Aquasec v0.8.22, Feb 26 23

aquasec.getFunctionAssurancePolicy

Using getFunctionAssurancePolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getFunctionAssurancePolicy(args: GetFunctionAssurancePolicyArgs, opts?: InvokeOptions): Promise<GetFunctionAssurancePolicyResult>
function getFunctionAssurancePolicyOutput(args: GetFunctionAssurancePolicyOutputArgs, opts?: InvokeOptions): Output<GetFunctionAssurancePolicyResult>

def get_function_assurance_policy(name: Optional[str] = None,
                                  opts: Optional[InvokeOptions] = None) -> GetFunctionAssurancePolicyResult
def get_function_assurance_policy_output(name: Optional[pulumi.Input[str]] = None,
                                  opts: Optional[InvokeOptions] = None) -> Output[GetFunctionAssurancePolicyResult]

func LookupFunctionAssurancePolicy(ctx *Context, args *LookupFunctionAssurancePolicyArgs, opts ...InvokeOption) (*LookupFunctionAssurancePolicyResult, error)
func LookupFunctionAssurancePolicyOutput(ctx *Context, args *LookupFunctionAssurancePolicyOutputArgs, opts ...InvokeOption) LookupFunctionAssurancePolicyResultOutput

> Note: This function is named LookupFunctionAssurancePolicy in the Go SDK.

public static class GetFunctionAssurancePolicy 
{
    public static Task<GetFunctionAssurancePolicyResult> InvokeAsync(GetFunctionAssurancePolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetFunctionAssurancePolicyResult> Invoke(GetFunctionAssurancePolicyInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetFunctionAssurancePolicyResult> getFunctionAssurancePolicy(GetFunctionAssurancePolicyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: aquasec:index/getFunctionAssurancePolicy:getFunctionAssurancePolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

Name string

Name string

name String

name string

name str

name String

getFunctionAssurancePolicy Result

The following output properties are available:

AllowedImages List<string>: List of explicitly allowed images.
ApplicationScopes List<string>
AuditOnFailure bool: Indicates if auditing for failures.
Author string: Name of user account that created the policy.
AutoScanConfigured bool
AutoScanEnabled bool
AutoScanTimes List<Pulumiverse.Aquasec.Outputs.GetFunctionAssurancePolicyAutoScanTime>
BlacklistPermissions List<string>: List of function's forbidden permissions.
BlacklistPermissionsEnabled bool: Indicates if blacklist permissions is relevant.
BlacklistedLicenses List<string>: List of blacklisted licenses.
BlacklistedLicensesEnabled bool: Lndicates if license blacklist is relevant.
BlockFailed bool: Indicates if failed images are blocked.
ControlExcludeNoFix bool
CustomChecks List<Pulumiverse.Aquasec.Outputs.GetFunctionAssurancePolicyCustomCheck>: List of Custom user scripts for checks.
CustomChecksEnabled bool: Indicates if scanning should include custom checks.
CustomSeverityEnabled bool
CvesBlackListEnabled bool: Indicates if cves blacklist is relevant.
CvesBlackLists List<string>: List of cves blacklisted items.
CvesWhiteListEnabled bool: Indicates if cves whitelist is relevant.
CvesWhiteLists List<string>: List of cves whitelisted licenses
CvssSeverity string: Identifier of the cvss severity.
CvssSeverityEnabled bool: Indicates if the cvss severity is scanned.
CvssSeverityExcludeNoFix bool: Indicates that policy should ignore cvss cases that do not have a known fix.
Description string
DisallowMalware bool: Indicates if malware should block the image.
DockerCisEnabled bool
Domain string: Name of the container image.
DomainName string
DtaEnabled bool
DtaSeverity string
Enabled bool
Enforce bool
EnforceAfterDays int
EnforceExcessivePermissions bool
ExceptionalMonitoredMalwarePaths List<string>
FailCicd bool: Indicates if cicd failures will fail the image.
ForbiddenLabels List<Pulumiverse.Aquasec.Outputs.GetFunctionAssurancePolicyForbiddenLabel>
ForbiddenLabelsEnabled bool
ForceMicroenforcer bool
FunctionIntegrityEnabled bool
Id string: The ID of this resource.
IgnoreRecentlyPublishedVln bool
IgnoreRecentlyPublishedVlnPeriod int
IgnoreRiskResourcesEnabled bool: Indicates if risk resources are ignored.
IgnoredRiskResources List<string>: List of ignored risk resources.
Images List<string>: List of images.
KubeCisEnabled bool
Labels List<string>: List of labels.
MalwareAction string
MaximumScore double: Value of allowed maximum score.
MaximumScoreEnabled bool: Indicates if exceeding the maximum score is scanned.
MaximumScoreExcludeNoFix bool: Indicates that policy should ignore cases that do not have a known fix.
MonitoredMalwarePaths List<string>
Name string
OnlyNoneRootUsers bool: Indicates if raise a warning for images that should only be run as root.
PackagesBlackListEnabled bool: Indicates if packages blacklist is relevant.
PackagesBlackLists List<Pulumiverse.Aquasec.Outputs.GetFunctionAssurancePolicyPackagesBlackList>: List of backlisted images.
PackagesWhiteListEnabled bool: Indicates if packages whitelist is relevant.
PackagesWhiteLists List<Pulumiverse.Aquasec.Outputs.GetFunctionAssurancePolicyPackagesWhiteList>: List of whitelisted images.
PartialResultsImageFail bool
ReadOnly bool
Registries List<string>: List of registries.
Registry string
RequiredLabels List<Pulumiverse.Aquasec.Outputs.GetFunctionAssurancePolicyRequiredLabel>
RequiredLabelsEnabled bool
ScanNfsMounts bool
ScanSensitiveData bool: Indicates if scan should include sensitive data in the image.
ScapEnabled bool: Indicates if scanning should include scap.
ScapFiles List<string>: List of SCAP user scripts for checks.
Scopes List<Pulumiverse.Aquasec.Outputs.GetFunctionAssurancePolicyScope>
TrustedBaseImages List<Pulumiverse.Aquasec.Outputs.GetFunctionAssurancePolicyTrustedBaseImage>: List of trusted images.
TrustedBaseImagesEnabled bool: Indicates if list of trusted base images is relevant.
WhitelistedLicenses List<string>: List of whitelisted licenses.
WhitelistedLicensesEnabled bool: Indicates if license blacklist is relevant.

AllowedImages []string: List of explicitly allowed images.
ApplicationScopes []string
AuditOnFailure bool: Indicates if auditing for failures.
Author string: Name of user account that created the policy.
AutoScanConfigured bool
AutoScanEnabled bool
AutoScanTimes []GetFunctionAssurancePolicyAutoScanTime
BlacklistPermissions []string: List of function's forbidden permissions.
BlacklistPermissionsEnabled bool: Indicates if blacklist permissions is relevant.
BlacklistedLicenses []string: List of blacklisted licenses.
BlacklistedLicensesEnabled bool: Lndicates if license blacklist is relevant.
BlockFailed bool: Indicates if failed images are blocked.
ControlExcludeNoFix bool
CustomChecks []GetFunctionAssurancePolicyCustomCheck: List of Custom user scripts for checks.
CustomChecksEnabled bool: Indicates if scanning should include custom checks.
CustomSeverityEnabled bool
CvesBlackListEnabled bool: Indicates if cves blacklist is relevant.
CvesBlackLists []string: List of cves blacklisted items.
CvesWhiteListEnabled bool: Indicates if cves whitelist is relevant.
CvesWhiteLists []string: List of cves whitelisted licenses
CvssSeverity string: Identifier of the cvss severity.
CvssSeverityEnabled bool: Indicates if the cvss severity is scanned.
CvssSeverityExcludeNoFix bool: Indicates that policy should ignore cvss cases that do not have a known fix.
Description string
DisallowMalware bool: Indicates if malware should block the image.
DockerCisEnabled bool
Domain string: Name of the container image.
DomainName string
DtaEnabled bool
DtaSeverity string
Enabled bool
Enforce bool
EnforceAfterDays int
EnforceExcessivePermissions bool
ExceptionalMonitoredMalwarePaths []string
FailCicd bool: Indicates if cicd failures will fail the image.
ForbiddenLabels []GetFunctionAssurancePolicyForbiddenLabel
ForbiddenLabelsEnabled bool
ForceMicroenforcer bool
FunctionIntegrityEnabled bool
Id string: The ID of this resource.
IgnoreRecentlyPublishedVln bool
IgnoreRecentlyPublishedVlnPeriod int
IgnoreRiskResourcesEnabled bool: Indicates if risk resources are ignored.
IgnoredRiskResources []string: List of ignored risk resources.
Images []string: List of images.
KubeCisEnabled bool
Labels []string: List of labels.
MalwareAction string
MaximumScore float64: Value of allowed maximum score.
MaximumScoreEnabled bool: Indicates if exceeding the maximum score is scanned.
MaximumScoreExcludeNoFix bool: Indicates that policy should ignore cases that do not have a known fix.
MonitoredMalwarePaths []string
Name string
OnlyNoneRootUsers bool: Indicates if raise a warning for images that should only be run as root.
PackagesBlackListEnabled bool: Indicates if packages blacklist is relevant.
PackagesBlackLists []GetFunctionAssurancePolicyPackagesBlackList: List of backlisted images.
PackagesWhiteListEnabled bool: Indicates if packages whitelist is relevant.
PackagesWhiteLists []GetFunctionAssurancePolicyPackagesWhiteList: List of whitelisted images.
PartialResultsImageFail bool
ReadOnly bool
Registries []string: List of registries.
Registry string
RequiredLabels []GetFunctionAssurancePolicyRequiredLabel
RequiredLabelsEnabled bool
ScanNfsMounts bool
ScanSensitiveData bool: Indicates if scan should include sensitive data in the image.
ScapEnabled bool: Indicates if scanning should include scap.
ScapFiles []string: List of SCAP user scripts for checks.
Scopes []GetFunctionAssurancePolicyScope
TrustedBaseImages []GetFunctionAssurancePolicyTrustedBaseImage: List of trusted images.
TrustedBaseImagesEnabled bool: Indicates if list of trusted base images is relevant.
WhitelistedLicenses []string: List of whitelisted licenses.
WhitelistedLicensesEnabled bool: Indicates if license blacklist is relevant.

allowedImages List<String>: List of explicitly allowed images.
applicationScopes List<String>
auditOnFailure Boolean: Indicates if auditing for failures.
author String: Name of user account that created the policy.
autoScanConfigured Boolean
autoScanEnabled Boolean
autoScanTimes List<GetFunctionAssurancePolicyAutoScanTime>
blacklistPermissions List<String>: List of function's forbidden permissions.
blacklistPermissionsEnabled Boolean: Indicates if blacklist permissions is relevant.
blacklistedLicenses List<String>: List of blacklisted licenses.
blacklistedLicensesEnabled Boolean: Lndicates if license blacklist is relevant.
blockFailed Boolean: Indicates if failed images are blocked.
controlExcludeNoFix Boolean
customChecks List<GetFunctionAssurancePolicyCustomCheck>: List of Custom user scripts for checks.
customChecksEnabled Boolean: Indicates if scanning should include custom checks.
customSeverityEnabled Boolean
cvesBlackListEnabled Boolean: Indicates if cves blacklist is relevant.
cvesBlackLists List<String>: List of cves blacklisted items.
cvesWhiteListEnabled Boolean: Indicates if cves whitelist is relevant.
cvesWhiteLists List<String>: List of cves whitelisted licenses
cvssSeverity String: Identifier of the cvss severity.
cvssSeverityEnabled Boolean: Indicates if the cvss severity is scanned.
cvssSeverityExcludeNoFix Boolean: Indicates that policy should ignore cvss cases that do not have a known fix.
description String
disallowMalware Boolean: Indicates if malware should block the image.
dockerCisEnabled Boolean
domain String: Name of the container image.
domainName String
dtaEnabled Boolean
dtaSeverity String
enabled Boolean
enforce Boolean
enforceAfterDays Integer
enforceExcessivePermissions Boolean
exceptionalMonitoredMalwarePaths List<String>
failCicd Boolean: Indicates if cicd failures will fail the image.
forbiddenLabels List<GetFunctionAssurancePolicyForbiddenLabel>
forbiddenLabelsEnabled Boolean
forceMicroenforcer Boolean
functionIntegrityEnabled Boolean
id String: The ID of this resource.
ignoreRecentlyPublishedVln Boolean
ignoreRecentlyPublishedVlnPeriod Integer
ignoreRiskResourcesEnabled Boolean: Indicates if risk resources are ignored.
ignoredRiskResources List<String>: List of ignored risk resources.
images List<String>: List of images.
kubeCisEnabled Boolean
labels List<String>: List of labels.
malwareAction String
maximumScore Double: Value of allowed maximum score.
maximumScoreEnabled Boolean: Indicates if exceeding the maximum score is scanned.
maximumScoreExcludeNoFix Boolean: Indicates that policy should ignore cases that do not have a known fix.
monitoredMalwarePaths List<String>
name String
onlyNoneRootUsers Boolean: Indicates if raise a warning for images that should only be run as root.
packagesBlackListEnabled Boolean: Indicates if packages blacklist is relevant.
packagesBlackLists List<GetFunctionAssurancePolicyPackagesBlackList>: List of backlisted images.
packagesWhiteListEnabled Boolean: Indicates if packages whitelist is relevant.
packagesWhiteLists List<GetFunctionAssurancePolicyPackagesWhiteList>: List of whitelisted images.
partialResultsImageFail Boolean
readOnly Boolean
registries List<String>: List of registries.
registry String
requiredLabels List<GetFunctionAssurancePolicyRequiredLabel>
requiredLabelsEnabled Boolean
scanNfsMounts Boolean
scanSensitiveData Boolean: Indicates if scan should include sensitive data in the image.
scapEnabled Boolean: Indicates if scanning should include scap.
scapFiles List<String>: List of SCAP user scripts for checks.
scopes List<GetFunctionAssurancePolicyScope>
trustedBaseImages List<GetFunctionAssurancePolicyTrustedBaseImage>: List of trusted images.
trustedBaseImagesEnabled Boolean: Indicates if list of trusted base images is relevant.
whitelistedLicenses List<String>: List of whitelisted licenses.
whitelistedLicensesEnabled Boolean: Indicates if license blacklist is relevant.

allowedImages string[]: List of explicitly allowed images.
applicationScopes string[]
auditOnFailure boolean: Indicates if auditing for failures.
author string: Name of user account that created the policy.
autoScanConfigured boolean
autoScanEnabled boolean
autoScanTimes GetFunctionAssurancePolicyAutoScanTime[]
blacklistPermissions string[]: List of function's forbidden permissions.
blacklistPermissionsEnabled boolean: Indicates if blacklist permissions is relevant.
blacklistedLicenses string[]: List of blacklisted licenses.
blacklistedLicensesEnabled boolean: Lndicates if license blacklist is relevant.
blockFailed boolean: Indicates if failed images are blocked.
controlExcludeNoFix boolean
customChecks GetFunctionAssurancePolicyCustomCheck[]: List of Custom user scripts for checks.
customChecksEnabled boolean: Indicates if scanning should include custom checks.
customSeverityEnabled boolean
cvesBlackListEnabled boolean: Indicates if cves blacklist is relevant.
cvesBlackLists string[]: List of cves blacklisted items.
cvesWhiteListEnabled boolean: Indicates if cves whitelist is relevant.
cvesWhiteLists string[]: List of cves whitelisted licenses
cvssSeverity string: Identifier of the cvss severity.
cvssSeverityEnabled boolean: Indicates if the cvss severity is scanned.
cvssSeverityExcludeNoFix boolean: Indicates that policy should ignore cvss cases that do not have a known fix.
description string
disallowMalware boolean: Indicates if malware should block the image.
dockerCisEnabled boolean
domain string: Name of the container image.
domainName string
dtaEnabled boolean
dtaSeverity string
enabled boolean
enforce boolean
enforceAfterDays number
enforceExcessivePermissions boolean
exceptionalMonitoredMalwarePaths string[]
failCicd boolean: Indicates if cicd failures will fail the image.
forbiddenLabels GetFunctionAssurancePolicyForbiddenLabel[]
forbiddenLabelsEnabled boolean
forceMicroenforcer boolean
functionIntegrityEnabled boolean
id string: The ID of this resource.
ignoreRecentlyPublishedVln boolean
ignoreRecentlyPublishedVlnPeriod number
ignoreRiskResourcesEnabled boolean: Indicates if risk resources are ignored.
ignoredRiskResources string[]: List of ignored risk resources.
images string[]: List of images.
kubeCisEnabled boolean
labels string[]: List of labels.
malwareAction string
maximumScore number: Value of allowed maximum score.
maximumScoreEnabled boolean: Indicates if exceeding the maximum score is scanned.
maximumScoreExcludeNoFix boolean: Indicates that policy should ignore cases that do not have a known fix.
monitoredMalwarePaths string[]
name string
onlyNoneRootUsers boolean: Indicates if raise a warning for images that should only be run as root.
packagesBlackListEnabled boolean: Indicates if packages blacklist is relevant.
packagesBlackLists GetFunctionAssurancePolicyPackagesBlackList[]: List of backlisted images.
packagesWhiteListEnabled boolean: Indicates if packages whitelist is relevant.
packagesWhiteLists GetFunctionAssurancePolicyPackagesWhiteList[]: List of whitelisted images.
partialResultsImageFail boolean
readOnly boolean
registries string[]: List of registries.
registry string
requiredLabels GetFunctionAssurancePolicyRequiredLabel[]
requiredLabelsEnabled boolean
scanNfsMounts boolean
scanSensitiveData boolean: Indicates if scan should include sensitive data in the image.
scapEnabled boolean: Indicates if scanning should include scap.
scapFiles string[]: List of SCAP user scripts for checks.
scopes GetFunctionAssurancePolicyScope[]
trustedBaseImages GetFunctionAssurancePolicyTrustedBaseImage[]: List of trusted images.
trustedBaseImagesEnabled boolean: Indicates if list of trusted base images is relevant.
whitelistedLicenses string[]: List of whitelisted licenses.
whitelistedLicensesEnabled boolean: Indicates if license blacklist is relevant.

allowed_images Sequence[str]: List of explicitly allowed images.
application_scopes Sequence[str]
audit_on_failure bool: Indicates if auditing for failures.
author str: Name of user account that created the policy.
auto_scan_configured bool
auto_scan_enabled bool
auto_scan_times Sequence[GetFunctionAssurancePolicyAutoScanTime]
blacklist_permissions Sequence[str]: List of function's forbidden permissions.
blacklist_permissions_enabled bool: Indicates if blacklist permissions is relevant.
blacklisted_licenses Sequence[str]: List of blacklisted licenses.
blacklisted_licenses_enabled bool: Lndicates if license blacklist is relevant.
block_failed bool: Indicates if failed images are blocked.
control_exclude_no_fix bool
custom_checks Sequence[GetFunctionAssurancePolicyCustomCheck]: List of Custom user scripts for checks.
custom_checks_enabled bool: Indicates if scanning should include custom checks.
custom_severity_enabled bool
cves_black_list_enabled bool: Indicates if cves blacklist is relevant.
cves_black_lists Sequence[str]: List of cves blacklisted items.
cves_white_list_enabled bool: Indicates if cves whitelist is relevant.
cves_white_lists Sequence[str]: List of cves whitelisted licenses
cvss_severity str: Identifier of the cvss severity.
cvss_severity_enabled bool: Indicates if the cvss severity is scanned.
cvss_severity_exclude_no_fix bool: Indicates that policy should ignore cvss cases that do not have a known fix.
description str
disallow_malware bool: Indicates if malware should block the image.
docker_cis_enabled bool
domain str: Name of the container image.
domain_name str
dta_enabled bool
dta_severity str
enabled bool
enforce bool
enforce_after_days int
enforce_excessive_permissions bool
exceptional_monitored_malware_paths Sequence[str]
fail_cicd bool: Indicates if cicd failures will fail the image.
forbidden_labels Sequence[GetFunctionAssurancePolicyForbiddenLabel]
forbidden_labels_enabled bool
force_microenforcer bool
function_integrity_enabled bool
id str: The ID of this resource.
ignore_recently_published_vln bool
ignore_recently_published_vln_period int
ignore_risk_resources_enabled bool: Indicates if risk resources are ignored.
ignored_risk_resources Sequence[str]: List of ignored risk resources.
images Sequence[str]: List of images.
kube_cis_enabled bool
labels Sequence[str]: List of labels.
malware_action str
maximum_score float: Value of allowed maximum score.
maximum_score_enabled bool: Indicates if exceeding the maximum score is scanned.
maximum_score_exclude_no_fix bool: Indicates that policy should ignore cases that do not have a known fix.
monitored_malware_paths Sequence[str]
name str
only_none_root_users bool: Indicates if raise a warning for images that should only be run as root.
packages_black_list_enabled bool: Indicates if packages blacklist is relevant.
packages_black_lists Sequence[GetFunctionAssurancePolicyPackagesBlackList]: List of backlisted images.
packages_white_list_enabled bool: Indicates if packages whitelist is relevant.
packages_white_lists Sequence[GetFunctionAssurancePolicyPackagesWhiteList]: List of whitelisted images.
partial_results_image_fail bool
read_only bool
registries Sequence[str]: List of registries.
registry str
required_labels Sequence[GetFunctionAssurancePolicyRequiredLabel]
required_labels_enabled bool
scan_nfs_mounts bool
scan_sensitive_data bool: Indicates if scan should include sensitive data in the image.
scap_enabled bool: Indicates if scanning should include scap.
scap_files Sequence[str]: List of SCAP user scripts for checks.
scopes Sequence[GetFunctionAssurancePolicyScope]
trusted_base_images Sequence[GetFunctionAssurancePolicyTrustedBaseImage]: List of trusted images.
trusted_base_images_enabled bool: Indicates if list of trusted base images is relevant.
whitelisted_licenses Sequence[str]: List of whitelisted licenses.
whitelisted_licenses_enabled bool: Indicates if license blacklist is relevant.

allowedImages List<String>: List of explicitly allowed images.
applicationScopes List<String>
auditOnFailure Boolean: Indicates if auditing for failures.
author String: Name of user account that created the policy.
autoScanConfigured Boolean
autoScanEnabled Boolean
autoScanTimes List<Property Map>
blacklistPermissions List<String>: List of function's forbidden permissions.
blacklistPermissionsEnabled Boolean: Indicates if blacklist permissions is relevant.
blacklistedLicenses List<String>: List of blacklisted licenses.
blacklistedLicensesEnabled Boolean: Lndicates if license blacklist is relevant.
blockFailed Boolean: Indicates if failed images are blocked.
controlExcludeNoFix Boolean
customChecks List<Property Map>: List of Custom user scripts for checks.
customChecksEnabled Boolean: Indicates if scanning should include custom checks.
customSeverityEnabled Boolean
cvesBlackListEnabled Boolean: Indicates if cves blacklist is relevant.
cvesBlackLists List<String>: List of cves blacklisted items.
cvesWhiteListEnabled Boolean: Indicates if cves whitelist is relevant.
cvesWhiteLists List<String>: List of cves whitelisted licenses
cvssSeverity String: Identifier of the cvss severity.
cvssSeverityEnabled Boolean: Indicates if the cvss severity is scanned.
cvssSeverityExcludeNoFix Boolean: Indicates that policy should ignore cvss cases that do not have a known fix.
description String
disallowMalware Boolean: Indicates if malware should block the image.
dockerCisEnabled Boolean
domain String: Name of the container image.
domainName String
dtaEnabled Boolean
dtaSeverity String
enabled Boolean
enforce Boolean
enforceAfterDays Number
enforceExcessivePermissions Boolean
exceptionalMonitoredMalwarePaths List<String>
failCicd Boolean: Indicates if cicd failures will fail the image.
forbiddenLabels List<Property Map>
forbiddenLabelsEnabled Boolean
forceMicroenforcer Boolean
functionIntegrityEnabled Boolean
id String: The ID of this resource.
ignoreRecentlyPublishedVln Boolean
ignoreRecentlyPublishedVlnPeriod Number
ignoreRiskResourcesEnabled Boolean: Indicates if risk resources are ignored.
ignoredRiskResources List<String>: List of ignored risk resources.
images List<String>: List of images.
kubeCisEnabled Boolean
labels List<String>: List of labels.
malwareAction String
maximumScore Number: Value of allowed maximum score.
maximumScoreEnabled Boolean: Indicates if exceeding the maximum score is scanned.
maximumScoreExcludeNoFix Boolean: Indicates that policy should ignore cases that do not have a known fix.
monitoredMalwarePaths List<String>
name String
onlyNoneRootUsers Boolean: Indicates if raise a warning for images that should only be run as root.
packagesBlackListEnabled Boolean: Indicates if packages blacklist is relevant.
packagesBlackLists List<Property Map>: List of backlisted images.
packagesWhiteListEnabled Boolean: Indicates if packages whitelist is relevant.
packagesWhiteLists List<Property Map>: List of whitelisted images.
partialResultsImageFail Boolean
readOnly Boolean
registries List<String>: List of registries.
registry String
requiredLabels List<Property Map>
requiredLabelsEnabled Boolean
scanNfsMounts Boolean
scanSensitiveData Boolean: Indicates if scan should include sensitive data in the image.
scapEnabled Boolean: Indicates if scanning should include scap.
scapFiles List<String>: List of SCAP user scripts for checks.
scopes List<Property Map>
trustedBaseImages List<Property Map>: List of trusted images.
trustedBaseImagesEnabled Boolean: Indicates if list of trusted base images is relevant.
whitelistedLicenses List<String>: List of whitelisted licenses.
whitelistedLicensesEnabled Boolean: Indicates if license blacklist is relevant.