOURCEThe file is human readable source code (.c, .html, etc.)
- File
Note File Type Binary - BINARYThe file is a compiled object, target image or binary executable (.o, .a, etc.)
- File
Note File Type Archive - ARCHIVEThe file represents an archive (.tar, .jar, etc.)
- File
Note File Type Application - APPLICATIONThe file is associated with a specific application type (MIME type of application/*)
- File
Note File Type Audio - AUDIOThe file is associated with an audio file (MIME type of audio/* , e.g. .mp3)
- File
Note File Type Image - IMAGEThe file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)
- File
Note File Type Text - TEXTThe file is human readable text file (MIME type of text/*)
- File
Note File Type Video - VIDEOThe file is associated with a video file type (MIME type of video/*)
- File
Note File Type Documentation - DOCUMENTATIONThe file serves as documentation
- File
Note File Type Spdx - SPDXThe file is an SPDX document
- File
Note File Type Other - OTHERThe file doesn't fit into the above categories (generated artifacts, data files, etc.)
- File
Type Unspecified - FILE_TYPE_UNSPECIFIEDUnspecified
- Source
- SOURCEThe file is human readable source code (.c, .html, etc.)
- Binary
- BINARYThe file is a compiled object, target image or binary executable (.o, .a, etc.)
- Archive
- ARCHIVEThe file represents an archive (.tar, .jar, etc.)
- Application
- APPLICATIONThe file is associated with a specific application type (MIME type of application/*)
- Audio
- AUDIOThe file is associated with an audio file (MIME type of audio/* , e.g. .mp3)
- Image
- IMAGEThe file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)
- Text
- TEXTThe file is human readable text file (MIME type of text/*)
- Video
- VIDEOThe file is associated with a video file type (MIME type of video/*)
- Documentation
- DOCUMENTATIONThe file serves as documentation
- Spdx
- SPDXThe file is an SPDX document
- Other
- OTHERThe file doesn't fit into the above categories (generated artifacts, data files, etc.)
- File
Type Unspecified - FILE_TYPE_UNSPECIFIEDUnspecified
- Source
- SOURCEThe file is human readable source code (.c, .html, etc.)
- Binary
- BINARYThe file is a compiled object, target image or binary executable (.o, .a, etc.)
- Archive
- ARCHIVEThe file represents an archive (.tar, .jar, etc.)
- Application
- APPLICATIONThe file is associated with a specific application type (MIME type of application/*)
- Audio
- AUDIOThe file is associated with an audio file (MIME type of audio/* , e.g. .mp3)
- Image
- IMAGEThe file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)
- Text
- TEXTThe file is human readable text file (MIME type of text/*)
- Video
- VIDEOThe file is associated with a video file type (MIME type of video/*)
- Documentation
- DOCUMENTATIONThe file serves as documentation
- Spdx
- SPDXThe file is an SPDX document
- Other
- OTHERThe file doesn't fit into the above categories (generated artifacts, data files, etc.)
- FILE_TYPE_UNSPECIFIED
- FILE_TYPE_UNSPECIFIEDUnspecified
- SOURCE
- SOURCEThe file is human readable source code (.c, .html, etc.)
- BINARY
- BINARYThe file is a compiled object, target image or binary executable (.o, .a, etc.)
- ARCHIVE
- ARCHIVEThe file represents an archive (.tar, .jar, etc.)
- APPLICATION
- APPLICATIONThe file is associated with a specific application type (MIME type of application/*)
- AUDIO
- AUDIOThe file is associated with an audio file (MIME type of audio/* , e.g. .mp3)
- IMAGE
- IMAGEThe file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)
- TEXT
- TEXTThe file is human readable text file (MIME type of text/*)
- VIDEO
- VIDEOThe file is associated with a video file type (MIME type of video/*)
- DOCUMENTATION
- DOCUMENTATIONThe file serves as documentation
- SPDX
- SPDXThe file is an SPDX document
- OTHER
- OTHERThe file doesn't fit into the above categories (generated artifacts, data files, etc.)
- "FILE_TYPE_UNSPECIFIED"
- FILE_TYPE_UNSPECIFIEDUnspecified
- "SOURCE"
- SOURCEThe file is human readable source code (.c, .html, etc.)
- "BINARY"
- BINARYThe file is a compiled object, target image or binary executable (.o, .a, etc.)
- "ARCHIVE"
- ARCHIVEThe file represents an archive (.tar, .jar, etc.)
- "APPLICATION"
- APPLICATIONThe file is associated with a specific application type (MIME type of application/*)
- "AUDIO"
- AUDIOThe file is associated with an audio file (MIME type of audio/* , e.g. .mp3)
- "IMAGE"
- IMAGEThe file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)
- "TEXT"
- TEXTThe file is human readable text file (MIME type of text/*)
- "VIDEO"
- VIDEOThe file is associated with a video file type (MIME type of video/*)
- "DOCUMENTATION"
- DOCUMENTATIONThe file serves as documentation
- "SPDX"
- SPDXThe file is an SPDX document
- "OTHER"
- OTHERThe file doesn't fit into the above categories (generated artifacts, data files, etc.)
FileNoteResponse, FileNoteResponseArgs
Fingerprint, FingerprintArgs
FingerprintResponse, FingerprintResponseArgs
- V1Name string
- The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.
- V2Blob List<string>
- The ordered list of v2 blobs that represent a given image.
- V2Name string
- The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.
- V1Name string
- The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.
- V2Blob []string
- The ordered list of v2 blobs that represent a given image.
- V2Name string
- The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.
- v1Name String
- The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.
- v2Blob List<String>
- The ordered list of v2 blobs that represent a given image.
- v2Name String
- The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.
- v1Name string
- The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.
- v2Blob string[]
- The ordered list of v2 blobs that represent a given image.
- v2Name string
- The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.
- v1_
name str - The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.
- v2_
blob Sequence[str] - The ordered list of v2 blobs that represent a given image.
- v2_
name str - The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.
- v1Name String
- The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.
- v2Blob List<String>
- The ordered list of v2 blobs that represent a given image.
- v2Name String
- The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.
IdentifierHelper, IdentifierHelperArgs
- Field
Pulumi.
Google Native. Container Analysis. V1Alpha1. Identifier Helper Field - The field that is set in the API proto.
- Generic
Uri string - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
- Field
Identifier
Helper Field - The field that is set in the API proto.
- Generic
Uri string - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
- field
Identifier
Helper Field - The field that is set in the API proto.
- generic
Uri String - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
- field
Identifier
Helper Field - The field that is set in the API proto.
- generic
Uri string - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
- field
Identifier
Helper Field - The field that is set in the API proto.
- generic_
uri str - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
- field "IDENTIFIER_HELPER_FIELD_UNSPECIFIED" | "GENERIC_URI"
- The field that is set in the API proto.
- generic
Uri String - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
IdentifierHelperField, IdentifierHelperFieldArgs
- Identifier
Helper Field Unspecified - IDENTIFIER_HELPER_FIELD_UNSPECIFIEDThe helper isn't set.
- Generic
Uri - GENERIC_URIThe generic_uri one-of field is set.
- Identifier
Helper Field Identifier Helper Field Unspecified - IDENTIFIER_HELPER_FIELD_UNSPECIFIEDThe helper isn't set.
- Identifier
Helper Field Generic Uri - GENERIC_URIThe generic_uri one-of field is set.
- Identifier
Helper Field Unspecified - IDENTIFIER_HELPER_FIELD_UNSPECIFIEDThe helper isn't set.
- Generic
Uri - GENERIC_URIThe generic_uri one-of field is set.
- Identifier
Helper Field Unspecified - IDENTIFIER_HELPER_FIELD_UNSPECIFIEDThe helper isn't set.
- Generic
Uri - GENERIC_URIThe generic_uri one-of field is set.
- IDENTIFIER_HELPER_FIELD_UNSPECIFIED
- IDENTIFIER_HELPER_FIELD_UNSPECIFIEDThe helper isn't set.
- GENERIC_URI
- GENERIC_URIThe generic_uri one-of field is set.
- "IDENTIFIER_HELPER_FIELD_UNSPECIFIED"
- IDENTIFIER_HELPER_FIELD_UNSPECIFIEDThe helper isn't set.
- "GENERIC_URI"
- GENERIC_URIThe generic_uri one-of field is set.
IdentifierHelperResponse, IdentifierHelperResponseArgs
- Field string
- The field that is set in the API proto.
- Generic
Uri string - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
- Field string
- The field that is set in the API proto.
- Generic
Uri string - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
- field String
- The field that is set in the API proto.
- generic
Uri String - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
- field string
- The field that is set in the API proto.
- generic
Uri string - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
- field str
- The field that is set in the API proto.
- generic_
uri str - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
- field String
- The field that is set in the API proto.
- generic
Uri String - Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
Justification, JustificationArgs
- Details string
- Additional details on why this justification was chosen.
- Justification
Type Pulumi.Google Native. Container Analysis. V1Alpha1. Justification Justification Type - The justification type for this vulnerability.
- Details string
- Additional details on why this justification was chosen.
- Justification
Type JustificationJustification Type - The justification type for this vulnerability.
- details String
- Additional details on why this justification was chosen.
- justification
Type JustificationJustification Type - The justification type for this vulnerability.
- details string
- Additional details on why this justification was chosen.
- justification
Type JustificationJustification Type - The justification type for this vulnerability.
- details str
- Additional details on why this justification was chosen.
- justification_
type JustificationJustification Type - The justification type for this vulnerability.
- details String
- Additional details on why this justification was chosen.
- justification
Type "JUSTIFICATION_TYPE_UNSPECIFIED" | "COMPONENT_NOT_PRESENT" | "VULNERABLE_CODE_NOT_PRESENT" | "VULNERABLE_CODE_NOT_IN_EXECUTE_PATH" | "VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY" | "INLINE_MITIGATIONS_ALREADY_EXIST" - The justification type for this vulnerability.
JustificationJustificationType, JustificationJustificationTypeArgs
- Justification
Type Unspecified - JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- Component
Not Present - COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- Vulnerable
Code Not Present - VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- Vulnerable
Code Not In Execute Path - VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- Vulnerable
Code Cannot Be Controlled By Adversary - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- Inline
Mitigations Already Exist - INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
- Justification
Justification Type Justification Type Unspecified - JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- Justification
Justification Type Component Not Present - COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- Justification
Justification Type Vulnerable Code Not Present - VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- Justification
Justification Type Vulnerable Code Not In Execute Path - VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- Justification
Justification Type Vulnerable Code Cannot Be Controlled By Adversary - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- Justification
Justification Type Inline Mitigations Already Exist - INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
- Justification
Type Unspecified - JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- Component
Not Present - COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- Vulnerable
Code Not Present - VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- Vulnerable
Code Not In Execute Path - VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- Vulnerable
Code Cannot Be Controlled By Adversary - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- Inline
Mitigations Already Exist - INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
- Justification
Type Unspecified - JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- Component
Not Present - COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- Vulnerable
Code Not Present - VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- Vulnerable
Code Not In Execute Path - VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- Vulnerable
Code Cannot Be Controlled By Adversary - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- Inline
Mitigations Already Exist - INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
- JUSTIFICATION_TYPE_UNSPECIFIED
- JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- COMPONENT_NOT_PRESENT
- COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- VULNERABLE_CODE_NOT_PRESENT
- VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- VULNERABLE_CODE_NOT_IN_EXECUTE_PATH
- VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY
- VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- INLINE_MITIGATIONS_ALREADY_EXIST
- INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
- "JUSTIFICATION_TYPE_UNSPECIFIED"
- JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- "COMPONENT_NOT_PRESENT"
- COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- "VULNERABLE_CODE_NOT_PRESENT"
- VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- "VULNERABLE_CODE_NOT_IN_EXECUTE_PATH"
- VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- "VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY"
- VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- "INLINE_MITIGATIONS_ALREADY_EXIST"
- INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
JustificationResponse, JustificationResponseArgs
- Details string
- Additional details on why this justification was chosen.
- Justification
Type string - The justification type for this vulnerability.
- Details string
- Additional details on why this justification was chosen.
- Justification
Type string - The justification type for this vulnerability.
- details String
- Additional details on why this justification was chosen.
- justification
Type String - The justification type for this vulnerability.
- details string
- Additional details on why this justification was chosen.
- justification
Type string - The justification type for this vulnerability.
- details str
- Additional details on why this justification was chosen.
- justification_
type str - The justification type for this vulnerability.
- details String
- Additional details on why this justification was chosen.
- justification
Type String - The justification type for this vulnerability.
License, LicenseArgs
- Comments string
- Comments
- Expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- Comments string
- Comments
- Expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments String
- Comments
- expression String
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments string
- Comments
- expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments str
- Comments
- expression str
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments String
- Comments
- expression String
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
LicenseResponse, LicenseResponseArgs
- Comments string
- Comments
- Expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- Comments string
- Comments
- Expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments String
- Comments
- expression String
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments string
- Comments
- expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments str
- Comments
- expression str
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments String
- Comments
- expression String
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
Package, PackageArgs
- Architecture
Pulumi.
Google Native. Container Analysis. V1Alpha1. Package Architecture - The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- Cpe
Uri string - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- Description string
- The description of this package.
- Digest
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Digest> - Hash value, typically a file digest, that allows unique identification a specific package.
- Distribution
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Distribution> - The various channels by which a package is distributed.
- License
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. License - Licenses that have been declared by the authors of the package.
- Maintainer string
- A freeform text denoting the maintainer of this package.
- Name string
- The name of the package.
- Package
Type string - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- Url string
- The homepage for this package.
- Version
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Version - The version of the package.
- Architecture
Package
Architecture - The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- Cpe
Uri string - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- Description string
- The description of this package.
- Digest []Digest
- Hash value, typically a file digest, that allows unique identification a specific package.
- Distribution []Distribution
- The various channels by which a package is distributed.
- License License
- Licenses that have been declared by the authors of the package.
- Maintainer string
- A freeform text denoting the maintainer of this package.
- Name string
- The name of the package.
- Package
Type string - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- Url string
- The homepage for this package.
- Version Version
- The version of the package.
- architecture
Package
Architecture - The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe
Uri String - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- description String
- The description of this package.
- digest List<Digest>
- Hash value, typically a file digest, that allows unique identification a specific package.
- distribution List<Distribution>
- The various channels by which a package is distributed.
- license License
- Licenses that have been declared by the authors of the package.
- maintainer String
- A freeform text denoting the maintainer of this package.
- name String
- The name of the package.
- package
Type String - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- url String
- The homepage for this package.
- version Version
- The version of the package.
- architecture
Package
Architecture - The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe
Uri string - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- description string
- The description of this package.
- digest Digest[]
- Hash value, typically a file digest, that allows unique identification a specific package.
- distribution Distribution[]
- The various channels by which a package is distributed.
- license License
- Licenses that have been declared by the authors of the package.
- maintainer string
- A freeform text denoting the maintainer of this package.
- name string
- The name of the package.
- package
Type string - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- url string
- The homepage for this package.
- version Version
- The version of the package.
- architecture
Package
Architecture - The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe_
uri str - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- description str
- The description of this package.
- digest Sequence[Digest]
- Hash value, typically a file digest, that allows unique identification a specific package.
- distribution Sequence[Distribution]
- The various channels by which a package is distributed.
- license License
- Licenses that have been declared by the authors of the package.
- maintainer str
- A freeform text denoting the maintainer of this package.
- name str
- The name of the package.
- package_
type str - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- url str
- The homepage for this package.
- version Version
- The version of the package.
- architecture "ARCHITECTURE_UNSPECIFIED" | "X86" | "X64"
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe
Uri String - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- description String
- The description of this package.
- digest List<Property Map>
- Hash value, typically a file digest, that allows unique identification a specific package.
- distribution List<Property Map>
- The various channels by which a package is distributed.
- license Property Map
- Licenses that have been declared by the authors of the package.
- maintainer String
- A freeform text denoting the maintainer of this package.
- name String
- The name of the package.
- package
Type String - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- url String
- The homepage for this package.
- version Property Map
- The version of the package.
PackageArchitecture, PackageArchitectureArgs
- Architecture
Unspecified - ARCHITECTURE_UNSPECIFIEDUnknown architecture
- X86
- X86X86 architecture
- X64
- X64X64 architecture
- Package
Architecture Architecture Unspecified - ARCHITECTURE_UNSPECIFIEDUnknown architecture
- Package
Architecture X86 - X86X86 architecture
- Package
Architecture X64 - X64X64 architecture
- Architecture
Unspecified - ARCHITECTURE_UNSPECIFIEDUnknown architecture
- X86
- X86X86 architecture
- X64
- X64X64 architecture
- Architecture
Unspecified - ARCHITECTURE_UNSPECIFIEDUnknown architecture
- X86
- X86X86 architecture
- X64
- X64X64 architecture
- ARCHITECTURE_UNSPECIFIED
- ARCHITECTURE_UNSPECIFIEDUnknown architecture
- X86
- X86X86 architecture
- X64
- X64X64 architecture
- "ARCHITECTURE_UNSPECIFIED"
- ARCHITECTURE_UNSPECIFIEDUnknown architecture
- "X86"
- X86X86 architecture
- "X64"
- X64X64 architecture
PackageInfoNote, PackageInfoNoteArgs
- Analyzed bool
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- Attribution string
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- Checksum string
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- Copyright string
- Identify the copyright holders of the package, as well as any dates present
- Detailed
Description string - A more detailed description of the package
- Download
Location string - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- External
Refs List<Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. External Ref> - ExternalRef
- Files
License List<string>Info - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- Home
Page string - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- License
Declared Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. License - List the licenses that have been declared by the authors of the package
- Originator string
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- Package
Type string - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- Summary
Description string - A short description of the package
- Supplier string
- Identify the actual distribution source for the package/directory identified in the SPDX file
- Title string
- Identify the full name of the package as given by the Package Originator
- Verification
Code string - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- Version string
- Identify the version of the package
- Analyzed bool
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- Attribution string
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- Checksum string
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- Copyright string
- Identify the copyright holders of the package, as well as any dates present
- Detailed
Description string - A more detailed description of the package
- Download
Location string - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- External
Refs []ExternalRef - ExternalRef
- Files
License []stringInfo - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- Home
Page string - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- License
Declared License - List the licenses that have been declared by the authors of the package
- Originator string
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- Package
Type string - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- Summary
Description string - A short description of the package
- Supplier string
- Identify the actual distribution source for the package/directory identified in the SPDX file
- Title string
- Identify the full name of the package as given by the Package Originator
- Verification
Code string - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- Version string
- Identify the version of the package
- analyzed Boolean
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- attribution String
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- checksum String
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- copyright String
- Identify the copyright holders of the package, as well as any dates present
- detailed
Description String - A more detailed description of the package
- download
Location String - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- external
Refs List<ExternalRef> - ExternalRef
- files
License List<String>Info - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- home
Page String - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- license
Declared License - List the licenses that have been declared by the authors of the package
- originator String
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- package
Type String - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- summary
Description String - A short description of the package
- supplier String
- Identify the actual distribution source for the package/directory identified in the SPDX file
- title String
- Identify the full name of the package as given by the Package Originator
- verification
Code String - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- version String
- Identify the version of the package
- analyzed boolean
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- attribution string
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- checksum string
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- copyright string
- Identify the copyright holders of the package, as well as any dates present
- detailed
Description string - A more detailed description of the package
- download
Location string - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- external
Refs ExternalRef[] - ExternalRef
- files
License string[]Info - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- home
Page string - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- license
Declared License - List the licenses that have been declared by the authors of the package
- originator string
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- package
Type string - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- summary
Description string - A short description of the package
- supplier string
- Identify the actual distribution source for the package/directory identified in the SPDX file
- title string
- Identify the full name of the package as given by the Package Originator
- verification
Code string - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- version string
- Identify the version of the package
- analyzed bool
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- attribution str
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- checksum str
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- copyright str
- Identify the copyright holders of the package, as well as any dates present
- detailed_
description str - A more detailed description of the package
- download_
location str - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- external_
refs Sequence[ExternalRef] - ExternalRef
- files_
license_ Sequence[str]info - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- home_
page str - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- license_
declared License - List the licenses that have been declared by the authors of the package
- originator str
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- package_
type str - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- summary_
description str - A short description of the package
- supplier str
- Identify the actual distribution source for the package/directory identified in the SPDX file
- title str
- Identify the full name of the package as given by the Package Originator
- verification_
code str - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- version str
- Identify the version of the package
- analyzed Boolean
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- attribution String
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- checksum String
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- copyright String
- Identify the copyright holders of the package, as well as any dates present
- detailed
Description String - A more detailed description of the package
- download
Location String - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- external
Refs List<Property Map> - ExternalRef
- files
License List<String>Info - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- home
Page String - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- license
Declared Property Map - List the licenses that have been declared by the authors of the package
- originator String
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- package
Type String - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- summary
Description String - A short description of the package
- supplier String
- Identify the actual distribution source for the package/directory identified in the SPDX file
- title String
- Identify the full name of the package as given by the Package Originator
- verification
Code String - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- version String
- Identify the version of the package
PackageInfoNoteResponse, PackageInfoNoteResponseArgs
- Analyzed bool
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- Attribution string
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- Checksum string
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- Copyright string
- Identify the copyright holders of the package, as well as any dates present
- Detailed
Description string - A more detailed description of the package
- Download
Location string - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- External
Refs List<Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. External Ref Response> - ExternalRef
- Files
License List<string>Info - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- Home
Page string - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- License
Declared Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. License Response - List the licenses that have been declared by the authors of the package
- Originator string
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- Package
Type string - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- Summary
Description string - A short description of the package
- Supplier string
- Identify the actual distribution source for the package/directory identified in the SPDX file
- Title string
- Identify the full name of the package as given by the Package Originator
- Verification
Code string - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- Version string
- Identify the version of the package
- Analyzed bool
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- Attribution string
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- Checksum string
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- Copyright string
- Identify the copyright holders of the package, as well as any dates present
- Detailed
Description string - A more detailed description of the package
- Download
Location string - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- External
Refs []ExternalRef Response - ExternalRef
- Files
License []stringInfo - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- Home
Page string - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- License
Declared LicenseResponse - List the licenses that have been declared by the authors of the package
- Originator string
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- Package
Type string - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- Summary
Description string - A short description of the package
- Supplier string
- Identify the actual distribution source for the package/directory identified in the SPDX file
- Title string
- Identify the full name of the package as given by the Package Originator
- Verification
Code string - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- Version string
- Identify the version of the package
- analyzed Boolean
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- attribution String
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- checksum String
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- copyright String
- Identify the copyright holders of the package, as well as any dates present
- detailed
Description String - A more detailed description of the package
- download
Location String - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- external
Refs List<ExternalRef Response> - ExternalRef
- files
License List<String>Info - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- home
Page String - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- license
Declared LicenseResponse - List the licenses that have been declared by the authors of the package
- originator String
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- package
Type String - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- summary
Description String - A short description of the package
- supplier String
- Identify the actual distribution source for the package/directory identified in the SPDX file
- title String
- Identify the full name of the package as given by the Package Originator
- verification
Code String - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- version String
- Identify the version of the package
- analyzed boolean
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- attribution string
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- checksum string
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- copyright string
- Identify the copyright holders of the package, as well as any dates present
- detailed
Description string - A more detailed description of the package
- download
Location string - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- external
Refs ExternalRef Response[] - ExternalRef
- files
License string[]Info - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- home
Page string - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- license
Declared LicenseResponse - List the licenses that have been declared by the authors of the package
- originator string
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- package
Type string - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- summary
Description string - A short description of the package
- supplier string
- Identify the actual distribution source for the package/directory identified in the SPDX file
- title string
- Identify the full name of the package as given by the Package Originator
- verification
Code string - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- version string
- Identify the version of the package
- analyzed bool
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- attribution str
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- checksum str
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- copyright str
- Identify the copyright holders of the package, as well as any dates present
- detailed_
description str - A more detailed description of the package
- download_
location str - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- external_
refs Sequence[ExternalRef Response] - ExternalRef
- files_
license_ Sequence[str]info - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- home_
page str - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- license_
declared LicenseResponse - List the licenses that have been declared by the authors of the package
- originator str
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- package_
type str - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- summary_
description str - A short description of the package
- supplier str
- Identify the actual distribution source for the package/directory identified in the SPDX file
- title str
- Identify the full name of the package as given by the Package Originator
- verification_
code str - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- version str
- Identify the version of the package
- analyzed Boolean
- Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
- attribution String
- A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
- checksum String
- Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
- copyright String
- Identify the copyright holders of the package, as well as any dates present
- detailed
Description String - A more detailed description of the package
- download
Location String - This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
- external
Refs List<Property Map> - ExternalRef
- files
License List<String>Info - Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
- home
Page String - Provide a place for the SPDX file creator to record a web site that serves as the package's home page
- license
Declared Property Map - List the licenses that have been declared by the authors of the package
- originator String
- If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
- package
Type String - The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
- summary
Description String - A short description of the package
- supplier String
- Identify the actual distribution source for the package/directory identified in the SPDX file
- title String
- Identify the full name of the package as given by the Package Originator
- verification
Code String - This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
- version String
- Identify the version of the package
PackageResponse, PackageResponseArgs
- Architecture string
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- Cpe
Uri string - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- Description string
- The description of this package.
- Digest
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Digest Response> - Hash value, typically a file digest, that allows unique identification a specific package.
- Distribution
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Distribution Response> - The various channels by which a package is distributed.
- License
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. License Response - Licenses that have been declared by the authors of the package.
- Maintainer string
- A freeform text denoting the maintainer of this package.
- Name string
- The name of the package.
- Package
Type string - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- Url string
- The homepage for this package.
- Version
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Version Response - The version of the package.
- Architecture string
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- Cpe
Uri string - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- Description string
- The description of this package.
- Digest
[]Digest
Response - Hash value, typically a file digest, that allows unique identification a specific package.
- Distribution
[]Distribution
Response - The various channels by which a package is distributed.
- License
License
Response - Licenses that have been declared by the authors of the package.
- Maintainer string
- A freeform text denoting the maintainer of this package.
- Name string
- The name of the package.
- Package
Type string - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- Url string
- The homepage for this package.
- Version
Version
Response - The version of the package.
- architecture String
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe
Uri String - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- description String
- The description of this package.
- digest
List<Digest
Response> - Hash value, typically a file digest, that allows unique identification a specific package.
- distribution
List<Distribution
Response> - The various channels by which a package is distributed.
- license
License
Response - Licenses that have been declared by the authors of the package.
- maintainer String
- A freeform text denoting the maintainer of this package.
- name String
- The name of the package.
- package
Type String - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- url String
- The homepage for this package.
- version
Version
Response - The version of the package.
- architecture string
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe
Uri string - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- description string
- The description of this package.
- digest
Digest
Response[] - Hash value, typically a file digest, that allows unique identification a specific package.
- distribution
Distribution
Response[] - The various channels by which a package is distributed.
- license
License
Response - Licenses that have been declared by the authors of the package.
- maintainer string
- A freeform text denoting the maintainer of this package.
- name string
- The name of the package.
- package
Type string - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- url string
- The homepage for this package.
- version
Version
Response - The version of the package.
- architecture str
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe_
uri str - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- description str
- The description of this package.
- digest
Sequence[Digest
Response] - Hash value, typically a file digest, that allows unique identification a specific package.
- distribution
Sequence[Distribution
Response] - The various channels by which a package is distributed.
- license
License
Response - Licenses that have been declared by the authors of the package.
- maintainer str
- A freeform text denoting the maintainer of this package.
- name str
- The name of the package.
- package_
type str - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- url str
- The homepage for this package.
- version
Version
Response - The version of the package.
- architecture String
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe
Uri String - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- description String
- The description of this package.
- digest List<Property Map>
- Hash value, typically a file digest, that allows unique identification a specific package.
- distribution List<Property Map>
- The various channels by which a package is distributed.
- license Property Map
- Licenses that have been declared by the authors of the package.
- maintainer String
- A freeform text denoting the maintainer of this package.
- name String
- The name of the package.
- package
Type String - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- url String
- The homepage for this package.
- version Property Map
- The version of the package.
Product, ProductArgs
- Id string
- Token that identifies a product so that it can be referred to from other parts in the document. There is no predefined format as long as it uniquely identifies a group in the context of the current document.
- Identifier
Helper Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Identifier Helper - Helps in identifying the underlying product.
- Name string
- Name of the product.
- Id string
- Token that identifies a product so that it can be referred to from other parts in the document. There is no predefined format as long as it uniquely identifies a group in the context of the current document.
- Identifier
Helper IdentifierHelper - Helps in identifying the underlying product.
- Name string
- Name of the product.
- id String
- Token that identifies a product so that it can be referred to from other parts in the document. There is no predefined format as long as it uniquely identifies a group in the context of the current document.
- identifier
Helper IdentifierHelper - Helps in identifying the underlying product.
- name String
- Name of the product.
- id string
- Token that identifies a product so that it can be referred to from other parts in the document. There is no predefined format as long as it uniquely identifies a group in the context of the current document.
- identifier
Helper IdentifierHelper - Helps in identifying the underlying product.
- name string
- Name of the product.
- id str
- Token that identifies a product so that it can be referred to from other parts in the document. There is no predefined format as long as it uniquely identifies a group in the context of the current document.
- identifier_
helper IdentifierHelper - Helps in identifying the underlying product.
- name str
- Name of the product.
- id String
- Token that identifies a product so that it can be referred to from other parts in the document. There is no predefined format as long as it uniquely identifies a group in the context of the current document.
- identifier
Helper Property Map - Helps in identifying the underlying product.
- name String
- Name of the product.
ProductResponse, ProductResponseArgs
- Identifier
Helper Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. Identifier Helper Response - Helps in identifying the underlying product.
- Name string
- Name of the product.
- Identifier
Helper IdentifierHelper Response - Helps in identifying the underlying product.
- Name string
- Name of the product.
- identifier
Helper IdentifierHelper Response - Helps in identifying the underlying product.
- name String
- Name of the product.
- identifier
Helper IdentifierHelper Response - Helps in identifying the underlying product.
- name string
- Name of the product.
- identifier_
helper IdentifierHelper Response - Helps in identifying the underlying product.
- name str
- Name of the product.
- identifier
Helper Property Map - Helps in identifying the underlying product.
- name String
- Name of the product.
Publisher, PublisherArgs
- string
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- Name string
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- Publisher
Namespace string - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
- string
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- Name string
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- Publisher
Namespace string - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
- String
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- name String
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- publisher
Namespace String - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
- string
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- name string
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- publisher
Namespace string - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
- str
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- name str
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- publisher_
namespace str - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
- String
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- name String
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- publisher
Namespace String - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
PublisherResponse, PublisherResponseArgs
- string
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- Name string
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- Publisher
Namespace string - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
- string
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- Name string
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- Publisher
Namespace string - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
- String
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- name String
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- publisher
Namespace String - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
- string
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- name string
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- publisher
Namespace string - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
- str
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- name str
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- publisher_
namespace str - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
- String
- Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
- name String
- Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
- publisher
Namespace String - The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
RelatedUrl, RelatedUrlArgs
RelatedUrlResponse, RelatedUrlResponseArgs
RelationshipNote, RelationshipNoteArgs
- Type
Pulumi.
Google Native. Container Analysis. V1Alpha1. Relationship Note Type - The type of relationship between the source and target SPDX elements
- Type
Relationship
Note Type - The type of relationship between the source and target SPDX elements
- type
Relationship
Note Type - The type of relationship between the source and target SPDX elements
- type
Relationship
Note Type - The type of relationship between the source and target SPDX elements
- type
Relationship
Note Type - The type of relationship between the source and target SPDX elements
- type "RELATIONSHIP_TYPE_UNSPECIFIED" | "DESCRIBES" | "DESCRIBED_BY" | "CONTAINS" | "CONTAINED_BY" | "DEPENDS_ON" | "DEPENDENCY_OF" | "DEPENDENCY_MANIFEST_OF" | "BUILD_DEPENDENCY_OF" | "DEV_DEPENDENCY_OF" | "OPTIONAL_DEPENDENCY_OF" | "PROVIDED_DEPENDENCY_OF" | "TEST_DEPENDENCY_OF" | "RUNTIME_DEPENDENCY_OF" | "EXAMPLE_OF" | "GENERATES" | "GENERATED_FROM" | "ANCESTOR_OF" | "DESCENDANT_OF" | "VARIANT_OF" | "DISTRIBUTION_ARTIFACT" | "PATCH_FOR" | "PATCH_APPLIED" | "COPY_OF" | "FILE_ADDED" | "FILE_DELETED" | "FILE_MODIFIED" | "EXPANDED_FROM_ARCHIVE" | "DYNAMIC_LINK" | "STATIC_LINK" | "DATA_FILE_OF" | "TEST_CASE_OF" | "BUILD_TOOL_OF" | "DEV_TOOL_OF" | "TEST_OF" | "TEST_TOOL_OF" | "DOCUMENTATION_OF" | "OPTIONAL_COMPONENT_OF" | "METAFILE_OF" | "PACKAGE_OF" | "AMENDS" | "PREREQUISITE_FOR" | "HAS_PREREQUISITE" | "OTHER"
- The type of relationship between the source and target SPDX elements
RelationshipNoteResponse, RelationshipNoteResponseArgs
- Type string
- The type of relationship between the source and target SPDX elements
- Type string
- The type of relationship between the source and target SPDX elements
- type String
- The type of relationship between the source and target SPDX elements
- type string
- The type of relationship between the source and target SPDX elements
- type str
- The type of relationship between the source and target SPDX elements
- type String
- The type of relationship between the source and target SPDX elements
RelationshipNoteType, RelationshipNoteTypeArgs
- Relationship
Type Unspecified - RELATIONSHIP_TYPE_UNSPECIFIEDUnspecified
- Describes
- DESCRIBESIs to be used when SPDXRef-DOCUMENT describes SPDXRef-A
- Described
By - DESCRIBED_BYIs to be used when SPDXRef-A is described by SPDXREF-Document
- Contains
- CONTAINSIs to be used when SPDXRef-A contains SPDXRef-B
- Contained
By - CONTAINED_BYIs to be used when SPDXRef-A is contained by SPDXRef-B
- Depends
On - DEPENDS_ONIs to be used when SPDXRef-A depends on SPDXRef-B
- Dependency
Of - DEPENDENCY_OFIs to be used when SPDXRef-A is dependency of SPDXRef-B
- Dependency
Manifest Of - DEPENDENCY_MANIFEST_OFIs to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B
- Build
Dependency Of - BUILD_DEPENDENCY_OFIs to be used when SPDXRef-A is a build dependency of SPDXRef-B
- Dev
Dependency Of - DEV_DEPENDENCY_OFIs to be used when SPDXRef-A is a development dependency of SPDXRef-B
- Optional
Dependency Of - OPTIONAL_DEPENDENCY_OFIs to be used when SPDXRef-A is an optional dependency of SPDXRef-B
- Provided
Dependency Of - PROVIDED_DEPENDENCY_OFIs to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B
- Test
Dependency Of - TEST_DEPENDENCY_OFIs to be used when SPDXRef-A is a test dependency of SPDXRef-B
- Runtime
Dependency Of - RUNTIME_DEPENDENCY_OFIs to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B
- Example
Of - EXAMPLE_OFIs to be used when SPDXRef-A is an example of SPDXRef-B
- Generates
- GENERATESIs to be used when SPDXRef-A generates SPDXRef-B
- Generated
From - GENERATED_FROMIs to be used when SPDXRef-A was generated from SPDXRef-B
- Ancestor
Of - ANCESTOR_OFIs to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B
- Descendant
Of - DESCENDANT_OFIs to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B
- Variant
Of - VARIANT_OFIs to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B
- Distribution
Artifact - DISTRIBUTION_ARTIFACTIs to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed
- Patch
For - PATCH_FORIs to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B
- Patch
Applied - PATCH_APPLIEDIs to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B
- Copy
Of - COPY_OFIs to be used when SPDXRef-A is an exact copy of SPDXRef-B
- File
Added - FILE_ADDEDIs to be used when SPDXRef-A is a file that was added to SPDXRef-B
- File
Deleted - FILE_DELETEDIs to be used when SPDXRef-A is a file that was deleted from SPDXRef-B
- File
Modified - FILE_MODIFIEDIs to be used when SPDXRef-A is a file that was modified from SPDXRef-B
- Expanded
From Archive - EXPANDED_FROM_ARCHIVEIs to be used when SPDXRef-A is expanded from the archive SPDXRef-B
- Dynamic
Link - DYNAMIC_LINKIs to be used when SPDXRef-A dynamically links to SPDXRef-B
- Static
Link - STATIC_LINKIs to be used when SPDXRef-A statically links to SPDXRef-B
- Data
File Of - DATA_FILE_OFIs to be used when SPDXRef-A is a data file used in SPDXRef-B
- Test
Case Of - TEST_CASE_OFIs to be used when SPDXRef-A is a test case used in testing SPDXRef-B
- Build
Tool Of - BUILD_TOOL_OFIs to be used when SPDXRef-A is used to build SPDXRef-B
- Dev
Tool Of - DEV_TOOL_OFIs to be used when SPDXRef-A is used as a development tool for SPDXRef-B
- Test
Of - TEST_OFIs to be used when SPDXRef-A is used for testing SPDXRef-B
- Test
Tool Of - TEST_TOOL_OFIs to be used when SPDXRef-A is used as a test tool for SPDXRef-B
- Documentation
Of - DOCUMENTATION_OFIs to be used when SPDXRef-A provides documentation of SPDXRef-B
- Optional
Component Of - OPTIONAL_COMPONENT_OFIs to be used when SPDXRef-A is an optional component of SPDXRef-B
- Metafile
Of - METAFILE_OFIs to be used when SPDXRef-A is a metafile of SPDXRef-B
- Package
Of - PACKAGE_OFIs to be used when SPDXRef-A is used as a package as part of SPDXRef-B
- Amends
- AMENDSIs to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B
- Prerequisite
For - PREREQUISITE_FORIs to be used when SPDXRef-A is a prerequisite for SPDXRef-B
- Has
Prerequisite - HAS_PREREQUISITEIs to be used when SPDXRef-A has as a prerequisite SPDXRef-B
- Other
- OTHERIs to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field
- Relationship
Note Type Relationship Type Unspecified - RELATIONSHIP_TYPE_UNSPECIFIEDUnspecified
- Relationship
Note Type Describes - DESCRIBESIs to be used when SPDXRef-DOCUMENT describes SPDXRef-A
- Relationship
Note Type Described By - DESCRIBED_BYIs to be used when SPDXRef-A is described by SPDXREF-Document
- Relationship
Note Type Contains - CONTAINSIs to be used when SPDXRef-A contains SPDXRef-B
- Relationship
Note Type Contained By - CONTAINED_BYIs to be used when SPDXRef-A is contained by SPDXRef-B
- Relationship
Note Type Depends On - DEPENDS_ONIs to be used when SPDXRef-A depends on SPDXRef-B
- Relationship
Note Type Dependency Of - DEPENDENCY_OFIs to be used when SPDXRef-A is dependency of SPDXRef-B
- Relationship
Note Type Dependency Manifest Of - DEPENDENCY_MANIFEST_OFIs to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B
- Relationship
Note Type Build Dependency Of - BUILD_DEPENDENCY_OFIs to be used when SPDXRef-A is a build dependency of SPDXRef-B
- Relationship
Note Type Dev Dependency Of - DEV_DEPENDENCY_OFIs to be used when SPDXRef-A is a development dependency of SPDXRef-B
- Relationship
Note Type Optional Dependency Of - OPTIONAL_DEPENDENCY_OFIs to be used when SPDXRef-A is an optional dependency of SPDXRef-B
- Relationship
Note Type Provided Dependency Of - PROVIDED_DEPENDENCY_OFIs to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B
- Relationship
Note Type Test Dependency Of - TEST_DEPENDENCY_OFIs to be used when SPDXRef-A is a test dependency of SPDXRef-B
- Relationship
Note Type Runtime Dependency Of - RUNTIME_DEPENDENCY_OFIs to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B
- Relationship
Note Type Example Of - EXAMPLE_OFIs to be used when SPDXRef-A is an example of SPDXRef-B
- Relationship
Note Type Generates - GENERATESIs to be used when SPDXRef-A generates SPDXRef-B
- Relationship
Note Type Generated From - GENERATED_FROMIs to be used when SPDXRef-A was generated from SPDXRef-B
- Relationship
Note Type Ancestor Of - ANCESTOR_OFIs to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B
- Relationship
Note Type Descendant Of - DESCENDANT_OFIs to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B
- Relationship
Note Type Variant Of - VARIANT_OFIs to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B
- Relationship
Note Type Distribution Artifact - DISTRIBUTION_ARTIFACTIs to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed
- Relationship
Note Type Patch For - PATCH_FORIs to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B
- Relationship
Note Type Patch Applied - PATCH_APPLIEDIs to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B
- Relationship
Note Type Copy Of - COPY_OFIs to be used when SPDXRef-A is an exact copy of SPDXRef-B
- Relationship
Note Type File Added - FILE_ADDEDIs to be used when SPDXRef-A is a file that was added to SPDXRef-B
- Relationship
Note Type File Deleted - FILE_DELETEDIs to be used when SPDXRef-A is a file that was deleted from SPDXRef-B
- Relationship
Note Type File Modified - FILE_MODIFIEDIs to be used when SPDXRef-A is a file that was modified from SPDXRef-B
- Relationship
Note Type Expanded From Archive - EXPANDED_FROM_ARCHIVEIs to be used when SPDXRef-A is expanded from the archive SPDXRef-B
- Relationship
Note Type Dynamic Link - DYNAMIC_LINKIs to be used when SPDXRef-A dynamically links to SPDXRef-B
- Relationship
Note Type Static Link - STATIC_LINKIs to be used when SPDXRef-A statically links to SPDXRef-B
- Relationship
Note Type Data File Of - DATA_FILE_OFIs to be used when SPDXRef-A is a data file used in SPDXRef-B
- Relationship
Note Type Test Case Of - TEST_CASE_OFIs to be used when SPDXRef-A is a test case used in testing SPDXRef-B
- Relationship
Note Type Build Tool Of - BUILD_TOOL_OFIs to be used when SPDXRef-A is used to build SPDXRef-B
- Relationship
Note Type Dev Tool Of - DEV_TOOL_OFIs to be used when SPDXRef-A is used as a development tool for SPDXRef-B
- Relationship
Note Type Test Of - TEST_OFIs to be used when SPDXRef-A is used for testing SPDXRef-B
- Relationship
Note Type Test Tool Of - TEST_TOOL_OFIs to be used when SPDXRef-A is used as a test tool for SPDXRef-B
- Relationship
Note Type Documentation Of - DOCUMENTATION_OFIs to be used when SPDXRef-A provides documentation of SPDXRef-B
- Relationship
Note Type Optional Component Of - OPTIONAL_COMPONENT_OFIs to be used when SPDXRef-A is an optional component of SPDXRef-B
- Relationship
Note Type Metafile Of - METAFILE_OFIs to be used when SPDXRef-A is a metafile of SPDXRef-B
- Relationship
Note Type Package Of - PACKAGE_OFIs to be used when SPDXRef-A is used as a package as part of SPDXRef-B
- Relationship
Note Type Amends - AMENDSIs to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B
- Relationship
Note Type Prerequisite For - PREREQUISITE_FORIs to be used when SPDXRef-A is a prerequisite for SPDXRef-B
- Relationship
Note Type Has Prerequisite - HAS_PREREQUISITEIs to be used when SPDXRef-A has as a prerequisite SPDXRef-B
- Relationship
Note Type Other - OTHERIs to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field
- Relationship
Type Unspecified - RELATIONSHIP_TYPE_UNSPECIFIEDUnspecified
- Describes
- DESCRIBESIs to be used when SPDXRef-DOCUMENT describes SPDXRef-A
- Described
By - DESCRIBED_BYIs to be used when SPDXRef-A is described by SPDXREF-Document
- Contains
- CONTAINSIs to be used when SPDXRef-A contains SPDXRef-B
- Contained
By - CONTAINED_BYIs to be used when SPDXRef-A is contained by SPDXRef-B
- Depends
On - DEPENDS_ONIs to be used when SPDXRef-A depends on SPDXRef-B
- Dependency
Of - DEPENDENCY_OFIs to be used when SPDXRef-A is dependency of SPDXRef-B
- Dependency
Manifest Of - DEPENDENCY_MANIFEST_OFIs to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B
- Build
Dependency Of - BUILD_DEPENDENCY_OFIs to be used when SPDXRef-A is a build dependency of SPDXRef-B
- Dev
Dependency Of - DEV_DEPENDENCY_OFIs to be used when SPDXRef-A is a development dependency of SPDXRef-B
- Optional
Dependency Of - OPTIONAL_DEPENDENCY_OFIs to be used when SPDXRef-A is an optional dependency of SPDXRef-B
- Provided
Dependency Of - PROVIDED_DEPENDENCY_OFIs to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B
- Test
Dependency Of - TEST_DEPENDENCY_OFIs to be used when SPDXRef-A is a test dependency of SPDXRef-B
- Runtime
Dependency Of - RUNTIME_DEPENDENCY_OFIs to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B
- Example
Of - EXAMPLE_OFIs to be used when SPDXRef-A is an example of SPDXRef-B
- Generates
- GENERATESIs to be used when SPDXRef-A generates SPDXRef-B
- Generated
From - GENERATED_FROMIs to be used when SPDXRef-A was generated from SPDXRef-B
- Ancestor
Of - ANCESTOR_OFIs to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B
- Descendant
Of - DESCENDANT_OFIs to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B
- Variant
Of - VARIANT_OFIs to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B
- Distribution
Artifact - DISTRIBUTION_ARTIFACTIs to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed
- Patch
For - PATCH_FORIs to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B
- Patch
Applied - PATCH_APPLIEDIs to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B
- Copy
Of - COPY_OFIs to be used when SPDXRef-A is an exact copy of SPDXRef-B
- File
Added - FILE_ADDEDIs to be used when SPDXRef-A is a file that was added to SPDXRef-B
- File
Deleted - FILE_DELETEDIs to be used when SPDXRef-A is a file that was deleted from SPDXRef-B
- File
Modified - FILE_MODIFIEDIs to be used when SPDXRef-A is a file that was modified from SPDXRef-B
- Expanded
From Archive - EXPANDED_FROM_ARCHIVEIs to be used when SPDXRef-A is expanded from the archive SPDXRef-B
- Dynamic
Link - DYNAMIC_LINKIs to be used when SPDXRef-A dynamically links to SPDXRef-B
- Static
Link - STATIC_LINKIs to be used when SPDXRef-A statically links to SPDXRef-B
- Data
File Of - DATA_FILE_OFIs to be used when SPDXRef-A is a data file used in SPDXRef-B
- Test
Case Of - TEST_CASE_OFIs to be used when SPDXRef-A is a test case used in testing SPDXRef-B
- Build
Tool Of - BUILD_TOOL_OFIs to be used when SPDXRef-A is used to build SPDXRef-B
- Dev
Tool Of - DEV_TOOL_OFIs to be used when SPDXRef-A is used as a development tool for SPDXRef-B
- Test
Of - TEST_OFIs to be used when SPDXRef-A is used for testing SPDXRef-B
- Test
Tool Of - TEST_TOOL_OFIs to be used when SPDXRef-A is used as a test tool for SPDXRef-B
- Documentation
Of - DOCUMENTATION_OFIs to be used when SPDXRef-A provides documentation of SPDXRef-B
- Optional
Component Of - OPTIONAL_COMPONENT_OFIs to be used when SPDXRef-A is an optional component of SPDXRef-B
- Metafile
Of - METAFILE_OFIs to be used when SPDXRef-A is a metafile of SPDXRef-B
- Package
Of - PACKAGE_OFIs to be used when SPDXRef-A is used as a package as part of SPDXRef-B
- Amends
- AMENDSIs to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B
- Prerequisite
For - PREREQUISITE_FORIs to be used when SPDXRef-A is a prerequisite for SPDXRef-B
- Has
Prerequisite - HAS_PREREQUISITEIs to be used when SPDXRef-A has as a prerequisite SPDXRef-B
- Other
- OTHERIs to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field
- Relationship
Type Unspecified - RELATIONSHIP_TYPE_UNSPECIFIEDUnspecified
- Describes
- DESCRIBESIs to be used when SPDXRef-DOCUMENT describes SPDXRef-A
- Described
By - DESCRIBED_BYIs to be used when SPDXRef-A is described by SPDXREF-Document
- Contains
- CONTAINSIs to be used when SPDXRef-A contains SPDXRef-B
- Contained
By - CONTAINED_BYIs to be used when SPDXRef-A is contained by SPDXRef-B
- Depends
On - DEPENDS_ONIs to be used when SPDXRef-A depends on SPDXRef-B
- Dependency
Of - DEPENDENCY_OFIs to be used when SPDXRef-A is dependency of SPDXRef-B
- Dependency
Manifest Of - DEPENDENCY_MANIFEST_OFIs to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B
- Build
Dependency Of - BUILD_DEPENDENCY_OFIs to be used when SPDXRef-A is a build dependency of SPDXRef-B
- Dev
Dependency Of - DEV_DEPENDENCY_OFIs to be used when SPDXRef-A is a development dependency of SPDXRef-B
- Optional
Dependency Of - OPTIONAL_DEPENDENCY_OFIs to be used when SPDXRef-A is an optional dependency of SPDXRef-B
- Provided
Dependency Of - PROVIDED_DEPENDENCY_OFIs to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B
- Test
Dependency Of - TEST_DEPENDENCY_OFIs to be used when SPDXRef-A is a test dependency of SPDXRef-B
- Runtime
Dependency Of - RUNTIME_DEPENDENCY_OFIs to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B
- Example
Of - EXAMPLE_OFIs to be used when SPDXRef-A is an example of SPDXRef-B
- Generates
- GENERATESIs to be used when SPDXRef-A generates SPDXRef-B
- Generated
From - GENERATED_FROMIs to be used when SPDXRef-A was generated from SPDXRef-B
- Ancestor
Of - ANCESTOR_OFIs to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B
- Descendant
Of - DESCENDANT_OFIs to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B
- Variant
Of - VARIANT_OFIs to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B
- Distribution
Artifact - DISTRIBUTION_ARTIFACTIs to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed
- Patch
For - PATCH_FORIs to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B
- Patch
Applied - PATCH_APPLIEDIs to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B
- Copy
Of - COPY_OFIs to be used when SPDXRef-A is an exact copy of SPDXRef-B
- File
Added - FILE_ADDEDIs to be used when SPDXRef-A is a file that was added to SPDXRef-B
- File
Deleted - FILE_DELETEDIs to be used when SPDXRef-A is a file that was deleted from SPDXRef-B
- File
Modified - FILE_MODIFIEDIs to be used when SPDXRef-A is a file that was modified from SPDXRef-B
- Expanded
From Archive - EXPANDED_FROM_ARCHIVEIs to be used when SPDXRef-A is expanded from the archive SPDXRef-B
- Dynamic
Link - DYNAMIC_LINKIs to be used when SPDXRef-A dynamically links to SPDXRef-B
- Static
Link - STATIC_LINKIs to be used when SPDXRef-A statically links to SPDXRef-B
- Data
File Of - DATA_FILE_OFIs to be used when SPDXRef-A is a data file used in SPDXRef-B
- Test
Case Of - TEST_CASE_OFIs to be used when SPDXRef-A is a test case used in testing SPDXRef-B
- Build
Tool Of - BUILD_TOOL_OFIs to be used when SPDXRef-A is used to build SPDXRef-B
- Dev
Tool Of - DEV_TOOL_OFIs to be used when SPDXRef-A is used as a development tool for SPDXRef-B
- Test
Of - TEST_OFIs to be used when SPDXRef-A is used for testing SPDXRef-B
- Test
Tool Of - TEST_TOOL_OFIs to be used when SPDXRef-A is used as a test tool for SPDXRef-B
- Documentation
Of - DOCUMENTATION_OFIs to be used when SPDXRef-A provides documentation of SPDXRef-B
- Optional
Component Of - OPTIONAL_COMPONENT_OFIs to be used when SPDXRef-A is an optional component of SPDXRef-B
- Metafile
Of - METAFILE_OFIs to be used when SPDXRef-A is a metafile of SPDXRef-B
- Package
Of - PACKAGE_OFIs to be used when SPDXRef-A is used as a package as part of SPDXRef-B
- Amends
- AMENDSIs to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B
- Prerequisite
For - PREREQUISITE_FORIs to be used when SPDXRef-A is a prerequisite for SPDXRef-B
- Has
Prerequisite - HAS_PREREQUISITEIs to be used when SPDXRef-A has as a prerequisite SPDXRef-B
- Other
- OTHERIs to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field
- RELATIONSHIP_TYPE_UNSPECIFIED
- RELATIONSHIP_TYPE_UNSPECIFIEDUnspecified
- DESCRIBES
- DESCRIBESIs to be used when SPDXRef-DOCUMENT describes SPDXRef-A
- DESCRIBED_BY
- DESCRIBED_BYIs to be used when SPDXRef-A is described by SPDXREF-Document
- CONTAINS
- CONTAINSIs to be used when SPDXRef-A contains SPDXRef-B
- CONTAINED_BY
- CONTAINED_BYIs to be used when SPDXRef-A is contained by SPDXRef-B
- DEPENDS_ON
- DEPENDS_ONIs to be used when SPDXRef-A depends on SPDXRef-B
- DEPENDENCY_OF
- DEPENDENCY_OFIs to be used when SPDXRef-A is dependency of SPDXRef-B
- DEPENDENCY_MANIFEST_OF
- DEPENDENCY_MANIFEST_OFIs to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B
- BUILD_DEPENDENCY_OF
- BUILD_DEPENDENCY_OFIs to be used when SPDXRef-A is a build dependency of SPDXRef-B
- DEV_DEPENDENCY_OF
- DEV_DEPENDENCY_OFIs to be used when SPDXRef-A is a development dependency of SPDXRef-B
- OPTIONAL_DEPENDENCY_OF
- OPTIONAL_DEPENDENCY_OFIs to be used when SPDXRef-A is an optional dependency of SPDXRef-B
- PROVIDED_DEPENDENCY_OF
- PROVIDED_DEPENDENCY_OFIs to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B
- TEST_DEPENDENCY_OF
- TEST_DEPENDENCY_OFIs to be used when SPDXRef-A is a test dependency of SPDXRef-B
- RUNTIME_DEPENDENCY_OF
- RUNTIME_DEPENDENCY_OFIs to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B
- EXAMPLE_OF
- EXAMPLE_OFIs to be used when SPDXRef-A is an example of SPDXRef-B
- GENERATES
- GENERATESIs to be used when SPDXRef-A generates SPDXRef-B
- GENERATED_FROM
- GENERATED_FROMIs to be used when SPDXRef-A was generated from SPDXRef-B
- ANCESTOR_OF
- ANCESTOR_OFIs to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B
- DESCENDANT_OF
- DESCENDANT_OFIs to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B
- VARIANT_OF
- VARIANT_OFIs to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B
- DISTRIBUTION_ARTIFACT
- DISTRIBUTION_ARTIFACTIs to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed
- PATCH_FOR
- PATCH_FORIs to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B
- PATCH_APPLIED
- PATCH_APPLIEDIs to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B
- COPY_OF
- COPY_OFIs to be used when SPDXRef-A is an exact copy of SPDXRef-B
- FILE_ADDED
- FILE_ADDEDIs to be used when SPDXRef-A is a file that was added to SPDXRef-B
- FILE_DELETED
- FILE_DELETEDIs to be used when SPDXRef-A is a file that was deleted from SPDXRef-B
- FILE_MODIFIED
- FILE_MODIFIEDIs to be used when SPDXRef-A is a file that was modified from SPDXRef-B
- EXPANDED_FROM_ARCHIVE
- EXPANDED_FROM_ARCHIVEIs to be used when SPDXRef-A is expanded from the archive SPDXRef-B
- DYNAMIC_LINK
- DYNAMIC_LINKIs to be used when SPDXRef-A dynamically links to SPDXRef-B
- STATIC_LINK
- STATIC_LINKIs to be used when SPDXRef-A statically links to SPDXRef-B
- DATA_FILE_OF
- DATA_FILE_OFIs to be used when SPDXRef-A is a data file used in SPDXRef-B
- TEST_CASE_OF
- TEST_CASE_OFIs to be used when SPDXRef-A is a test case used in testing SPDXRef-B
- BUILD_TOOL_OF
- BUILD_TOOL_OFIs to be used when SPDXRef-A is used to build SPDXRef-B
- DEV_TOOL_OF
- DEV_TOOL_OFIs to be used when SPDXRef-A is used as a development tool for SPDXRef-B
- TEST_OF
- TEST_OFIs to be used when SPDXRef-A is used for testing SPDXRef-B
- TEST_TOOL_OF
- TEST_TOOL_OFIs to be used when SPDXRef-A is used as a test tool for SPDXRef-B
- DOCUMENTATION_OF
- DOCUMENTATION_OFIs to be used when SPDXRef-A provides documentation of SPDXRef-B
- OPTIONAL_COMPONENT_OF
- OPTIONAL_COMPONENT_OFIs to be used when SPDXRef-A is an optional component of SPDXRef-B
- METAFILE_OF
- METAFILE_OFIs to be used when SPDXRef-A is a metafile of SPDXRef-B
- PACKAGE_OF
- PACKAGE_OFIs to be used when SPDXRef-A is used as a package as part of SPDXRef-B
- AMENDS
- AMENDSIs to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B
- PREREQUISITE_FOR
- PREREQUISITE_FORIs to be used when SPDXRef-A is a prerequisite for SPDXRef-B
- HAS_PREREQUISITE
- HAS_PREREQUISITEIs to be used when SPDXRef-A has as a prerequisite SPDXRef-B
- OTHER
- OTHERIs to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field
- "RELATIONSHIP_TYPE_UNSPECIFIED"
- RELATIONSHIP_TYPE_UNSPECIFIEDUnspecified
- "DESCRIBES"
- DESCRIBESIs to be used when SPDXRef-DOCUMENT describes SPDXRef-A
- "DESCRIBED_BY"
- DESCRIBED_BYIs to be used when SPDXRef-A is described by SPDXREF-Document
- "CONTAINS"
- CONTAINSIs to be used when SPDXRef-A contains SPDXRef-B
- "CONTAINED_BY"
- CONTAINED_BYIs to be used when SPDXRef-A is contained by SPDXRef-B
- "DEPENDS_ON"
- DEPENDS_ONIs to be used when SPDXRef-A depends on SPDXRef-B
- "DEPENDENCY_OF"
- DEPENDENCY_OFIs to be used when SPDXRef-A is dependency of SPDXRef-B
- "DEPENDENCY_MANIFEST_OF"
- DEPENDENCY_MANIFEST_OFIs to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B
- "BUILD_DEPENDENCY_OF"
- BUILD_DEPENDENCY_OFIs to be used when SPDXRef-A is a build dependency of SPDXRef-B
- "DEV_DEPENDENCY_OF"
- DEV_DEPENDENCY_OFIs to be used when SPDXRef-A is a development dependency of SPDXRef-B
- "OPTIONAL_DEPENDENCY_OF"
- OPTIONAL_DEPENDENCY_OFIs to be used when SPDXRef-A is an optional dependency of SPDXRef-B
- "PROVIDED_DEPENDENCY_OF"
- PROVIDED_DEPENDENCY_OFIs to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B
- "TEST_DEPENDENCY_OF"
- TEST_DEPENDENCY_OFIs to be used when SPDXRef-A is a test dependency of SPDXRef-B
- "RUNTIME_DEPENDENCY_OF"
- RUNTIME_DEPENDENCY_OFIs to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B
- "EXAMPLE_OF"
- EXAMPLE_OFIs to be used when SPDXRef-A is an example of SPDXRef-B
- "GENERATES"
- GENERATESIs to be used when SPDXRef-A generates SPDXRef-B
- "GENERATED_FROM"
- GENERATED_FROMIs to be used when SPDXRef-A was generated from SPDXRef-B
- "ANCESTOR_OF"
- ANCESTOR_OFIs to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B
- "DESCENDANT_OF"
- DESCENDANT_OFIs to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B
- "VARIANT_OF"
- VARIANT_OFIs to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B
- "DISTRIBUTION_ARTIFACT"
- DISTRIBUTION_ARTIFACTIs to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed
- "PATCH_FOR"
- PATCH_FORIs to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B
- "PATCH_APPLIED"
- PATCH_APPLIEDIs to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B
- "COPY_OF"
- COPY_OFIs to be used when SPDXRef-A is an exact copy of SPDXRef-B
- "FILE_ADDED"
- FILE_ADDEDIs to be used when SPDXRef-A is a file that was added to SPDXRef-B
- "FILE_DELETED"
- FILE_DELETEDIs to be used when SPDXRef-A is a file that was deleted from SPDXRef-B
- "FILE_MODIFIED"
- FILE_MODIFIEDIs to be used when SPDXRef-A is a file that was modified from SPDXRef-B
- "EXPANDED_FROM_ARCHIVE"
- EXPANDED_FROM_ARCHIVEIs to be used when SPDXRef-A is expanded from the archive SPDXRef-B
- "DYNAMIC_LINK"
- DYNAMIC_LINKIs to be used when SPDXRef-A dynamically links to SPDXRef-B
- "STATIC_LINK"
- STATIC_LINKIs to be used when SPDXRef-A statically links to SPDXRef-B
- "DATA_FILE_OF"
- DATA_FILE_OFIs to be used when SPDXRef-A is a data file used in SPDXRef-B
- "TEST_CASE_OF"
- TEST_CASE_OFIs to be used when SPDXRef-A is a test case used in testing SPDXRef-B
- "BUILD_TOOL_OF"
- BUILD_TOOL_OFIs to be used when SPDXRef-A is used to build SPDXRef-B
- "DEV_TOOL_OF"
- DEV_TOOL_OFIs to be used when SPDXRef-A is used as a development tool for SPDXRef-B
- "TEST_OF"
- TEST_OFIs to be used when SPDXRef-A is used for testing SPDXRef-B
- "TEST_TOOL_OF"
- TEST_TOOL_OFIs to be used when SPDXRef-A is used as a test tool for SPDXRef-B
- "DOCUMENTATION_OF"
- DOCUMENTATION_OFIs to be used when SPDXRef-A provides documentation of SPDXRef-B
- "OPTIONAL_COMPONENT_OF"
- OPTIONAL_COMPONENT_OFIs to be used when SPDXRef-A is an optional component of SPDXRef-B
- "METAFILE_OF"
- METAFILE_OFIs to be used when SPDXRef-A is a metafile of SPDXRef-B
- "PACKAGE_OF"
- PACKAGE_OFIs to be used when SPDXRef-A is used as a package as part of SPDXRef-B
- "AMENDS"
- AMENDSIs to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B
- "PREREQUISITE_FOR"
- PREREQUISITE_FORIs to be used when SPDXRef-A is a prerequisite for SPDXRef-B
- "HAS_PREREQUISITE"
- HAS_PREREQUISITEIs to be used when SPDXRef-A has as a prerequisite SPDXRef-B
- "OTHER"
- OTHERIs to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field
Remediation, RemediationArgs
- Details string
- Contains a comprehensive human-readable discussion of the remediation.
- Remediation
Type Pulumi.Google Native. Container Analysis. V1Alpha1. Remediation Remediation Type - The type of remediation that can be applied.
- Remediation
Uri Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. URI - Contains the URL where to obtain the remediation.
- Details string
- Contains a comprehensive human-readable discussion of the remediation.
- Remediation
Type RemediationRemediation Type - The type of remediation that can be applied.
- Remediation
Uri URI - Contains the URL where to obtain the remediation.
- details String
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type RemediationRemediation Type - The type of remediation that can be applied.
- remediation
Uri URI - Contains the URL where to obtain the remediation.
- details string
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type RemediationRemediation Type - The type of remediation that can be applied.
- remediation
Uri URI - Contains the URL where to obtain the remediation.
- details str
- Contains a comprehensive human-readable discussion of the remediation.
- remediation_
type RemediationRemediation Type - The type of remediation that can be applied.
- remediation_
uri URI - Contains the URL where to obtain the remediation.
- details String
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type "REMEDIATION_TYPE_UNSPECIFIED" | "MITIGATION" | "NO_FIX_PLANNED" | "NONE_AVAILABLE" | "VENDOR_FIX" | "WORKAROUND" - The type of remediation that can be applied.
- remediation
Uri Property Map - Contains the URL where to obtain the remediation.
RemediationRemediationType, RemediationRemediationTypeArgs
- Remediation
Type Unspecified - REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- Mitigation
- MITIGATIONA MITIGATION is available.
- No
Fix Planned - NO_FIX_PLANNEDNo fix is planned.
- None
Available - NONE_AVAILABLENot available.
- Vendor
Fix - VENDOR_FIXA vendor fix is available.
- Workaround
- WORKAROUNDA workaround is available.
- Remediation
Remediation Type Remediation Type Unspecified - REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- Remediation
Remediation Type Mitigation - MITIGATIONA MITIGATION is available.
- Remediation
Remediation Type No Fix Planned - NO_FIX_PLANNEDNo fix is planned.
- Remediation
Remediation Type None Available - NONE_AVAILABLENot available.
- Remediation
Remediation Type Vendor Fix - VENDOR_FIXA vendor fix is available.
- Remediation
Remediation Type Workaround - WORKAROUNDA workaround is available.
- Remediation
Type Unspecified - REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- Mitigation
- MITIGATIONA MITIGATION is available.
- No
Fix Planned - NO_FIX_PLANNEDNo fix is planned.
- None
Available - NONE_AVAILABLENot available.
- Vendor
Fix - VENDOR_FIXA vendor fix is available.
- Workaround
- WORKAROUNDA workaround is available.
- Remediation
Type Unspecified - REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- Mitigation
- MITIGATIONA MITIGATION is available.
- No
Fix Planned - NO_FIX_PLANNEDNo fix is planned.
- None
Available - NONE_AVAILABLENot available.
- Vendor
Fix - VENDOR_FIXA vendor fix is available.
- Workaround
- WORKAROUNDA workaround is available.
- REMEDIATION_TYPE_UNSPECIFIED
- REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- MITIGATION
- MITIGATIONA MITIGATION is available.
- NO_FIX_PLANNED
- NO_FIX_PLANNEDNo fix is planned.
- NONE_AVAILABLE
- NONE_AVAILABLENot available.
- VENDOR_FIX
- VENDOR_FIXA vendor fix is available.
- WORKAROUND
- WORKAROUNDA workaround is available.
- "REMEDIATION_TYPE_UNSPECIFIED"
- REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- "MITIGATION"
- MITIGATIONA MITIGATION is available.
- "NO_FIX_PLANNED"
- NO_FIX_PLANNEDNo fix is planned.
- "NONE_AVAILABLE"
- NONE_AVAILABLENot available.
- "VENDOR_FIX"
- VENDOR_FIXA vendor fix is available.
- "WORKAROUND"
- WORKAROUNDA workaround is available.
RemediationResponse, RemediationResponseArgs
- Details string
- Contains a comprehensive human-readable discussion of the remediation.
- Remediation
Type string - The type of remediation that can be applied.
- Remediation
Uri Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. URIResponse - Contains the URL where to obtain the remediation.
- Details string
- Contains a comprehensive human-readable discussion of the remediation.
- Remediation
Type string - The type of remediation that can be applied.
- Remediation
Uri URIResponse - Contains the URL where to obtain the remediation.
- details String
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type String - The type of remediation that can be applied.
- remediation
Uri URIResponse - Contains the URL where to obtain the remediation.
- details string
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type string - The type of remediation that can be applied.
- remediation
Uri URIResponse - Contains the URL where to obtain the remediation.
- details str
- Contains a comprehensive human-readable discussion of the remediation.
- remediation_
type str - The type of remediation that can be applied.
- remediation_
uri URIResponse - Contains the URL where to obtain the remediation.
- details String
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type String - The type of remediation that can be applied.
- remediation
Uri Property Map - Contains the URL where to obtain the remediation.
SBOMReferenceNote, SBOMReferenceNoteArgs
SBOMReferenceNoteResponse, SBOMReferenceNoteResponseArgs
URI, URIArgs
URIResponse, URIResponseArgs
UpgradeDistribution, UpgradeDistributionArgs
- Classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- Cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- Cve List<string>
- The cve that would be resolved by this upgrade.
- Severity string
- The severity as specified by the upstream operating system.
- Classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- Cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- Cve []string
- The cve that would be resolved by this upgrade.
- Severity string
- The severity as specified by the upstream operating system.
- classification String
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- cpe
Uri String - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve List<String>
- The cve that would be resolved by this upgrade.
- severity String
- The severity as specified by the upstream operating system.
- classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve string[]
- The cve that would be resolved by this upgrade.
- severity string
- The severity as specified by the upstream operating system.
- classification str
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- cpe_
uri str - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve Sequence[str]
- The cve that would be resolved by this upgrade.
- severity str
- The severity as specified by the upstream operating system.
- classification String
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- cpe
Uri String - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve List<String>
- The cve that would be resolved by this upgrade.
- severity String
- The severity as specified by the upstream operating system.
UpgradeDistributionResponse, UpgradeDistributionResponseArgs
- Classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- Cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- Cve List<string>
- The cve that would be resolved by this upgrade.
- Severity string
- The severity as specified by the upstream operating system.
- Classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- Cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- Cve []string
- The cve that would be resolved by this upgrade.
- Severity string
- The severity as specified by the upstream operating system.
- classification String
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- cpe
Uri String - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve List<String>
- The cve that would be resolved by this upgrade.
- severity String
- The severity as specified by the upstream operating system.
- classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve string[]
- The cve that would be resolved by this upgrade.
- severity string
- The severity as specified by the upstream operating system.
- classification str
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- cpe_
uri str - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve Sequence[str]
- The cve that would be resolved by this upgrade.
- severity str
- The severity as specified by the upstream operating system.
- classification String
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.
- cpe
Uri String - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve List<String>
- The cve that would be resolved by this upgrade.
- severity String
- The severity as specified by the upstream operating system.
UpgradeNote, UpgradeNoteArgs
- Distributions
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Upgrade Distribution> - Metadata about the upgrade for each specific operating system.
- Package string
- Required - The package this Upgrade is for.
- Version
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Version - Required - The version of the package in machine + human readable form.
- Distributions
[]Upgrade
Distribution - Metadata about the upgrade for each specific operating system.
- Package string
- Required - The package this Upgrade is for.
- Version Version
- Required - The version of the package in machine + human readable form.
- distributions
List<Upgrade
Distribution> - Metadata about the upgrade for each specific operating system.
- package_ String
- Required - The package this Upgrade is for.
- version Version
- Required - The version of the package in machine + human readable form.
- distributions
Upgrade
Distribution[] - Metadata about the upgrade for each specific operating system.
- package string
- Required - The package this Upgrade is for.
- version Version
- Required - The version of the package in machine + human readable form.
- distributions
Sequence[Upgrade
Distribution] - Metadata about the upgrade for each specific operating system.
- package str
- Required - The package this Upgrade is for.
- version Version
- Required - The version of the package in machine + human readable form.
- distributions List<Property Map>
- Metadata about the upgrade for each specific operating system.
- package String
- Required - The package this Upgrade is for.
- version Property Map
- Required - The version of the package in machine + human readable form.
UpgradeNoteResponse, UpgradeNoteResponseArgs
- Distributions
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Upgrade Distribution Response> - Metadata about the upgrade for each specific operating system.
- Package string
- Required - The package this Upgrade is for.
- Version
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Version Response - Required - The version of the package in machine + human readable form.
- Distributions
[]Upgrade
Distribution Response - Metadata about the upgrade for each specific operating system.
- Package string
- Required - The package this Upgrade is for.
- Version
Version
Response - Required - The version of the package in machine + human readable form.
- distributions
List<Upgrade
Distribution Response> - Metadata about the upgrade for each specific operating system.
- package_ String
- Required - The package this Upgrade is for.
- version
Version
Response - Required - The version of the package in machine + human readable form.
- distributions
Upgrade
Distribution Response[] - Metadata about the upgrade for each specific operating system.
- package string
- Required - The package this Upgrade is for.
- version
Version
Response - Required - The version of the package in machine + human readable form.
- distributions
Sequence[Upgrade
Distribution Response] - Metadata about the upgrade for each specific operating system.
- package str
- Required - The package this Upgrade is for.
- version
Version
Response - Required - The version of the package in machine + human readable form.
- distributions List<Property Map>
- Metadata about the upgrade for each specific operating system.
- package String
- Required - The package this Upgrade is for.
- version Property Map
- Required - The version of the package in machine + human readable form.
Version, VersionArgs
- Epoch int
- Used to correct mistakes in the version numbering scheme.
- Inclusive bool
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- Kind
Pulumi.
Google Native. Container Analysis. V1Alpha1. Version Kind - Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- Name string
- The main part of the version name.
- Revision string
- The iteration of the package build from the above version.
- Epoch int
- Used to correct mistakes in the version numbering scheme.
- Inclusive bool
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- Kind
Version
Kind - Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- Name string
- The main part of the version name.
- Revision string
- The iteration of the package build from the above version.
- epoch Integer
- Used to correct mistakes in the version numbering scheme.
- inclusive Boolean
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- kind
Version
Kind - Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- name String
- The main part of the version name.
- revision String
- The iteration of the package build from the above version.
- epoch number
- Used to correct mistakes in the version numbering scheme.
- inclusive boolean
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- kind
Version
Kind - Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- name string
- The main part of the version name.
- revision string
- The iteration of the package build from the above version.
- epoch int
- Used to correct mistakes in the version numbering scheme.
- inclusive bool
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- kind
Version
Kind - Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- name str
- The main part of the version name.
- revision str
- The iteration of the package build from the above version.
- epoch Number
- Used to correct mistakes in the version numbering scheme.
- inclusive Boolean
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- kind "NORMAL" | "MINIMUM" | "MAXIMUM"
- Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- name String
- The main part of the version name.
- revision String
- The iteration of the package build from the above version.
VersionKind, VersionKindArgs
- Normal
- NORMALA standard package version, defined by the other fields.
- Minimum
- MINIMUMA special version representing negative infinity, other fields are ignored.
- Maximum
- MAXIMUMA special version representing positive infinity, other fields are ignored.
- Version
Kind Normal - NORMALA standard package version, defined by the other fields.
- Version
Kind Minimum - MINIMUMA special version representing negative infinity, other fields are ignored.
- Version
Kind Maximum - MAXIMUMA special version representing positive infinity, other fields are ignored.
- Normal
- NORMALA standard package version, defined by the other fields.
- Minimum
- MINIMUMA special version representing negative infinity, other fields are ignored.
- Maximum
- MAXIMUMA special version representing positive infinity, other fields are ignored.
- Normal
- NORMALA standard package version, defined by the other fields.
- Minimum
- MINIMUMA special version representing negative infinity, other fields are ignored.
- Maximum
- MAXIMUMA special version representing positive infinity, other fields are ignored.
- NORMAL
- NORMALA standard package version, defined by the other fields.
- MINIMUM
- MINIMUMA special version representing negative infinity, other fields are ignored.
- MAXIMUM
- MAXIMUMA special version representing positive infinity, other fields are ignored.
- "NORMAL"
- NORMALA standard package version, defined by the other fields.
- "MINIMUM"
- MINIMUMA special version representing negative infinity, other fields are ignored.
- "MAXIMUM"
- MAXIMUMA special version representing positive infinity, other fields are ignored.
VersionResponse, VersionResponseArgs
- Epoch int
- Used to correct mistakes in the version numbering scheme.
- Inclusive bool
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- Kind string
- Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- Name string
- The main part of the version name.
- Revision string
- The iteration of the package build from the above version.
- Epoch int
- Used to correct mistakes in the version numbering scheme.
- Inclusive bool
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- Kind string
- Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- Name string
- The main part of the version name.
- Revision string
- The iteration of the package build from the above version.
- epoch Integer
- Used to correct mistakes in the version numbering scheme.
- inclusive Boolean
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- kind String
- Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- name String
- The main part of the version name.
- revision String
- The iteration of the package build from the above version.
- epoch number
- Used to correct mistakes in the version numbering scheme.
- inclusive boolean
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- kind string
- Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- name string
- The main part of the version name.
- revision string
- The iteration of the package build from the above version.
- epoch int
- Used to correct mistakes in the version numbering scheme.
- inclusive bool
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- kind str
- Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- name str
- The main part of the version name.
- revision str
- The iteration of the package build from the above version.
- epoch Number
- Used to correct mistakes in the version numbering scheme.
- inclusive Boolean
- Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not
- kind String
- Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.
- name String
- The main part of the version name.
- revision String
- The iteration of the package build from the above version.
VulnerabilityAssessmentNote, VulnerabilityAssessmentNoteArgs
- Assessment
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Assessment - Represents a vulnerability assessment for the product.
- Language
Code string - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- Long
Description string - A detailed description of this Vex.
- Product
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Product - The product affected by this vex.
- Publisher
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Publisher - Publisher details of this Note.
- Short
Description string - A one sentence description of this Vex.
- Title string
- The title of the note. E.g.
Vex-Debian-11.4
- Assessment Assessment
- Represents a vulnerability assessment for the product.
- Language
Code string - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- Long
Description string - A detailed description of this Vex.
- Product Product
- The product affected by this vex.
- Publisher Publisher
- Publisher details of this Note.
- Short
Description string - A one sentence description of this Vex.
- Title string
- The title of the note. E.g.
Vex-Debian-11.4
- assessment Assessment
- Represents a vulnerability assessment for the product.
- language
Code String - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- long
Description String - A detailed description of this Vex.
- product Product
- The product affected by this vex.
- publisher Publisher
- Publisher details of this Note.
- short
Description String - A one sentence description of this Vex.
- title String
- The title of the note. E.g.
Vex-Debian-11.4
- assessment Assessment
- Represents a vulnerability assessment for the product.
- language
Code string - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- long
Description string - A detailed description of this Vex.
- product Product
- The product affected by this vex.
- publisher Publisher
- Publisher details of this Note.
- short
Description string - A one sentence description of this Vex.
- title string
- The title of the note. E.g.
Vex-Debian-11.4
- assessment Assessment
- Represents a vulnerability assessment for the product.
- language_
code str - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- long_
description str - A detailed description of this Vex.
- product Product
- The product affected by this vex.
- publisher Publisher
- Publisher details of this Note.
- short_
description str - A one sentence description of this Vex.
- title str
- The title of the note. E.g.
Vex-Debian-11.4
- assessment Property Map
- Represents a vulnerability assessment for the product.
- language
Code String - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- long
Description String - A detailed description of this Vex.
- product Property Map
- The product affected by this vex.
- publisher Property Map
- Publisher details of this Note.
- short
Description String - A one sentence description of this Vex.
- title String
- The title of the note. E.g.
Vex-Debian-11.4
VulnerabilityAssessmentNoteResponse, VulnerabilityAssessmentNoteResponseArgs
- Assessment
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Assessment Response - Represents a vulnerability assessment for the product.
- Language
Code string - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- Long
Description string - A detailed description of this Vex.
- Product
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Product Response - The product affected by this vex.
- Publisher
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Publisher Response - Publisher details of this Note.
- Short
Description string - A one sentence description of this Vex.
- Title string
- The title of the note. E.g.
Vex-Debian-11.4
- Assessment
Assessment
Response - Represents a vulnerability assessment for the product.
- Language
Code string - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- Long
Description string - A detailed description of this Vex.
- Product
Product
Response - The product affected by this vex.
- Publisher
Publisher
Response - Publisher details of this Note.
- Short
Description string - A one sentence description of this Vex.
- Title string
- The title of the note. E.g.
Vex-Debian-11.4
- assessment
Assessment
Response - Represents a vulnerability assessment for the product.
- language
Code String - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- long
Description String - A detailed description of this Vex.
- product
Product
Response - The product affected by this vex.
- publisher
Publisher
Response - Publisher details of this Note.
- short
Description String - A one sentence description of this Vex.
- title String
- The title of the note. E.g.
Vex-Debian-11.4
- assessment
Assessment
Response - Represents a vulnerability assessment for the product.
- language
Code string - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- long
Description string - A detailed description of this Vex.
- product
Product
Response - The product affected by this vex.
- publisher
Publisher
Response - Publisher details of this Note.
- short
Description string - A one sentence description of this Vex.
- title string
- The title of the note. E.g.
Vex-Debian-11.4
- assessment
Assessment
Response - Represents a vulnerability assessment for the product.
- language_
code str - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- long_
description str - A detailed description of this Vex.
- product
Product
Response - The product affected by this vex.
- publisher
Publisher
Response - Publisher details of this Note.
- short_
description str - A one sentence description of this Vex.
- title str
- The title of the note. E.g.
Vex-Debian-11.4
- assessment Property Map
- Represents a vulnerability assessment for the product.
- language
Code String - Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
- long
Description String - A detailed description of this Vex.
- product Property Map
- The product affected by this vex.
- publisher Property Map
- Publisher details of this Note.
- short
Description String - A one sentence description of this Vex.
- title String
- The title of the note. E.g.
Vex-Debian-11.4
VulnerabilityLocation, VulnerabilityLocationArgs
- Cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- File
Location List<Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. File Location> - The file location at which this package was found.
- Package string
- The package being described.
- Version
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Version - The version of the package being described. This field can be used as a filter in list requests.
- Cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- File
Location []FileLocation - The file location at which this package was found.
- Package string
- The package being described.
- Version Version
- The version of the package being described. This field can be used as a filter in list requests.
- cpe
Uri String - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- file
Location List<FileLocation> - The file location at which this package was found.
- package_ String
- The package being described.
- version Version
- The version of the package being described. This field can be used as a filter in list requests.
- cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- file
Location FileLocation[] - The file location at which this package was found.
- package string
- The package being described.
- version Version
- The version of the package being described. This field can be used as a filter in list requests.
- cpe_
uri str - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- file_
location Sequence[FileLocation] - The file location at which this package was found.
- package str
- The package being described.
- version Version
- The version of the package being described. This field can be used as a filter in list requests.
- cpe
Uri String - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- file
Location List<Property Map> - The file location at which this package was found.
- package String
- The package being described.
- version Property Map
- The version of the package being described. This field can be used as a filter in list requests.
VulnerabilityLocationResponse, VulnerabilityLocationResponseArgs
- Cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- File
Location List<Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. File Location Response> - The file location at which this package was found.
- Package string
- The package being described.
- Version
Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Version Response - The version of the package being described. This field can be used as a filter in list requests.
- Cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- File
Location []FileLocation Response - The file location at which this package was found.
- Package string
- The package being described.
- Version
Version
Response - The version of the package being described. This field can be used as a filter in list requests.
- cpe
Uri String - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- file
Location List<FileLocation Response> - The file location at which this package was found.
- package_ String
- The package being described.
- version
Version
Response - The version of the package being described. This field can be used as a filter in list requests.
- cpe
Uri string - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- file
Location FileLocation Response[] - The file location at which this package was found.
- package string
- The package being described.
- version
Version
Response - The version of the package being described. This field can be used as a filter in list requests.
- cpe_
uri str - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- file_
location Sequence[FileLocation Response] - The file location at which this package was found.
- package str
- The package being described.
- version
Version
Response - The version of the package being described. This field can be used as a filter in list requests.
- cpe
Uri String - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.
- file
Location List<Property Map> - The file location at which this package was found.
- package String
- The package being described.
- version Property Map
- The version of the package being described. This field can be used as a filter in list requests.
VulnerabilityType, VulnerabilityTypeArgs
- Cvss
Score double - The CVSS score for this Vulnerability.
- Cvss
V2 Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. CVSS - The full description of the CVSS for version 2.
- Cvss
Version Pulumi.Google Native. Container Analysis. V1Alpha1. Vulnerability Type Cvss Version - CVSS version used to populate cvss_score and severity.
- Cwe List<string>
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- Details
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Detail> - All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- Severity
Pulumi.
Google Native. Container Analysis. V1Alpha1. Vulnerability Type Severity - Note provider assigned impact of the vulnerability
- Cvss
Score float64 - The CVSS score for this Vulnerability.
- Cvss
V2 CVSS - The full description of the CVSS for version 2.
- Cvss
Version VulnerabilityType Cvss Version - CVSS version used to populate cvss_score and severity.
- Cwe []string
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- Details []Detail
- All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- Severity
Vulnerability
Type Severity - Note provider assigned impact of the vulnerability
- cvss
Score Double - The CVSS score for this Vulnerability.
- cvss
V2 CVSS - The full description of the CVSS for version 2.
- cvss
Version VulnerabilityType Cvss Version - CVSS version used to populate cvss_score and severity.
- cwe List<String>
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- details List<Detail>
- All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- severity
Vulnerability
Type Severity - Note provider assigned impact of the vulnerability
- cvss
Score number - The CVSS score for this Vulnerability.
- cvss
V2 CVSS - The full description of the CVSS for version 2.
- cvss
Version VulnerabilityType Cvss Version - CVSS version used to populate cvss_score and severity.
- cwe string[]
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- details Detail[]
- All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- severity
Vulnerability
Type Severity - Note provider assigned impact of the vulnerability
- cvss_
score float - The CVSS score for this Vulnerability.
- cvss_
v2 CVSS - The full description of the CVSS for version 2.
- cvss_
version VulnerabilityType Cvss Version - CVSS version used to populate cvss_score and severity.
- cwe Sequence[str]
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- details Sequence[Detail]
- All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- severity
Vulnerability
Type Severity - Note provider assigned impact of the vulnerability
- cvss
Score Number - The CVSS score for this Vulnerability.
- cvss
V2 Property Map - The full description of the CVSS for version 2.
- cvss
Version "CVSS_VERSION_UNSPECIFIED" | "CVSS_VERSION_2" | "CVSS_VERSION_3" - CVSS version used to populate cvss_score and severity.
- cwe List<String>
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- details List<Property Map>
- All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- severity "SEVERITY_UNSPECIFIED" | "MINIMAL" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL"
- Note provider assigned impact of the vulnerability
VulnerabilityTypeCvssVersion, VulnerabilityTypeCvssVersionArgs
- Cvss
Version Unspecified - CVSS_VERSION_UNSPECIFIEDCVSS Version unspecified.
- Cvss
Version2 - CVSS_VERSION_2CVSS v2.
- Cvss
Version3 - CVSS_VERSION_3CVSS v3.
- Vulnerability
Type Cvss Version Cvss Version Unspecified - CVSS_VERSION_UNSPECIFIEDCVSS Version unspecified.
- Vulnerability
Type Cvss Version Cvss Version2 - CVSS_VERSION_2CVSS v2.
- Vulnerability
Type Cvss Version Cvss Version3 - CVSS_VERSION_3CVSS v3.
- Cvss
Version Unspecified - CVSS_VERSION_UNSPECIFIEDCVSS Version unspecified.
- Cvss
Version2 - CVSS_VERSION_2CVSS v2.
- Cvss
Version3 - CVSS_VERSION_3CVSS v3.
- Cvss
Version Unspecified - CVSS_VERSION_UNSPECIFIEDCVSS Version unspecified.
- Cvss
Version2 - CVSS_VERSION_2CVSS v2.
- Cvss
Version3 - CVSS_VERSION_3CVSS v3.
- CVSS_VERSION_UNSPECIFIED
- CVSS_VERSION_UNSPECIFIEDCVSS Version unspecified.
- CVSS_VERSION2
- CVSS_VERSION_2CVSS v2.
- CVSS_VERSION3
- CVSS_VERSION_3CVSS v3.
- "CVSS_VERSION_UNSPECIFIED"
- CVSS_VERSION_UNSPECIFIEDCVSS Version unspecified.
- "CVSS_VERSION_2"
- CVSS_VERSION_2CVSS v2.
- "CVSS_VERSION_3"
- CVSS_VERSION_3CVSS v3.
VulnerabilityTypeResponse, VulnerabilityTypeResponseArgs
- Cvss
Score double - The CVSS score for this Vulnerability.
- Cvss
V2 Pulumi.Google Native. Container Analysis. V1Alpha1. Inputs. CVSSResponse - The full description of the CVSS for version 2.
- Cvss
Version string - CVSS version used to populate cvss_score and severity.
- Cwe List<string>
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- Details
List<Pulumi.
Google Native. Container Analysis. V1Alpha1. Inputs. Detail Response> - All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- Severity string
- Note provider assigned impact of the vulnerability
- Cvss
Score float64 - The CVSS score for this Vulnerability.
- Cvss
V2 CVSSResponse - The full description of the CVSS for version 2.
- Cvss
Version string - CVSS version used to populate cvss_score and severity.
- Cwe []string
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- Details
[]Detail
Response - All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- Severity string
- Note provider assigned impact of the vulnerability
- cvss
Score Double - The CVSS score for this Vulnerability.
- cvss
V2 CVSSResponse - The full description of the CVSS for version 2.
- cvss
Version String - CVSS version used to populate cvss_score and severity.
- cwe List<String>
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- details
List<Detail
Response> - All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- severity String
- Note provider assigned impact of the vulnerability
- cvss
Score number - The CVSS score for this Vulnerability.
- cvss
V2 CVSSResponse - The full description of the CVSS for version 2.
- cvss
Version string - CVSS version used to populate cvss_score and severity.
- cwe string[]
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- details
Detail
Response[] - All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- severity string
- Note provider assigned impact of the vulnerability
- cvss_
score float - The CVSS score for this Vulnerability.
- cvss_
v2 CVSSResponse - The full description of the CVSS for version 2.
- cvss_
version str - CVSS version used to populate cvss_score and severity.
- cwe Sequence[str]
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- details
Sequence[Detail
Response] - All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- severity str
- Note provider assigned impact of the vulnerability
- cvss
Score Number - The CVSS score for this Vulnerability.
- cvss
V2 Property Map - The full description of the CVSS for version 2.
- cvss
Version String - CVSS version used to populate cvss_score and severity.
- cwe List<String>
- A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
- details List<Property Map>
- All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
- severity String
- Note provider assigned impact of the vulnerability
VulnerabilityTypeSeverity, VulnerabilityTypeSeverityArgs
- Severity
Unspecified - SEVERITY_UNSPECIFIEDUnknown Impact
- Minimal
- MINIMALMinimal Impact
- Low
- LOWLow Impact
- Medium
- MEDIUMMedium Impact
- High
- HIGHHigh Impact
- Critical
- CRITICALCritical Impact
- Vulnerability
Type Severity Severity Unspecified - SEVERITY_UNSPECIFIEDUnknown Impact
- Vulnerability
Type Severity Minimal - MINIMALMinimal Impact
- Vulnerability
Type Severity Low - LOWLow Impact
- Vulnerability
Type Severity Medium - MEDIUMMedium Impact
- Vulnerability
Type Severity High - HIGHHigh Impact
- Vulnerability
Type Severity Critical - CRITICALCritical Impact
- Severity
Unspecified - SEVERITY_UNSPECIFIEDUnknown Impact
- Minimal
- MINIMALMinimal Impact
- Low
- LOWLow Impact
- Medium
- MEDIUMMedium Impact
- High
- HIGHHigh Impact
- Critical
- CRITICALCritical Impact
- Severity
Unspecified - SEVERITY_UNSPECIFIEDUnknown Impact
- Minimal
- MINIMALMinimal Impact
- Low
- LOWLow Impact
- Medium
- MEDIUMMedium Impact
- High
- HIGHHigh Impact
- Critical
- CRITICALCritical Impact
- SEVERITY_UNSPECIFIED
- SEVERITY_UNSPECIFIEDUnknown Impact
- MINIMAL
- MINIMALMinimal Impact
- LOW
- LOWLow Impact
- MEDIUM
- MEDIUMMedium Impact
- HIGH
- HIGHHigh Impact
- CRITICAL
- CRITICALCritical Impact
- "SEVERITY_UNSPECIFIED"
- SEVERITY_UNSPECIFIEDUnknown Impact
- "MINIMAL"
- MINIMALMinimal Impact
- "LOW"
- LOWLow Impact
- "MEDIUM"
- MEDIUMMedium Impact
- "HIGH"
- HIGHHigh Impact
- "CRITICAL"
- CRITICALCritical Impact
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi