Google Native

v0.26.0 published on Friday, Sep 16, 2022 by Pulumi

Note

Creates a new Note.

Create a Note Resource

new Note(name: string, args?: NoteArgs, opts?: CustomResourceOptions);
@overload
def Note(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         attestation_authority: Optional[AttestationAuthorityArgs] = None,
         base_image: Optional[BasisArgs] = None,
         build_type: Optional[BuildTypeArgs] = None,
         compliance: Optional[ComplianceNoteArgs] = None,
         deployable: Optional[DeployableArgs] = None,
         discovery: Optional[DiscoveryArgs] = None,
         dsse_attestation: Optional[DSSEAttestationNoteArgs] = None,
         expiration_time: Optional[str] = None,
         long_description: Optional[str] = None,
         name: Optional[str] = None,
         note_id: Optional[str] = None,
         package: Optional[PackageArgs] = None,
         project: Optional[str] = None,
         related_url: Optional[Sequence[RelatedUrlArgs]] = None,
         sbom: Optional[DocumentNoteArgs] = None,
         short_description: Optional[str] = None,
         spdx_file: Optional[FileNoteArgs] = None,
         spdx_package: Optional[PackageInfoNoteArgs] = None,
         spdx_relationship: Optional[RelationshipNoteArgs] = None,
         upgrade: Optional[UpgradeNoteArgs] = None,
         vulnerability_type: Optional[VulnerabilityTypeArgs] = None)
@overload
def Note(resource_name: str,
         args: Optional[NoteArgs] = None,
         opts: Optional[ResourceOptions] = None)
func NewNote(ctx *Context, name string, args *NoteArgs, opts ...ResourceOption) (*Note, error)
public Note(string name, NoteArgs? args = null, CustomResourceOptions? opts = null)
public Note(String name, NoteArgs args)
public Note(String name, NoteArgs args, CustomResourceOptions options)
type: google-native:containeranalysis/v1alpha1:Note
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args NoteArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args NoteArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args NoteArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args NoteArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args NoteArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Note Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Note resource accepts the following input properties:

AttestationAuthority Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.AttestationAuthorityArgs

A note describing an attestation role.

BaseImage Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.BasisArgs

A note describing a base image.

BuildType Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.BuildTypeArgs

Build provenance type for a verifiable build.

Compliance Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.ComplianceNoteArgs

A note describing a compliance check.

Deployable Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DeployableArgs

A note describing something that can be deployed.

Discovery Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DiscoveryArgs

A note describing a provider/analysis type.

DsseAttestation Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DSSEAttestationNoteArgs

A note describing a dsse attestation note.

ExpirationTime string

Time of expiration for this note, null if note does not expire.

LongDescription string

A detailed description of this Note.

Name string

The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"

NoteId string

The ID to use for this note.

Package Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.PackageArgs

A note describing a package hosted by various package managers.

Project string
RelatedUrl List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.RelatedUrlArgs>

URLs associated with this note

Sbom Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DocumentNoteArgs

A note describing a software bill of materials.

ShortDescription string

A one sentence description of this Note.

SpdxFile Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.FileNoteArgs

A note describing an SPDX File.

SpdxPackage Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.PackageInfoNoteArgs

A note describing an SPDX Package.

SpdxRelationship Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.RelationshipNoteArgs

A note describing a relationship between SPDX elements.

Upgrade Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.UpgradeNoteArgs

A note describing an upgrade.

VulnerabilityType Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VulnerabilityTypeArgs

A package vulnerability type of note.

AttestationAuthority AttestationAuthorityArgs

A note describing an attestation role.

BaseImage BasisArgs

A note describing a base image.

BuildType BuildTypeArgs

Build provenance type for a verifiable build.

Compliance ComplianceNoteArgs

A note describing a compliance check.

Deployable DeployableArgs

A note describing something that can be deployed.

Discovery DiscoveryArgs

A note describing a provider/analysis type.

DsseAttestation DSSEAttestationNoteArgs

A note describing a dsse attestation note.

ExpirationTime string

Time of expiration for this note, null if note does not expire.

LongDescription string

A detailed description of this Note.

Name string

The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"

NoteId string

The ID to use for this note.

Package PackageArgs

A note describing a package hosted by various package managers.

Project string
RelatedUrl []RelatedUrlArgs

URLs associated with this note

Sbom DocumentNoteArgs

A note describing a software bill of materials.

ShortDescription string

A one sentence description of this Note.

SpdxFile FileNoteArgs

A note describing an SPDX File.

SpdxPackage PackageInfoNoteArgs

A note describing an SPDX Package.

SpdxRelationship RelationshipNoteArgs

A note describing a relationship between SPDX elements.

Upgrade UpgradeNoteArgs

A note describing an upgrade.

VulnerabilityType VulnerabilityTypeArgs

A package vulnerability type of note.

attestationAuthority AttestationAuthorityArgs

A note describing an attestation role.

baseImage BasisArgs

A note describing a base image.

buildType BuildTypeArgs

Build provenance type for a verifiable build.

compliance ComplianceNoteArgs

A note describing a compliance check.

deployable DeployableArgs

A note describing something that can be deployed.

discovery DiscoveryArgs

A note describing a provider/analysis type.

dsseAttestation DSSEAttestationNoteArgs

A note describing a dsse attestation note.

expirationTime String

Time of expiration for this note, null if note does not expire.

longDescription String

A detailed description of this Note.

name String

The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"

noteId String

The ID to use for this note.

package_ PackageArgs

A note describing a package hosted by various package managers.

project String
relatedUrl List<RelatedUrlArgs>

URLs associated with this note

sbom DocumentNoteArgs

A note describing a software bill of materials.

shortDescription String

A one sentence description of this Note.

spdxFile FileNoteArgs

A note describing an SPDX File.

spdxPackage PackageInfoNoteArgs

A note describing an SPDX Package.

spdxRelationship RelationshipNoteArgs

A note describing a relationship between SPDX elements.

upgrade UpgradeNoteArgs

A note describing an upgrade.

vulnerabilityType VulnerabilityTypeArgs

A package vulnerability type of note.

attestationAuthority AttestationAuthorityArgs

A note describing an attestation role.

baseImage BasisArgs

A note describing a base image.

buildType BuildTypeArgs

Build provenance type for a verifiable build.

compliance ComplianceNoteArgs

A note describing a compliance check.

deployable DeployableArgs

A note describing something that can be deployed.

discovery DiscoveryArgs

A note describing a provider/analysis type.

dsseAttestation DSSEAttestationNoteArgs

A note describing a dsse attestation note.

expirationTime string

Time of expiration for this note, null if note does not expire.

longDescription string

A detailed description of this Note.

name string

The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"

noteId string

The ID to use for this note.

package PackageArgs

A note describing a package hosted by various package managers.

project string
relatedUrl RelatedUrlArgs[]

URLs associated with this note

sbom DocumentNoteArgs

A note describing a software bill of materials.

shortDescription string

A one sentence description of this Note.

spdxFile FileNoteArgs

A note describing an SPDX File.

spdxPackage PackageInfoNoteArgs

A note describing an SPDX Package.

spdxRelationship RelationshipNoteArgs

A note describing a relationship between SPDX elements.

upgrade UpgradeNoteArgs

A note describing an upgrade.

vulnerabilityType VulnerabilityTypeArgs

A package vulnerability type of note.

attestation_authority AttestationAuthorityArgs

A note describing an attestation role.

base_image BasisArgs

A note describing a base image.

build_type BuildTypeArgs

Build provenance type for a verifiable build.

compliance ComplianceNoteArgs

A note describing a compliance check.

deployable DeployableArgs

A note describing something that can be deployed.

discovery DiscoveryArgs

A note describing a provider/analysis type.

dsse_attestation DSSEAttestationNoteArgs

A note describing a dsse attestation note.

expiration_time str

Time of expiration for this note, null if note does not expire.

long_description str

A detailed description of this Note.

name str

The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"

note_id str

The ID to use for this note.

package PackageArgs

A note describing a package hosted by various package managers.

project str
related_url Sequence[RelatedUrlArgs]

URLs associated with this note

sbom DocumentNoteArgs

A note describing a software bill of materials.

short_description str

A one sentence description of this Note.

spdx_file FileNoteArgs

A note describing an SPDX File.

spdx_package PackageInfoNoteArgs

A note describing an SPDX Package.

spdx_relationship RelationshipNoteArgs

A note describing a relationship between SPDX elements.

upgrade UpgradeNoteArgs

A note describing an upgrade.

vulnerability_type VulnerabilityTypeArgs

A package vulnerability type of note.

attestationAuthority Property Map

A note describing an attestation role.

baseImage Property Map

A note describing a base image.

buildType Property Map

Build provenance type for a verifiable build.

compliance Property Map

A note describing a compliance check.

deployable Property Map

A note describing something that can be deployed.

discovery Property Map

A note describing a provider/analysis type.

dsseAttestation Property Map

A note describing a dsse attestation note.

expirationTime String

Time of expiration for this note, null if note does not expire.

longDescription String

A detailed description of this Note.

name String

The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}"

noteId String

The ID to use for this note.

package Property Map

A note describing a package hosted by various package managers.

project String
relatedUrl List<Property Map>

URLs associated with this note

sbom Property Map

A note describing a software bill of materials.

shortDescription String

A one sentence description of this Note.

spdxFile Property Map

A note describing an SPDX File.

spdxPackage Property Map

A note describing an SPDX Package.

spdxRelationship Property Map

A note describing a relationship between SPDX elements.

upgrade Property Map

A note describing an upgrade.

vulnerabilityType Property Map

A package vulnerability type of note.

Outputs

All input properties are implicitly available as output properties. Additionally, the Note resource produces the following output properties:

CreateTime string

The time this note was created. This field can be used as a filter in list requests.

Id string

The provider-assigned unique ID for this managed resource.

Kind string

This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.

UpdateTime string

The time this note was last updated. This field can be used as a filter in list requests.

CreateTime string

The time this note was created. This field can be used as a filter in list requests.

Id string

The provider-assigned unique ID for this managed resource.

Kind string

This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.

UpdateTime string

The time this note was last updated. This field can be used as a filter in list requests.

createTime String

The time this note was created. This field can be used as a filter in list requests.

id String

The provider-assigned unique ID for this managed resource.

kind String

This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.

updateTime String

The time this note was last updated. This field can be used as a filter in list requests.

createTime string

The time this note was created. This field can be used as a filter in list requests.

id string

The provider-assigned unique ID for this managed resource.

kind string

This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.

updateTime string

The time this note was last updated. This field can be used as a filter in list requests.

create_time str

The time this note was created. This field can be used as a filter in list requests.

id str

The provider-assigned unique ID for this managed resource.

kind str

This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.

update_time str

The time this note was last updated. This field can be used as a filter in list requests.

createTime String

The time this note was created. This field can be used as a filter in list requests.

id String

The provider-assigned unique ID for this managed resource.

kind String

This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests.

updateTime String

The time this note was last updated. This field can be used as a filter in list requests.

Supporting Types

AttestationAuthority

AttestationAuthorityHint

HumanReadableName string

The human readable name of this Attestation Authority, for example "qa".

HumanReadableName string

The human readable name of this Attestation Authority, for example "qa".

humanReadableName String

The human readable name of this Attestation Authority, for example "qa".

humanReadableName string

The human readable name of this Attestation Authority, for example "qa".

human_readable_name str

The human readable name of this Attestation Authority, for example "qa".

humanReadableName String

The human readable name of this Attestation Authority, for example "qa".

AttestationAuthorityHintResponse

HumanReadableName string

The human readable name of this Attestation Authority, for example "qa".

HumanReadableName string

The human readable name of this Attestation Authority, for example "qa".

humanReadableName String

The human readable name of this Attestation Authority, for example "qa".

humanReadableName string

The human readable name of this Attestation Authority, for example "qa".

human_readable_name str

The human readable name of this Attestation Authority, for example "qa".

humanReadableName String

The human readable name of this Attestation Authority, for example "qa".

AttestationAuthorityResponse

Basis

Fingerprint Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.Fingerprint

The fingerprint of the base image.

ResourceUrl string

The resource_url for the resource representing the basis of associated occurrence images.

Fingerprint Fingerprint

The fingerprint of the base image.

ResourceUrl string

The resource_url for the resource representing the basis of associated occurrence images.

fingerprint Fingerprint

The fingerprint of the base image.

resourceUrl String

The resource_url for the resource representing the basis of associated occurrence images.

fingerprint Fingerprint

The fingerprint of the base image.

resourceUrl string

The resource_url for the resource representing the basis of associated occurrence images.

fingerprint Fingerprint

The fingerprint of the base image.

resource_url str

The resource_url for the resource representing the basis of associated occurrence images.

fingerprint Property Map

The fingerprint of the base image.

resourceUrl String

The resource_url for the resource representing the basis of associated occurrence images.

BasisResponse

Fingerprint Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.FingerprintResponse

The fingerprint of the base image.

ResourceUrl string

The resource_url for the resource representing the basis of associated occurrence images.

Fingerprint FingerprintResponse

The fingerprint of the base image.

ResourceUrl string

The resource_url for the resource representing the basis of associated occurrence images.

fingerprint FingerprintResponse

The fingerprint of the base image.

resourceUrl String

The resource_url for the resource representing the basis of associated occurrence images.

fingerprint FingerprintResponse

The fingerprint of the base image.

resourceUrl string

The resource_url for the resource representing the basis of associated occurrence images.

fingerprint FingerprintResponse

The fingerprint of the base image.

resource_url str

The resource_url for the resource representing the basis of associated occurrence images.

fingerprint Property Map

The fingerprint of the base image.

resourceUrl String

The resource_url for the resource representing the basis of associated occurrence images.

BuildSignature

KeyId string

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

KeyType Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.BuildSignatureKeyType

The type of the key, either stored in public_key or referenced in key_id

PublicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

Signature string

Signature of the related BuildProvenance, encoded in a base64 string.

KeyId string

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

KeyType BuildSignatureKeyType

The type of the key, either stored in public_key or referenced in key_id

PublicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

Signature string

Signature of the related BuildProvenance, encoded in a base64 string.

keyId String

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType BuildSignatureKeyType

The type of the key, either stored in public_key or referenced in key_id

publicKey String

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature String

Signature of the related BuildProvenance, encoded in a base64 string.

keyId string

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType BuildSignatureKeyType

The type of the key, either stored in public_key or referenced in key_id

publicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature string

Signature of the related BuildProvenance, encoded in a base64 string.

key_id str

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

key_type BuildSignatureKeyType

The type of the key, either stored in public_key or referenced in key_id

public_key str

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature str

Signature of the related BuildProvenance, encoded in a base64 string.

keyId String

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType "KEY_TYPE_UNSPECIFIED" | "PGP_ASCII_ARMORED" | "PKIX_PEM"

The type of the key, either stored in public_key or referenced in key_id

publicKey String

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature String

Signature of the related BuildProvenance, encoded in a base64 string.

BuildSignatureKeyType

KeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

KeyType is not set.

PgpAsciiArmored
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

PkixPem
PKIX_PEM

PKIX PEM public key.

BuildSignatureKeyTypeKeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

KeyType is not set.

BuildSignatureKeyTypePgpAsciiArmored
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

BuildSignatureKeyTypePkixPem
PKIX_PEM

PKIX PEM public key.

KeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

KeyType is not set.

PgpAsciiArmored
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

PkixPem
PKIX_PEM

PKIX PEM public key.

KeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

KeyType is not set.

PgpAsciiArmored
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

PkixPem
PKIX_PEM

PKIX PEM public key.

KEY_TYPE_UNSPECIFIED
KEY_TYPE_UNSPECIFIED

KeyType is not set.

PGP_ASCII_ARMORED
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

PKIX_PEM
PKIX_PEM

PKIX PEM public key.

"KEY_TYPE_UNSPECIFIED"
KEY_TYPE_UNSPECIFIED

KeyType is not set.

"PGP_ASCII_ARMORED"
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

"PKIX_PEM"
PKIX_PEM

PKIX PEM public key.

BuildSignatureResponse

KeyId string

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

KeyType string

The type of the key, either stored in public_key or referenced in key_id

PublicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

Signature string

Signature of the related BuildProvenance, encoded in a base64 string.

KeyId string

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

KeyType string

The type of the key, either stored in public_key or referenced in key_id

PublicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

Signature string

Signature of the related BuildProvenance, encoded in a base64 string.

keyId String

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType String

The type of the key, either stored in public_key or referenced in key_id

publicKey String

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature String

Signature of the related BuildProvenance, encoded in a base64 string.

keyId string

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType string

The type of the key, either stored in public_key or referenced in key_id

publicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature string

Signature of the related BuildProvenance, encoded in a base64 string.

key_id str

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

key_type str

The type of the key, either stored in public_key or referenced in key_id

public_key str

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature str

Signature of the related BuildProvenance, encoded in a base64 string.

keyId String

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType String

The type of the key, either stored in public_key or referenced in key_id

publicKey String

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature String

Signature of the related BuildProvenance, encoded in a base64 string.

BuildType

BuilderVersion string

Version of the builder which produced this Note.

Signature Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.BuildSignature

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

BuilderVersion string

Version of the builder which produced this Note.

Signature BuildSignature

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

builderVersion String

Version of the builder which produced this Note.

signature BuildSignature

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

builderVersion string

Version of the builder which produced this Note.

signature BuildSignature

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

builder_version str

Version of the builder which produced this Note.

signature BuildSignature

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

builderVersion String

Version of the builder which produced this Note.

signature Property Map

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

BuildTypeResponse

BuilderVersion string

Version of the builder which produced this Note.

Signature Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.BuildSignatureResponse

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

BuilderVersion string

Version of the builder which produced this Note.

Signature BuildSignatureResponse

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

builderVersion String

Version of the builder which produced this Note.

signature BuildSignatureResponse

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

builderVersion string

Version of the builder which produced this Note.

signature BuildSignatureResponse

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

builder_version str

Version of the builder which produced this Note.

signature BuildSignatureResponse

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

builderVersion String

Version of the builder which produced this Note.

signature Property Map

Signature of the build in Occurrences pointing to the Note containing this BuilderDetails.

CVSS

AttackComplexity Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.CVSSAttackComplexity

Defined in CVSS v3, CVSS v2

AttackVector Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.CVSSAttackVector

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

Authentication Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.CVSSAuthentication

Defined in CVSS v2

AvailabilityImpact Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.CVSSAvailabilityImpact

Defined in CVSS v3, CVSS v2

BaseScore double

The base score is a function of the base metric scores.

ConfidentialityImpact Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.CVSSConfidentialityImpact

Defined in CVSS v3, CVSS v2

ExploitabilityScore double
ImpactScore double
IntegrityImpact Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.CVSSIntegrityImpact

Defined in CVSS v3, CVSS v2

PrivilegesRequired Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.CVSSPrivilegesRequired

Defined in CVSS v3

Scope Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.CVSSScope

Defined in CVSS v3

UserInteraction Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.CVSSUserInteraction

Defined in CVSS v3

AttackComplexity CVSSAttackComplexity

Defined in CVSS v3, CVSS v2

AttackVector CVSSAttackVector

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

Authentication CVSSAuthentication

Defined in CVSS v2

AvailabilityImpact CVSSAvailabilityImpact

Defined in CVSS v3, CVSS v2

BaseScore float64

The base score is a function of the base metric scores.

ConfidentialityImpact CVSSConfidentialityImpact

Defined in CVSS v3, CVSS v2

ExploitabilityScore float64
ImpactScore float64
IntegrityImpact CVSSIntegrityImpact

Defined in CVSS v3, CVSS v2

PrivilegesRequired CVSSPrivilegesRequired

Defined in CVSS v3

Scope CVSSScope

Defined in CVSS v3

UserInteraction CVSSUserInteraction

Defined in CVSS v3

attackComplexity CVSSAttackComplexity

Defined in CVSS v3, CVSS v2

attackVector CVSSAttackVector

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication CVSSAuthentication

Defined in CVSS v2

availabilityImpact CVSSAvailabilityImpact

Defined in CVSS v3, CVSS v2

baseScore Double

The base score is a function of the base metric scores.

confidentialityImpact CVSSConfidentialityImpact

Defined in CVSS v3, CVSS v2

exploitabilityScore Double
impactScore Double
integrityImpact CVSSIntegrityImpact

Defined in CVSS v3, CVSS v2

privilegesRequired CVSSPrivilegesRequired

Defined in CVSS v3

scope CVSSScope

Defined in CVSS v3

userInteraction CVSSUserInteraction

Defined in CVSS v3

attackComplexity CVSSAttackComplexity

Defined in CVSS v3, CVSS v2

attackVector CVSSAttackVector

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication CVSSAuthentication

Defined in CVSS v2

availabilityImpact CVSSAvailabilityImpact

Defined in CVSS v3, CVSS v2

baseScore number

The base score is a function of the base metric scores.

confidentialityImpact CVSSConfidentialityImpact

Defined in CVSS v3, CVSS v2

exploitabilityScore number
impactScore number
integrityImpact CVSSIntegrityImpact

Defined in CVSS v3, CVSS v2

privilegesRequired CVSSPrivilegesRequired

Defined in CVSS v3

scope CVSSScope

Defined in CVSS v3

userInteraction CVSSUserInteraction

Defined in CVSS v3

attack_complexity CVSSAttackComplexity

Defined in CVSS v3, CVSS v2

attack_vector CVSSAttackVector

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication CVSSAuthentication

Defined in CVSS v2

availability_impact CVSSAvailabilityImpact

Defined in CVSS v3, CVSS v2

base_score float

The base score is a function of the base metric scores.

confidentiality_impact CVSSConfidentialityImpact

Defined in CVSS v3, CVSS v2

exploitability_score float
impact_score float
integrity_impact CVSSIntegrityImpact

Defined in CVSS v3, CVSS v2

privileges_required CVSSPrivilegesRequired

Defined in CVSS v3

scope CVSSScope

Defined in CVSS v3

user_interaction CVSSUserInteraction

Defined in CVSS v3

attackComplexity "ATTACK_COMPLEXITY_UNSPECIFIED" | "ATTACK_COMPLEXITY_LOW" | "ATTACK_COMPLEXITY_HIGH" | "ATTACK_COMPLEXITY_MEDIUM"

Defined in CVSS v3, CVSS v2

attackVector "ATTACK_VECTOR_UNSPECIFIED" | "ATTACK_VECTOR_NETWORK" | "ATTACK_VECTOR_ADJACENT" | "ATTACK_VECTOR_LOCAL" | "ATTACK_VECTOR_PHYSICAL"

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication "AUTHENTICATION_UNSPECIFIED" | "AUTHENTICATION_MULTIPLE" | "AUTHENTICATION_SINGLE" | "AUTHENTICATION_NONE"

Defined in CVSS v2

availabilityImpact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE"

Defined in CVSS v3, CVSS v2

baseScore Number

The base score is a function of the base metric scores.

confidentialityImpact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE"

Defined in CVSS v3, CVSS v2

exploitabilityScore Number
impactScore Number
integrityImpact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE"

Defined in CVSS v3, CVSS v2

privilegesRequired "PRIVILEGES_REQUIRED_UNSPECIFIED" | "PRIVILEGES_REQUIRED_NONE" | "PRIVILEGES_REQUIRED_LOW" | "PRIVILEGES_REQUIRED_HIGH"

Defined in CVSS v3

scope "SCOPE_UNSPECIFIED" | "SCOPE_UNCHANGED" | "SCOPE_CHANGED"

Defined in CVSS v3

userInteraction "USER_INTERACTION_UNSPECIFIED" | "USER_INTERACTION_NONE" | "USER_INTERACTION_REQUIRED"

Defined in CVSS v3

CVSSAttackComplexity

AttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackComplexityLow
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

AttackComplexityHigh
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

AttackComplexityMedium
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

CVSSAttackComplexityAttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

CVSSAttackComplexityAttackComplexityLow
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

CVSSAttackComplexityAttackComplexityHigh
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

CVSSAttackComplexityAttackComplexityMedium
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

AttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackComplexityLow
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

AttackComplexityHigh
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

AttackComplexityMedium
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

AttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackComplexityLow
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

AttackComplexityHigh
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

AttackComplexityMedium
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

ATTACK_COMPLEXITY_UNSPECIFIED
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ATTACK_COMPLEXITY_LOW
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

ATTACK_COMPLEXITY_HIGH
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

ATTACK_COMPLEXITY_MEDIUM
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

"ATTACK_COMPLEXITY_UNSPECIFIED"
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

"ATTACK_COMPLEXITY_LOW"
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

"ATTACK_COMPLEXITY_HIGH"
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

"ATTACK_COMPLEXITY_MEDIUM"
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

CVSSAttackVector

AttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackVectorNetwork
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

AttackVectorAdjacent
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

AttackVectorLocal
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

AttackVectorPhysical
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

CVSSAttackVectorAttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

CVSSAttackVectorAttackVectorNetwork
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

CVSSAttackVectorAttackVectorAdjacent
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

CVSSAttackVectorAttackVectorLocal
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

CVSSAttackVectorAttackVectorPhysical
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

AttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackVectorNetwork
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

AttackVectorAdjacent
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

AttackVectorLocal
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

AttackVectorPhysical
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

AttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackVectorNetwork
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

AttackVectorAdjacent
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

AttackVectorLocal
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

AttackVectorPhysical
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

ATTACK_VECTOR_UNSPECIFIED
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ATTACK_VECTOR_NETWORK
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

ATTACK_VECTOR_ADJACENT
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

ATTACK_VECTOR_LOCAL
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

ATTACK_VECTOR_PHYSICAL
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

"ATTACK_VECTOR_UNSPECIFIED"
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

"ATTACK_VECTOR_NETWORK"
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

"ATTACK_VECTOR_ADJACENT"
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

"ATTACK_VECTOR_LOCAL"
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

"ATTACK_VECTOR_PHYSICAL"
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

CVSSAuthentication

AuthenticationUnspecified
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

AuthenticationMultiple
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

AuthenticationSingle
AUTHENTICATION_SINGLE

Defined in CVSS v2

AuthenticationNone
AUTHENTICATION_NONE

Defined in CVSS v2

CVSSAuthenticationAuthenticationUnspecified
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

CVSSAuthenticationAuthenticationMultiple
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

CVSSAuthenticationAuthenticationSingle
AUTHENTICATION_SINGLE

Defined in CVSS v2

CVSSAuthenticationAuthenticationNone
AUTHENTICATION_NONE

Defined in CVSS v2

AuthenticationUnspecified
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

AuthenticationMultiple
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

AuthenticationSingle
AUTHENTICATION_SINGLE

Defined in CVSS v2

AuthenticationNone
AUTHENTICATION_NONE

Defined in CVSS v2

AuthenticationUnspecified
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

AuthenticationMultiple
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

AuthenticationSingle
AUTHENTICATION_SINGLE

Defined in CVSS v2

AuthenticationNone
AUTHENTICATION_NONE

Defined in CVSS v2

AUTHENTICATION_UNSPECIFIED
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

AUTHENTICATION_MULTIPLE
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

AUTHENTICATION_SINGLE
AUTHENTICATION_SINGLE

Defined in CVSS v2

AUTHENTICATION_NONE
AUTHENTICATION_NONE

Defined in CVSS v2

"AUTHENTICATION_UNSPECIFIED"
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

"AUTHENTICATION_MULTIPLE"
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

"AUTHENTICATION_SINGLE"
AUTHENTICATION_SINGLE

Defined in CVSS v2

"AUTHENTICATION_NONE"
AUTHENTICATION_NONE

Defined in CVSS v2

CVSSAvailabilityImpact

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

CVSSAvailabilityImpactImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

CVSSAvailabilityImpactImpactHigh
IMPACT_HIGH

Defined in CVSS v3

CVSSAvailabilityImpactImpactLow
IMPACT_LOW

Defined in CVSS v3

CVSSAvailabilityImpactImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

CVSSAvailabilityImpactImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

CVSSAvailabilityImpactImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

IMPACT_UNSPECIFIED
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

IMPACT_HIGH
IMPACT_HIGH

Defined in CVSS v3

IMPACT_LOW
IMPACT_LOW

Defined in CVSS v3

IMPACT_NONE
IMPACT_NONE

Defined in CVSS v3, CVSS v2

IMPACT_PARTIAL
IMPACT_PARTIAL

Defined in CVSS v2

IMPACT_COMPLETE
IMPACT_COMPLETE

Defined in CVSS v2

"IMPACT_UNSPECIFIED"
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

"IMPACT_HIGH"
IMPACT_HIGH

Defined in CVSS v3

"IMPACT_LOW"
IMPACT_LOW

Defined in CVSS v3

"IMPACT_NONE"
IMPACT_NONE

Defined in CVSS v3, CVSS v2

"IMPACT_PARTIAL"
IMPACT_PARTIAL

Defined in CVSS v2

"IMPACT_COMPLETE"
IMPACT_COMPLETE

Defined in CVSS v2

CVSSConfidentialityImpact

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

CVSSConfidentialityImpactImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

CVSSConfidentialityImpactImpactHigh
IMPACT_HIGH

Defined in CVSS v3

CVSSConfidentialityImpactImpactLow
IMPACT_LOW

Defined in CVSS v3

CVSSConfidentialityImpactImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

CVSSConfidentialityImpactImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

CVSSConfidentialityImpactImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

IMPACT_UNSPECIFIED
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

IMPACT_HIGH
IMPACT_HIGH

Defined in CVSS v3

IMPACT_LOW
IMPACT_LOW

Defined in CVSS v3

IMPACT_NONE
IMPACT_NONE

Defined in CVSS v3, CVSS v2

IMPACT_PARTIAL
IMPACT_PARTIAL

Defined in CVSS v2

IMPACT_COMPLETE
IMPACT_COMPLETE

Defined in CVSS v2

"IMPACT_UNSPECIFIED"
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

"IMPACT_HIGH"
IMPACT_HIGH

Defined in CVSS v3

"IMPACT_LOW"
IMPACT_LOW

Defined in CVSS v3

"IMPACT_NONE"
IMPACT_NONE

Defined in CVSS v3, CVSS v2

"IMPACT_PARTIAL"
IMPACT_PARTIAL

Defined in CVSS v2

"IMPACT_COMPLETE"
IMPACT_COMPLETE

Defined in CVSS v2

CVSSIntegrityImpact

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

CVSSIntegrityImpactImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

CVSSIntegrityImpactImpactHigh
IMPACT_HIGH

Defined in CVSS v3

CVSSIntegrityImpactImpactLow
IMPACT_LOW

Defined in CVSS v3

CVSSIntegrityImpactImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

CVSSIntegrityImpactImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

CVSSIntegrityImpactImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

IMPACT_UNSPECIFIED
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

IMPACT_HIGH
IMPACT_HIGH

Defined in CVSS v3

IMPACT_LOW
IMPACT_LOW

Defined in CVSS v3

IMPACT_NONE
IMPACT_NONE

Defined in CVSS v3, CVSS v2

IMPACT_PARTIAL
IMPACT_PARTIAL

Defined in CVSS v2

IMPACT_COMPLETE
IMPACT_COMPLETE

Defined in CVSS v2

"IMPACT_UNSPECIFIED"
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

"IMPACT_HIGH"
IMPACT_HIGH

Defined in CVSS v3

"IMPACT_LOW"
IMPACT_LOW

Defined in CVSS v3

"IMPACT_NONE"
IMPACT_NONE

Defined in CVSS v3, CVSS v2

"IMPACT_PARTIAL"
IMPACT_PARTIAL

Defined in CVSS v2

"IMPACT_COMPLETE"
IMPACT_COMPLETE

Defined in CVSS v2

CVSSPrivilegesRequired

PrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

PrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

PrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

PrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

CVSSPrivilegesRequiredPrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

CVSSPrivilegesRequiredPrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

CVSSPrivilegesRequiredPrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

CVSSPrivilegesRequiredPrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

PrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

PrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

PrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

PrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

PrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

PrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

PrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

PrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

PRIVILEGES_REQUIRED_UNSPECIFIED
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

PRIVILEGES_REQUIRED_NONE
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

PRIVILEGES_REQUIRED_LOW
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

PRIVILEGES_REQUIRED_HIGH
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

"PRIVILEGES_REQUIRED_UNSPECIFIED"
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

"PRIVILEGES_REQUIRED_NONE"
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

"PRIVILEGES_REQUIRED_LOW"
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

"PRIVILEGES_REQUIRED_HIGH"
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

CVSSResponse

AttackComplexity string

Defined in CVSS v3, CVSS v2

AttackVector string

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

Authentication string

Defined in CVSS v2

AvailabilityImpact string

Defined in CVSS v3, CVSS v2

BaseScore double

The base score is a function of the base metric scores.

ConfidentialityImpact string

Defined in CVSS v3, CVSS v2

ExploitabilityScore double
ImpactScore double
IntegrityImpact string

Defined in CVSS v3, CVSS v2

PrivilegesRequired string

Defined in CVSS v3

Scope string

Defined in CVSS v3

UserInteraction string

Defined in CVSS v3

AttackComplexity string

Defined in CVSS v3, CVSS v2

AttackVector string

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

Authentication string

Defined in CVSS v2

AvailabilityImpact string

Defined in CVSS v3, CVSS v2

BaseScore float64

The base score is a function of the base metric scores.

ConfidentialityImpact string

Defined in CVSS v3, CVSS v2

ExploitabilityScore float64
ImpactScore float64
IntegrityImpact string

Defined in CVSS v3, CVSS v2

PrivilegesRequired string

Defined in CVSS v3

Scope string

Defined in CVSS v3

UserInteraction string

Defined in CVSS v3

attackComplexity String

Defined in CVSS v3, CVSS v2

attackVector String

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication String

Defined in CVSS v2

availabilityImpact String

Defined in CVSS v3, CVSS v2

baseScore Double

The base score is a function of the base metric scores.

confidentialityImpact String

Defined in CVSS v3, CVSS v2

exploitabilityScore Double
impactScore Double
integrityImpact String

Defined in CVSS v3, CVSS v2

privilegesRequired String

Defined in CVSS v3

scope String

Defined in CVSS v3

userInteraction String

Defined in CVSS v3

attackComplexity string

Defined in CVSS v3, CVSS v2

attackVector string

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication string

Defined in CVSS v2

availabilityImpact string

Defined in CVSS v3, CVSS v2

baseScore number

The base score is a function of the base metric scores.

confidentialityImpact string

Defined in CVSS v3, CVSS v2

exploitabilityScore number
impactScore number
integrityImpact string

Defined in CVSS v3, CVSS v2

privilegesRequired string

Defined in CVSS v3

scope string

Defined in CVSS v3

userInteraction string

Defined in CVSS v3

attack_complexity str

Defined in CVSS v3, CVSS v2

attack_vector str

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication str

Defined in CVSS v2

availability_impact str

Defined in CVSS v3, CVSS v2

base_score float

The base score is a function of the base metric scores.

confidentiality_impact str

Defined in CVSS v3, CVSS v2

exploitability_score float
impact_score float
integrity_impact str

Defined in CVSS v3, CVSS v2

privileges_required str

Defined in CVSS v3

scope str

Defined in CVSS v3

user_interaction str

Defined in CVSS v3

attackComplexity String

Defined in CVSS v3, CVSS v2

attackVector String

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication String

Defined in CVSS v2

availabilityImpact String

Defined in CVSS v3, CVSS v2

baseScore Number

The base score is a function of the base metric scores.

confidentialityImpact String

Defined in CVSS v3, CVSS v2

exploitabilityScore Number
impactScore Number
integrityImpact String

Defined in CVSS v3, CVSS v2

privilegesRequired String

Defined in CVSS v3

scope String

Defined in CVSS v3

userInteraction String

Defined in CVSS v3

CVSSScope

ScopeUnspecified
SCOPE_UNSPECIFIED

Defined in CVSS v3

ScopeUnchanged
SCOPE_UNCHANGED

Defined in CVSS v3

ScopeChanged
SCOPE_CHANGED

Defined in CVSS v3

CVSSScopeScopeUnspecified
SCOPE_UNSPECIFIED

Defined in CVSS v3

CVSSScopeScopeUnchanged
SCOPE_UNCHANGED

Defined in CVSS v3

CVSSScopeScopeChanged
SCOPE_CHANGED

Defined in CVSS v3

ScopeUnspecified
SCOPE_UNSPECIFIED

Defined in CVSS v3

ScopeUnchanged
SCOPE_UNCHANGED

Defined in CVSS v3

ScopeChanged
SCOPE_CHANGED

Defined in CVSS v3

ScopeUnspecified
SCOPE_UNSPECIFIED

Defined in CVSS v3

ScopeUnchanged
SCOPE_UNCHANGED

Defined in CVSS v3

ScopeChanged
SCOPE_CHANGED

Defined in CVSS v3

SCOPE_UNSPECIFIED
SCOPE_UNSPECIFIED

Defined in CVSS v3

SCOPE_UNCHANGED
SCOPE_UNCHANGED

Defined in CVSS v3

SCOPE_CHANGED
SCOPE_CHANGED

Defined in CVSS v3

"SCOPE_UNSPECIFIED"
SCOPE_UNSPECIFIED

Defined in CVSS v3

"SCOPE_UNCHANGED"
SCOPE_UNCHANGED

Defined in CVSS v3

"SCOPE_CHANGED"
SCOPE_CHANGED

Defined in CVSS v3

CVSSUserInteraction

UserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

UserInteractionNone
USER_INTERACTION_NONE

Defined in CVSS v3

UserInteractionRequired
USER_INTERACTION_REQUIRED

Defined in CVSS v3

CVSSUserInteractionUserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

CVSSUserInteractionUserInteractionNone
USER_INTERACTION_NONE

Defined in CVSS v3

CVSSUserInteractionUserInteractionRequired
USER_INTERACTION_REQUIRED

Defined in CVSS v3

UserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

UserInteractionNone
USER_INTERACTION_NONE

Defined in CVSS v3

UserInteractionRequired
USER_INTERACTION_REQUIRED

Defined in CVSS v3

UserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

UserInteractionNone
USER_INTERACTION_NONE

Defined in CVSS v3

UserInteractionRequired
USER_INTERACTION_REQUIRED

Defined in CVSS v3

USER_INTERACTION_UNSPECIFIED
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

USER_INTERACTION_NONE
USER_INTERACTION_NONE

Defined in CVSS v3

USER_INTERACTION_REQUIRED
USER_INTERACTION_REQUIRED

Defined in CVSS v3

"USER_INTERACTION_UNSPECIFIED"
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

"USER_INTERACTION_NONE"
USER_INTERACTION_NONE

Defined in CVSS v3

"USER_INTERACTION_REQUIRED"
USER_INTERACTION_REQUIRED

Defined in CVSS v3

CisBenchmark

ProfileLevel int

The profile level of this CIS benchmark check.

Severity Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.CisBenchmarkSeverity

The severity level of this CIS benchmark check.

ProfileLevel int

The profile level of this CIS benchmark check.

Severity CisBenchmarkSeverity

The severity level of this CIS benchmark check.

profileLevel Integer

The profile level of this CIS benchmark check.

severity CisBenchmarkSeverity

The severity level of this CIS benchmark check.

profileLevel number

The profile level of this CIS benchmark check.

severity CisBenchmarkSeverity

The severity level of this CIS benchmark check.

profile_level int

The profile level of this CIS benchmark check.

severity CisBenchmarkSeverity

The severity level of this CIS benchmark check.

profileLevel Number

The profile level of this CIS benchmark check.

severity "SEVERITY_UNSPECIFIED" | "MINIMAL" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL"

The severity level of this CIS benchmark check.

CisBenchmarkResponse

ProfileLevel int

The profile level of this CIS benchmark check.

Severity string

The severity level of this CIS benchmark check.

ProfileLevel int

The profile level of this CIS benchmark check.

Severity string

The severity level of this CIS benchmark check.

profileLevel Integer

The profile level of this CIS benchmark check.

severity String

The severity level of this CIS benchmark check.

profileLevel number

The profile level of this CIS benchmark check.

severity string

The severity level of this CIS benchmark check.

profile_level int

The profile level of this CIS benchmark check.

severity str

The severity level of this CIS benchmark check.

profileLevel Number

The profile level of this CIS benchmark check.

severity String

The severity level of this CIS benchmark check.

CisBenchmarkSeverity

SeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown Impact

Minimal
MINIMAL

Minimal Impact

Low
LOW

Low Impact

Medium
MEDIUM

Medium Impact

High
HIGH

High Impact

Critical
CRITICAL

Critical Impact

CisBenchmarkSeveritySeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown Impact

CisBenchmarkSeverityMinimal
MINIMAL

Minimal Impact

CisBenchmarkSeverityLow
LOW

Low Impact

CisBenchmarkSeverityMedium
MEDIUM

Medium Impact

CisBenchmarkSeverityHigh
HIGH

High Impact

CisBenchmarkSeverityCritical
CRITICAL

Critical Impact

SeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown Impact

Minimal
MINIMAL

Minimal Impact

Low
LOW

Low Impact

Medium
MEDIUM

Medium Impact

High
HIGH

High Impact

Critical
CRITICAL

Critical Impact

SeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown Impact

Minimal
MINIMAL

Minimal Impact

Low
LOW

Low Impact

Medium
MEDIUM

Medium Impact

High
HIGH

High Impact

Critical
CRITICAL

Critical Impact

SEVERITY_UNSPECIFIED
SEVERITY_UNSPECIFIED

Unknown Impact

MINIMAL
MINIMAL

Minimal Impact

LOW
LOW

Low Impact

MEDIUM
MEDIUM

Medium Impact

HIGH
HIGH

High Impact

CRITICAL
CRITICAL

Critical Impact

"SEVERITY_UNSPECIFIED"
SEVERITY_UNSPECIFIED

Unknown Impact

"MINIMAL"
MINIMAL

Minimal Impact

"LOW"
LOW

Low Impact

"MEDIUM"
MEDIUM

Medium Impact

"HIGH"
HIGH

High Impact

"CRITICAL"
CRITICAL

Critical Impact

ComplianceNote

CisBenchmark Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.CisBenchmark

Right now we only have one compliance type, but we may add additional types in the future.

Description string

A description about this compliance check.

Rationale string

A rationale for the existence of this compliance check.

Remediation string

A description of remediation steps if the compliance check fails.

ScanInstructions string

Serialized scan instructions with a predefined format.

Title string

The title that identifies this compliance check.

Version List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.ComplianceVersion>

The OS and config versions the benchmark applies to.

CisBenchmark CisBenchmark

Right now we only have one compliance type, but we may add additional types in the future.

Description string

A description about this compliance check.

Rationale string

A rationale for the existence of this compliance check.

Remediation string

A description of remediation steps if the compliance check fails.

ScanInstructions string

Serialized scan instructions with a predefined format.

Title string

The title that identifies this compliance check.

Version []ComplianceVersion

The OS and config versions the benchmark applies to.

cisBenchmark CisBenchmark

Right now we only have one compliance type, but we may add additional types in the future.

description String

A description about this compliance check.

rationale String

A rationale for the existence of this compliance check.

remediation String

A description of remediation steps if the compliance check fails.

scanInstructions String

Serialized scan instructions with a predefined format.

title String

The title that identifies this compliance check.

version List<ComplianceVersion>

The OS and config versions the benchmark applies to.

cisBenchmark CisBenchmark

Right now we only have one compliance type, but we may add additional types in the future.

description string

A description about this compliance check.

rationale string

A rationale for the existence of this compliance check.

remediation string

A description of remediation steps if the compliance check fails.

scanInstructions string

Serialized scan instructions with a predefined format.

title string

The title that identifies this compliance check.

version ComplianceVersion[]

The OS and config versions the benchmark applies to.

cis_benchmark CisBenchmark

Right now we only have one compliance type, but we may add additional types in the future.

description str

A description about this compliance check.

rationale str

A rationale for the existence of this compliance check.

remediation str

A description of remediation steps if the compliance check fails.

scan_instructions str

Serialized scan instructions with a predefined format.

title str

The title that identifies this compliance check.

version Sequence[ComplianceVersion]

The OS and config versions the benchmark applies to.

cisBenchmark Property Map

Right now we only have one compliance type, but we may add additional types in the future.

description String

A description about this compliance check.

rationale String

A rationale for the existence of this compliance check.

remediation String

A description of remediation steps if the compliance check fails.

scanInstructions String

Serialized scan instructions with a predefined format.

title String

The title that identifies this compliance check.

version List<Property Map>

The OS and config versions the benchmark applies to.

ComplianceNoteResponse

CisBenchmark Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.CisBenchmarkResponse

Right now we only have one compliance type, but we may add additional types in the future.

Description string

A description about this compliance check.

Rationale string

A rationale for the existence of this compliance check.

Remediation string

A description of remediation steps if the compliance check fails.

ScanInstructions string

Serialized scan instructions with a predefined format.

Title string

The title that identifies this compliance check.

Version List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.ComplianceVersionResponse>

The OS and config versions the benchmark applies to.

CisBenchmark CisBenchmarkResponse

Right now we only have one compliance type, but we may add additional types in the future.

Description string

A description about this compliance check.

Rationale string

A rationale for the existence of this compliance check.

Remediation string

A description of remediation steps if the compliance check fails.

ScanInstructions string

Serialized scan instructions with a predefined format.

Title string

The title that identifies this compliance check.

Version []ComplianceVersionResponse

The OS and config versions the benchmark applies to.

cisBenchmark CisBenchmarkResponse

Right now we only have one compliance type, but we may add additional types in the future.

description String

A description about this compliance check.

rationale String

A rationale for the existence of this compliance check.

remediation String

A description of remediation steps if the compliance check fails.

scanInstructions String

Serialized scan instructions with a predefined format.

title String

The title that identifies this compliance check.

version List<ComplianceVersionResponse>

The OS and config versions the benchmark applies to.

cisBenchmark CisBenchmarkResponse

Right now we only have one compliance type, but we may add additional types in the future.

description string

A description about this compliance check.

rationale string

A rationale for the existence of this compliance check.

remediation string

A description of remediation steps if the compliance check fails.

scanInstructions string

Serialized scan instructions with a predefined format.

title string

The title that identifies this compliance check.

version ComplianceVersionResponse[]

The OS and config versions the benchmark applies to.

cis_benchmark CisBenchmarkResponse

Right now we only have one compliance type, but we may add additional types in the future.

description str

A description about this compliance check.

rationale str

A rationale for the existence of this compliance check.

remediation str

A description of remediation steps if the compliance check fails.

scan_instructions str

Serialized scan instructions with a predefined format.

title str

The title that identifies this compliance check.

version Sequence[ComplianceVersionResponse]

The OS and config versions the benchmark applies to.

cisBenchmark Property Map

Right now we only have one compliance type, but we may add additional types in the future.

description String

A description about this compliance check.

rationale String

A rationale for the existence of this compliance check.

remediation String

A description of remediation steps if the compliance check fails.

scanInstructions String

Serialized scan instructions with a predefined format.

title String

The title that identifies this compliance check.

version List<Property Map>

The OS and config versions the benchmark applies to.

ComplianceVersion

BenchmarkDocument string

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

CpeUri string

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

Version string

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

BenchmarkDocument string

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

CpeUri string

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

Version string

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

benchmarkDocument String

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

cpeUri String

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

version String

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

benchmarkDocument string

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

cpeUri string

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

version string

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

benchmark_document str

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

cpe_uri str

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

version str

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

benchmarkDocument String

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

cpeUri String

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

version String

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

ComplianceVersionResponse

BenchmarkDocument string

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

CpeUri string

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

Version string

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

BenchmarkDocument string

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

CpeUri string

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

Version string

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

benchmarkDocument String

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

cpeUri String

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

version String

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

benchmarkDocument string

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

cpeUri string

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

version string

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

benchmark_document str

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

cpe_uri str

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

version str

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

benchmarkDocument String

The name of the document that defines this benchmark, e.g. "CIS Container-Optimized OS".

cpeUri String

The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to.

version String

The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in.

DSSEAttestationNote

Hint Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DSSEHint

DSSEHint hints at the purpose of the attestation authority.

Hint DSSEHint

DSSEHint hints at the purpose of the attestation authority.

hint DSSEHint

DSSEHint hints at the purpose of the attestation authority.

hint DSSEHint

DSSEHint hints at the purpose of the attestation authority.

hint DSSEHint

DSSEHint hints at the purpose of the attestation authority.

hint Property Map

DSSEHint hints at the purpose of the attestation authority.

DSSEAttestationNoteResponse

Hint Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DSSEHintResponse

DSSEHint hints at the purpose of the attestation authority.

Hint DSSEHintResponse

DSSEHint hints at the purpose of the attestation authority.

hint DSSEHintResponse

DSSEHint hints at the purpose of the attestation authority.

hint DSSEHintResponse

DSSEHint hints at the purpose of the attestation authority.

hint DSSEHintResponse

DSSEHint hints at the purpose of the attestation authority.

hint Property Map

DSSEHint hints at the purpose of the attestation authority.

DSSEHint

HumanReadableName string

The human readable name of this attestation authority, for example "cloudbuild-prod".

HumanReadableName string

The human readable name of this attestation authority, for example "cloudbuild-prod".

humanReadableName String

The human readable name of this attestation authority, for example "cloudbuild-prod".

humanReadableName string

The human readable name of this attestation authority, for example "cloudbuild-prod".

human_readable_name str

The human readable name of this attestation authority, for example "cloudbuild-prod".

humanReadableName String

The human readable name of this attestation authority, for example "cloudbuild-prod".

DSSEHintResponse

HumanReadableName string

The human readable name of this attestation authority, for example "cloudbuild-prod".

HumanReadableName string

The human readable name of this attestation authority, for example "cloudbuild-prod".

humanReadableName String

The human readable name of this attestation authority, for example "cloudbuild-prod".

humanReadableName string

The human readable name of this attestation authority, for example "cloudbuild-prod".

human_readable_name str

The human readable name of this attestation authority, for example "cloudbuild-prod".

humanReadableName String

The human readable name of this attestation authority, for example "cloudbuild-prod".

Deployable

ResourceUri List<string>

Resource URI for the artifact being deployed.

ResourceUri []string

Resource URI for the artifact being deployed.

resourceUri List<String>

Resource URI for the artifact being deployed.

resourceUri string[]

Resource URI for the artifact being deployed.

resource_uri Sequence[str]

Resource URI for the artifact being deployed.

resourceUri List<String>

Resource URI for the artifact being deployed.

DeployableResponse

ResourceUri List<string>

Resource URI for the artifact being deployed.

ResourceUri []string

Resource URI for the artifact being deployed.

resourceUri List<String>

Resource URI for the artifact being deployed.

resourceUri string[]

Resource URI for the artifact being deployed.

resource_uri Sequence[str]

Resource URI for the artifact being deployed.

resourceUri List<String>

Resource URI for the artifact being deployed.

Detail

CpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

Description string

A vendor-specific description of this note.

FixedLocation Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VulnerabilityLocation

The fix for this specific package version.

IsObsolete bool

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

MaxAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.Version

The max version of the package in which the vulnerability exists.

MinAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.Version

The min version of the package in which the vulnerability exists.

Package string

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

PackageType string

The type of package; whether native or non native(ruby gems, node.js packages etc)

SeverityName string

The severity (eg: distro assigned severity) for this vulnerability.

Source string

The source from which the information in this Detail was obtained.

Vendor string

The vendor of the product. e.g. "google"

CpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

Description string

A vendor-specific description of this note.

FixedLocation VulnerabilityLocation

The fix for this specific package version.

IsObsolete bool

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

MaxAffectedVersion Version

The max version of the package in which the vulnerability exists.

MinAffectedVersion Version

The min version of the package in which the vulnerability exists.

Package string

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

PackageType string

The type of package; whether native or non native(ruby gems, node.js packages etc)

SeverityName string

The severity (eg: distro assigned severity) for this vulnerability.

Source string

The source from which the information in this Detail was obtained.

Vendor string

The vendor of the product. e.g. "google"

cpeUri String

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

description String

A vendor-specific description of this note.

fixedLocation VulnerabilityLocation

The fix for this specific package version.

isObsolete Boolean

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion Version

The max version of the package in which the vulnerability exists.

minAffectedVersion Version

The min version of the package in which the vulnerability exists.

packageType String

The type of package; whether native or non native(ruby gems, node.js packages etc)

package_ String

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

severityName String

The severity (eg: distro assigned severity) for this vulnerability.

source String

The source from which the information in this Detail was obtained.

vendor String

The vendor of the product. e.g. "google"

cpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

description string

A vendor-specific description of this note.

fixedLocation VulnerabilityLocation

The fix for this specific package version.

isObsolete boolean

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion Version

The max version of the package in which the vulnerability exists.

minAffectedVersion Version

The min version of the package in which the vulnerability exists.

package string

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

packageType string

The type of package; whether native or non native(ruby gems, node.js packages etc)

severityName string

The severity (eg: distro assigned severity) for this vulnerability.

source string

The source from which the information in this Detail was obtained.

vendor string

The vendor of the product. e.g. "google"

cpe_uri str

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

description str

A vendor-specific description of this note.

fixed_location VulnerabilityLocation

The fix for this specific package version.

is_obsolete bool

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

max_affected_version Version

The max version of the package in which the vulnerability exists.

min_affected_version Version

The min version of the package in which the vulnerability exists.

package str

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

package_type str

The type of package; whether native or non native(ruby gems, node.js packages etc)

severity_name str

The severity (eg: distro assigned severity) for this vulnerability.

source str

The source from which the information in this Detail was obtained.

vendor str

The vendor of the product. e.g. "google"

cpeUri String

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

description String

A vendor-specific description of this note.

fixedLocation Property Map

The fix for this specific package version.

isObsolete Boolean

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion Property Map

The max version of the package in which the vulnerability exists.

minAffectedVersion Property Map

The min version of the package in which the vulnerability exists.

package String

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

packageType String

The type of package; whether native or non native(ruby gems, node.js packages etc)

severityName String

The severity (eg: distro assigned severity) for this vulnerability.

source String

The source from which the information in this Detail was obtained.

vendor String

The vendor of the product. e.g. "google"

DetailResponse

CpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

Description string

A vendor-specific description of this note.

FixedLocation Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VulnerabilityLocationResponse

The fix for this specific package version.

IsObsolete bool

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

MaxAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionResponse

The max version of the package in which the vulnerability exists.

MinAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionResponse

The min version of the package in which the vulnerability exists.

Package string

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

PackageType string

The type of package; whether native or non native(ruby gems, node.js packages etc)

SeverityName string

The severity (eg: distro assigned severity) for this vulnerability.

Source string

The source from which the information in this Detail was obtained.

Vendor string

The vendor of the product. e.g. "google"

CpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

Description string

A vendor-specific description of this note.

FixedLocation VulnerabilityLocationResponse

The fix for this specific package version.

IsObsolete bool

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

MaxAffectedVersion VersionResponse

The max version of the package in which the vulnerability exists.

MinAffectedVersion VersionResponse

The min version of the package in which the vulnerability exists.

Package string

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

PackageType string

The type of package; whether native or non native(ruby gems, node.js packages etc)

SeverityName string

The severity (eg: distro assigned severity) for this vulnerability.

Source string

The source from which the information in this Detail was obtained.

Vendor string

The vendor of the product. e.g. "google"

cpeUri String

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

description String

A vendor-specific description of this note.

fixedLocation VulnerabilityLocationResponse

The fix for this specific package version.

isObsolete Boolean

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion VersionResponse

The max version of the package in which the vulnerability exists.

minAffectedVersion VersionResponse

The min version of the package in which the vulnerability exists.

packageType String

The type of package; whether native or non native(ruby gems, node.js packages etc)

package_ String

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

severityName String

The severity (eg: distro assigned severity) for this vulnerability.

source String

The source from which the information in this Detail was obtained.

vendor String

The vendor of the product. e.g. "google"

cpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

description string

A vendor-specific description of this note.

fixedLocation VulnerabilityLocationResponse

The fix for this specific package version.

isObsolete boolean

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion VersionResponse

The max version of the package in which the vulnerability exists.

minAffectedVersion VersionResponse

The min version of the package in which the vulnerability exists.

package string

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

packageType string

The type of package; whether native or non native(ruby gems, node.js packages etc)

severityName string

The severity (eg: distro assigned severity) for this vulnerability.

source string

The source from which the information in this Detail was obtained.

vendor string

The vendor of the product. e.g. "google"

cpe_uri str

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

description str

A vendor-specific description of this note.

fixed_location VulnerabilityLocationResponse

The fix for this specific package version.

is_obsolete bool

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

max_affected_version VersionResponse

The max version of the package in which the vulnerability exists.

min_affected_version VersionResponse

The min version of the package in which the vulnerability exists.

package str

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

package_type str

The type of package; whether native or non native(ruby gems, node.js packages etc)

severity_name str

The severity (eg: distro assigned severity) for this vulnerability.

source str

The source from which the information in this Detail was obtained.

vendor str

The vendor of the product. e.g. "google"

cpeUri String

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

description String

A vendor-specific description of this note.

fixedLocation Property Map

The fix for this specific package version.

isObsolete Boolean

Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion Property Map

The max version of the package in which the vulnerability exists.

minAffectedVersion Property Map

The min version of the package in which the vulnerability exists.

package String

The name of the package where the vulnerability was found. This field can be used as a filter in list requests.

packageType String

The type of package; whether native or non native(ruby gems, node.js packages etc)

severityName String

The severity (eg: distro assigned severity) for this vulnerability.

source String

The source from which the information in this Detail was obtained.

vendor String

The vendor of the product. e.g. "google"

Digest

Algo string

SHA1, SHA512 etc.

DigestBytes string

Value of the digest.

Algo string

SHA1, SHA512 etc.

DigestBytes string

Value of the digest.

algo String

SHA1, SHA512 etc.

digestBytes String

Value of the digest.

algo string

SHA1, SHA512 etc.

digestBytes string

Value of the digest.

algo str

SHA1, SHA512 etc.

digest_bytes str

Value of the digest.

algo String

SHA1, SHA512 etc.

digestBytes String

Value of the digest.

DigestResponse

Algo string

SHA1, SHA512 etc.

DigestBytes string

Value of the digest.

Algo string

SHA1, SHA512 etc.

DigestBytes string

Value of the digest.

algo String

SHA1, SHA512 etc.

digestBytes String

Value of the digest.

algo string

SHA1, SHA512 etc.

digestBytes string

Value of the digest.

algo str

SHA1, SHA512 etc.

digest_bytes str

Value of the digest.

algo String

SHA1, SHA512 etc.

digestBytes String

Value of the digest.

Discovery

AnalysisKind Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.DiscoveryAnalysisKind

The kind of analysis that is handled by this discovery.

AnalysisKind DiscoveryAnalysisKind

The kind of analysis that is handled by this discovery.

analysisKind DiscoveryAnalysisKind

The kind of analysis that is handled by this discovery.

analysisKind DiscoveryAnalysisKind

The kind of analysis that is handled by this discovery.

analysis_kind DiscoveryAnalysisKind

The kind of analysis that is handled by this discovery.

DiscoveryAnalysisKind

KindUnspecified
KIND_UNSPECIFIED

Unknown

PackageVulnerability
PACKAGE_VULNERABILITY

The note and occurrence represent a package vulnerability.

BuildDetails
BUILD_DETAILS

The note and occurrence assert build provenance.

ImageBasis
IMAGE_BASIS

This represents an image basis relationship.

PackageManager
PACKAGE_MANAGER

This represents a package installed via a package manager.

Deployable
DEPLOYABLE

The note and occurrence track deployment events.

Discovery
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

AttestationAuthority
ATTESTATION_AUTHORITY

This represents a logical "role" that can attest to artifacts.

Upgrade
UPGRADE

This represents an available software upgrade.

Compliance
COMPLIANCE

This represents a compliance check that can be applied to a resource.

Sbom
SBOM

This represents a software bill of materials.

SpdxPackage
SPDX_PACKAGE

This represents an SPDX Package.

SpdxFile
SPDX_FILE

This represents an SPDX File.

SpdxRelationship
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

DsseAttestation
DSSE_ATTESTATION

This represents a DSSE attestation Note

DiscoveryAnalysisKindKindUnspecified
KIND_UNSPECIFIED

Unknown

DiscoveryAnalysisKindPackageVulnerability
PACKAGE_VULNERABILITY

The note and occurrence represent a package vulnerability.

DiscoveryAnalysisKindBuildDetails
BUILD_DETAILS

The note and occurrence assert build provenance.

DiscoveryAnalysisKindImageBasis
IMAGE_BASIS

This represents an image basis relationship.

DiscoveryAnalysisKindPackageManager
PACKAGE_MANAGER

This represents a package installed via a package manager.

DiscoveryAnalysisKindDeployable
DEPLOYABLE

The note and occurrence track deployment events.

DiscoveryAnalysisKindDiscovery
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

DiscoveryAnalysisKindAttestationAuthority
ATTESTATION_AUTHORITY

This represents a logical "role" that can attest to artifacts.

DiscoveryAnalysisKindUpgrade
UPGRADE

This represents an available software upgrade.

DiscoveryAnalysisKindCompliance
COMPLIANCE

This represents a compliance check that can be applied to a resource.

DiscoveryAnalysisKindSbom
SBOM

This represents a software bill of materials.

DiscoveryAnalysisKindSpdxPackage
SPDX_PACKAGE

This represents an SPDX Package.

DiscoveryAnalysisKindSpdxFile
SPDX_FILE

This represents an SPDX File.

DiscoveryAnalysisKindSpdxRelationship
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

DiscoveryAnalysisKindDsseAttestation
DSSE_ATTESTATION

This represents a DSSE attestation Note

KindUnspecified
KIND_UNSPECIFIED

Unknown

PackageVulnerability
PACKAGE_VULNERABILITY

The note and occurrence represent a package vulnerability.

BuildDetails
BUILD_DETAILS

The note and occurrence assert build provenance.

ImageBasis
IMAGE_BASIS

This represents an image basis relationship.

PackageManager
PACKAGE_MANAGER

This represents a package installed via a package manager.

Deployable
DEPLOYABLE

The note and occurrence track deployment events.

Discovery
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

AttestationAuthority
ATTESTATION_AUTHORITY

This represents a logical "role" that can attest to artifacts.

Upgrade
UPGRADE

This represents an available software upgrade.

Compliance
COMPLIANCE

This represents a compliance check that can be applied to a resource.

Sbom
SBOM

This represents a software bill of materials.

SpdxPackage
SPDX_PACKAGE

This represents an SPDX Package.

SpdxFile
SPDX_FILE

This represents an SPDX File.

SpdxRelationship
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

DsseAttestation
DSSE_ATTESTATION

This represents a DSSE attestation Note

KindUnspecified
KIND_UNSPECIFIED

Unknown

PackageVulnerability
PACKAGE_VULNERABILITY

The note and occurrence represent a package vulnerability.

BuildDetails
BUILD_DETAILS

The note and occurrence assert build provenance.

ImageBasis
IMAGE_BASIS

This represents an image basis relationship.

PackageManager
PACKAGE_MANAGER

This represents a package installed via a package manager.

Deployable
DEPLOYABLE

The note and occurrence track deployment events.

Discovery
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

AttestationAuthority
ATTESTATION_AUTHORITY

This represents a logical "role" that can attest to artifacts.

Upgrade
UPGRADE

This represents an available software upgrade.

Compliance
COMPLIANCE

This represents a compliance check that can be applied to a resource.

Sbom
SBOM

This represents a software bill of materials.

SpdxPackage
SPDX_PACKAGE

This represents an SPDX Package.

SpdxFile
SPDX_FILE

This represents an SPDX File.

SpdxRelationship
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

DsseAttestation
DSSE_ATTESTATION

This represents a DSSE attestation Note

KIND_UNSPECIFIED
KIND_UNSPECIFIED

Unknown

PACKAGE_VULNERABILITY
PACKAGE_VULNERABILITY

The note and occurrence represent a package vulnerability.

BUILD_DETAILS
BUILD_DETAILS

The note and occurrence assert build provenance.

IMAGE_BASIS
IMAGE_BASIS

This represents an image basis relationship.

PACKAGE_MANAGER
PACKAGE_MANAGER

This represents a package installed via a package manager.

DEPLOYABLE
DEPLOYABLE

The note and occurrence track deployment events.

DISCOVERY
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

ATTESTATION_AUTHORITY
ATTESTATION_AUTHORITY

This represents a logical "role" that can attest to artifacts.

UPGRADE
UPGRADE

This represents an available software upgrade.

COMPLIANCE
COMPLIANCE

This represents a compliance check that can be applied to a resource.

SBOM
SBOM

This represents a software bill of materials.

SPDX_PACKAGE
SPDX_PACKAGE

This represents an SPDX Package.

SPDX_FILE
SPDX_FILE

This represents an SPDX File.

SPDX_RELATIONSHIP
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

DSSE_ATTESTATION
DSSE_ATTESTATION

This represents a DSSE attestation Note

"KIND_UNSPECIFIED"
KIND_UNSPECIFIED

Unknown

"PACKAGE_VULNERABILITY"
PACKAGE_VULNERABILITY

The note and occurrence represent a package vulnerability.

"BUILD_DETAILS"
BUILD_DETAILS

The note and occurrence assert build provenance.

"IMAGE_BASIS"
IMAGE_BASIS

This represents an image basis relationship.

"PACKAGE_MANAGER"
PACKAGE_MANAGER

This represents a package installed via a package manager.

"DEPLOYABLE"
DEPLOYABLE

The note and occurrence track deployment events.

"DISCOVERY"
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

"ATTESTATION_AUTHORITY"
ATTESTATION_AUTHORITY

This represents a logical "role" that can attest to artifacts.

"UPGRADE"
UPGRADE

This represents an available software upgrade.

"COMPLIANCE"
COMPLIANCE

This represents a compliance check that can be applied to a resource.

"SBOM"
SBOM

This represents a software bill of materials.

"SPDX_PACKAGE"
SPDX_PACKAGE

This represents an SPDX Package.

"SPDX_FILE"
SPDX_FILE

This represents an SPDX File.

"SPDX_RELATIONSHIP"
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

"DSSE_ATTESTATION"
DSSE_ATTESTATION

This represents a DSSE attestation Note

DiscoveryResponse

AnalysisKind string

The kind of analysis that is handled by this discovery.

AnalysisKind string

The kind of analysis that is handled by this discovery.

analysisKind String

The kind of analysis that is handled by this discovery.

analysisKind string

The kind of analysis that is handled by this discovery.

analysis_kind str

The kind of analysis that is handled by this discovery.

analysisKind String

The kind of analysis that is handled by this discovery.

Distribution

Architecture Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.DistributionArchitecture

The CPU architecture for which packages in this distribution channel were built

CpeUri string

The cpe_uri in cpe format denoting the package manager version distributing a package.

Description string

The distribution channel-specific description of this package.

LatestVersion Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.Version

The latest available version of this package in this distribution channel.

Maintainer string

A freeform string denoting the maintainer of this package.

Url string

The distribution channel-specific homepage for this package.

Architecture DistributionArchitecture

The CPU architecture for which packages in this distribution channel were built

CpeUri string

The cpe_uri in cpe format denoting the package manager version distributing a package.

Description string

The distribution channel-specific description of this package.

LatestVersion Version

The latest available version of this package in this distribution channel.

Maintainer string

A freeform string denoting the maintainer of this package.

Url string

The distribution channel-specific homepage for this package.

architecture DistributionArchitecture

The CPU architecture for which packages in this distribution channel were built

cpeUri String

The cpe_uri in cpe format denoting the package manager version distributing a package.

description String

The distribution channel-specific description of this package.

latestVersion Version

The latest available version of this package in this distribution channel.

maintainer String

A freeform string denoting the maintainer of this package.

url String

The distribution channel-specific homepage for this package.

architecture DistributionArchitecture

The CPU architecture for which packages in this distribution channel were built

cpeUri string

The cpe_uri in cpe format denoting the package manager version distributing a package.

description string

The distribution channel-specific description of this package.

latestVersion Version

The latest available version of this package in this distribution channel.

maintainer string

A freeform string denoting the maintainer of this package.

url string

The distribution channel-specific homepage for this package.

architecture DistributionArchitecture

The CPU architecture for which packages in this distribution channel were built

cpe_uri str

The cpe_uri in cpe format denoting the package manager version distributing a package.

description str

The distribution channel-specific description of this package.

latest_version Version

The latest available version of this package in this distribution channel.

maintainer str

A freeform string denoting the maintainer of this package.

url str

The distribution channel-specific homepage for this package.

architecture "ARCHITECTURE_UNSPECIFIED" | "X86" | "X64"

The CPU architecture for which packages in this distribution channel were built

cpeUri String

The cpe_uri in cpe format denoting the package manager version distributing a package.

description String

The distribution channel-specific description of this package.

latestVersion Property Map

The latest available version of this package in this distribution channel.

maintainer String

A freeform string denoting the maintainer of this package.

url String

The distribution channel-specific homepage for this package.

DistributionArchitecture

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture

X86
X86

X86 architecture

X64
X64

X64 architecture

DistributionArchitectureArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture

DistributionArchitectureX86
X86

X86 architecture

DistributionArchitectureX64
X64

X64 architecture

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture

X86
X86

X86 architecture

X64
X64

X64 architecture

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture

X86
X86

X86 architecture

X64
X64

X64 architecture

ARCHITECTURE_UNSPECIFIED
ARCHITECTURE_UNSPECIFIED

Unknown architecture

X86
X86

X86 architecture

X64
X64

X64 architecture

"ARCHITECTURE_UNSPECIFIED"
ARCHITECTURE_UNSPECIFIED

Unknown architecture

"X86"
X86

X86 architecture

"X64"
X64

X64 architecture

DistributionResponse

Architecture string

The CPU architecture for which packages in this distribution channel were built

CpeUri string

The cpe_uri in cpe format denoting the package manager version distributing a package.

Description string

The distribution channel-specific description of this package.

LatestVersion Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionResponse

The latest available version of this package in this distribution channel.

Maintainer string

A freeform string denoting the maintainer of this package.

Url string

The distribution channel-specific homepage for this package.

Architecture string

The CPU architecture for which packages in this distribution channel were built

CpeUri string

The cpe_uri in cpe format denoting the package manager version distributing a package.

Description string

The distribution channel-specific description of this package.

LatestVersion VersionResponse

The latest available version of this package in this distribution channel.

Maintainer string

A freeform string denoting the maintainer of this package.

Url string

The distribution channel-specific homepage for this package.

architecture String

The CPU architecture for which packages in this distribution channel were built

cpeUri String

The cpe_uri in cpe format denoting the package manager version distributing a package.

description String

The distribution channel-specific description of this package.

latestVersion VersionResponse

The latest available version of this package in this distribution channel.

maintainer String

A freeform string denoting the maintainer of this package.

url String

The distribution channel-specific homepage for this package.

architecture string

The CPU architecture for which packages in this distribution channel were built

cpeUri string

The cpe_uri in cpe format denoting the package manager version distributing a package.

description string

The distribution channel-specific description of this package.

latestVersion VersionResponse

The latest available version of this package in this distribution channel.

maintainer string

A freeform string denoting the maintainer of this package.

url string

The distribution channel-specific homepage for this package.

architecture str

The CPU architecture for which packages in this distribution channel were built

cpe_uri str

The cpe_uri in cpe format denoting the package manager version distributing a package.

description str

The distribution channel-specific description of this package.

latest_version VersionResponse

The latest available version of this package in this distribution channel.

maintainer str

A freeform string denoting the maintainer of this package.

url str

The distribution channel-specific homepage for this package.

architecture String

The CPU architecture for which packages in this distribution channel were built

cpeUri String

The cpe_uri in cpe format denoting the package manager version distributing a package.

description String

The distribution channel-specific description of this package.

latestVersion Property Map

The latest available version of this package in this distribution channel.

maintainer String

A freeform string denoting the maintainer of this package.

url String

The distribution channel-specific homepage for this package.

DocumentNote

DataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

SpdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

DataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

SpdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence String

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion String

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

data_licence str

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdx_version str

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence String

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion String

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

DocumentNoteResponse

DataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

SpdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

DataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

SpdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence String

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion String

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

data_licence str

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdx_version str

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence String

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion String

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

ExternalRef

Category Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.ExternalRefCategory

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

Comment string

Human-readable information about the purpose and target of the reference

Locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

Type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

Category ExternalRefCategory

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

Comment string

Human-readable information about the purpose and target of the reference

Locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

Type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category ExternalRefCategory

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment String

Human-readable information about the purpose and target of the reference

locator String

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type String

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category ExternalRefCategory

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment string

Human-readable information about the purpose and target of the reference

locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category ExternalRefCategory

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment str

Human-readable information about the purpose and target of the reference

locator str

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type str

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category "CATEGORY_UNSPECIFIED" | "SECURITY" | "PACKAGE_MANAGER" | "PERSISTENT_ID" | "OTHER"

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment String

Human-readable information about the purpose and target of the reference

locator String

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type String

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

ExternalRefCategory

CategoryUnspecified
CATEGORY_UNSPECIFIED

Unspecified

Security
SECURITY

Security (e.g. cpe22Type, cpe23Type)

PackageManager
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

PersistentId
PERSISTENT_ID

Persistent-Id (e.g. swh)

Other
OTHER

Other

ExternalRefCategoryCategoryUnspecified
CATEGORY_UNSPECIFIED

Unspecified

ExternalRefCategorySecurity
SECURITY

Security (e.g. cpe22Type, cpe23Type)

ExternalRefCategoryPackageManager
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

ExternalRefCategoryPersistentId
PERSISTENT_ID

Persistent-Id (e.g. swh)

ExternalRefCategoryOther
OTHER

Other

CategoryUnspecified
CATEGORY_UNSPECIFIED

Unspecified

Security
SECURITY

Security (e.g. cpe22Type, cpe23Type)

PackageManager
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

PersistentId
PERSISTENT_ID

Persistent-Id (e.g. swh)

Other
OTHER

Other

CategoryUnspecified
CATEGORY_UNSPECIFIED

Unspecified

Security
SECURITY

Security (e.g. cpe22Type, cpe23Type)

PackageManager
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

PersistentId
PERSISTENT_ID

Persistent-Id (e.g. swh)

Other
OTHER

Other

CATEGORY_UNSPECIFIED
CATEGORY_UNSPECIFIED

Unspecified

SECURITY
SECURITY

Security (e.g. cpe22Type, cpe23Type)

PACKAGE_MANAGER
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

PERSISTENT_ID
PERSISTENT_ID

Persistent-Id (e.g. swh)

OTHER
OTHER

Other

"CATEGORY_UNSPECIFIED"
CATEGORY_UNSPECIFIED

Unspecified

"SECURITY"
SECURITY

Security (e.g. cpe22Type, cpe23Type)

"PACKAGE_MANAGER"
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

"PERSISTENT_ID"
PERSISTENT_ID

Persistent-Id (e.g. swh)

"OTHER"
OTHER

Other

ExternalRefResponse

Category string

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

Comment string

Human-readable information about the purpose and target of the reference

Locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

Type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

Category string

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

Comment string

Human-readable information about the purpose and target of the reference

Locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

Type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category String

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment String

Human-readable information about the purpose and target of the reference

locator String

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type String

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category string

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment string

Human-readable information about the purpose and target of the reference

locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category str

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment str

Human-readable information about the purpose and target of the reference

locator str

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type str

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category String

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment String

Human-readable information about the purpose and target of the reference

locator String

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type String

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

FileLocation

FilePath string

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

FilePath string

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

filePath String

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

filePath string

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

file_path str

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

filePath String

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

FileLocationResponse

FilePath string

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

FilePath string

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

filePath String

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

filePath string

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

file_path str

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

filePath String

For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.

FileNote

Checksum List<string>

Provide a unique identifier to match analysis information on each specific file in a package

FileType Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.FileNoteFileType

This field provides information about the type of file identified

Title string

Identify the full path and filename that corresponds to the file information in this section

Checksum []string

Provide a unique identifier to match analysis information on each specific file in a package

FileType FileNoteFileType

This field provides information about the type of file identified

Title string

Identify the full path and filename that corresponds to the file information in this section

checksum List<String>

Provide a unique identifier to match analysis information on each specific file in a package

fileType FileNoteFileType

This field provides information about the type of file identified

title String

Identify the full path and filename that corresponds to the file information in this section

checksum string[]

Provide a unique identifier to match analysis information on each specific file in a package

fileType FileNoteFileType

This field provides information about the type of file identified

title string

Identify the full path and filename that corresponds to the file information in this section

checksum Sequence[str]

Provide a unique identifier to match analysis information on each specific file in a package

file_type FileNoteFileType

This field provides information about the type of file identified

title str

Identify the full path and filename that corresponds to the file information in this section

checksum List<String>

Provide a unique identifier to match analysis information on each specific file in a package

fileType "FILE_TYPE_UNSPECIFIED" | "SOURCE" | "BINARY" | "ARCHIVE" | "APPLICATION" | "AUDIO" | "IMAGE" | "TEXT" | "VIDEO" | "DOCUMENTATION" | "SPDX" | "OTHER"

This field provides information about the type of file identified

title String

Identify the full path and filename that corresponds to the file information in this section

FileNoteFileType

FileTypeUnspecified
FILE_TYPE_UNSPECIFIED

Unspecified

Source
SOURCE

The file is human readable source code (.c, .html, etc.)

Binary
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

Archive
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

Application
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

Audio
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

Image
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

Text
TEXT

The file is human readable text file (MIME type of text/*)

Video
VIDEO

The file is associated with a video file type (MIME type of video/*)

Documentation
DOCUMENTATION

The file serves as documentation

Spdx
SPDX

The file is an SPDX document

Other
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

FileNoteFileTypeFileTypeUnspecified
FILE_TYPE_UNSPECIFIED

Unspecified

FileNoteFileTypeSource
SOURCE

The file is human readable source code (.c, .html, etc.)

FileNoteFileTypeBinary
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

FileNoteFileTypeArchive
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

FileNoteFileTypeApplication
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

FileNoteFileTypeAudio
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

FileNoteFileTypeImage
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

FileNoteFileTypeText
TEXT

The file is human readable text file (MIME type of text/*)

FileNoteFileTypeVideo
VIDEO

The file is associated with a video file type (MIME type of video/*)

FileNoteFileTypeDocumentation
DOCUMENTATION

The file serves as documentation

FileNoteFileTypeSpdx
SPDX

The file is an SPDX document

FileNoteFileTypeOther
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

FileTypeUnspecified
FILE_TYPE_UNSPECIFIED

Unspecified

Source
SOURCE

The file is human readable source code (.c, .html, etc.)

Binary
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

Archive
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

Application
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

Audio
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

Image
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

Text
TEXT

The file is human readable text file (MIME type of text/*)

Video
VIDEO

The file is associated with a video file type (MIME type of video/*)

Documentation
DOCUMENTATION

The file serves as documentation

Spdx
SPDX

The file is an SPDX document

Other
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

FileTypeUnspecified
FILE_TYPE_UNSPECIFIED

Unspecified

Source
SOURCE

The file is human readable source code (.c, .html, etc.)

Binary
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

Archive
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

Application
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

Audio
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

Image
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

Text
TEXT

The file is human readable text file (MIME type of text/*)

Video
VIDEO

The file is associated with a video file type (MIME type of video/*)

Documentation
DOCUMENTATION

The file serves as documentation

Spdx
SPDX

The file is an SPDX document

Other
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

FILE_TYPE_UNSPECIFIED
FILE_TYPE_UNSPECIFIED

Unspecified

SOURCE
SOURCE

The file is human readable source code (.c, .html, etc.)

BINARY
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

ARCHIVE
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

APPLICATION
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

AUDIO
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

IMAGE
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

TEXT
TEXT

The file is human readable text file (MIME type of text/*)

VIDEO
VIDEO

The file is associated with a video file type (MIME type of video/*)

DOCUMENTATION
DOCUMENTATION

The file serves as documentation

SPDX
SPDX

The file is an SPDX document

OTHER
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

"FILE_TYPE_UNSPECIFIED"
FILE_TYPE_UNSPECIFIED

Unspecified

"SOURCE"
SOURCE

The file is human readable source code (.c, .html, etc.)

"BINARY"
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

"ARCHIVE"
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

"APPLICATION"
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

"AUDIO"
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

"IMAGE"
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

"TEXT"
TEXT

The file is human readable text file (MIME type of text/*)

"VIDEO"
VIDEO

The file is associated with a video file type (MIME type of video/*)

"DOCUMENTATION"
DOCUMENTATION

The file serves as documentation

"SPDX"
SPDX

The file is an SPDX document

"OTHER"
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

FileNoteResponse

Checksum List<string>

Provide a unique identifier to match analysis information on each specific file in a package

FileType string

This field provides information about the type of file identified

Title string

Identify the full path and filename that corresponds to the file information in this section

Checksum []string

Provide a unique identifier to match analysis information on each specific file in a package

FileType string

This field provides information about the type of file identified

Title string

Identify the full path and filename that corresponds to the file information in this section

checksum List<String>

Provide a unique identifier to match analysis information on each specific file in a package

fileType String

This field provides information about the type of file identified

title String

Identify the full path and filename that corresponds to the file information in this section

checksum string[]

Provide a unique identifier to match analysis information on each specific file in a package

fileType string

This field provides information about the type of file identified

title string

Identify the full path and filename that corresponds to the file information in this section

checksum Sequence[str]

Provide a unique identifier to match analysis information on each specific file in a package

file_type str

This field provides information about the type of file identified

title str

Identify the full path and filename that corresponds to the file information in this section

checksum List<String>

Provide a unique identifier to match analysis information on each specific file in a package

fileType String

This field provides information about the type of file identified

title String

Identify the full path and filename that corresponds to the file information in this section

Fingerprint

V1Name string

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

V2Blob List<string>

The ordered list of v2 blobs that represent a given image.

V1Name string

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

V2Blob []string

The ordered list of v2 blobs that represent a given image.

v1Name String

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

v2Blob List<String>

The ordered list of v2 blobs that represent a given image.

v1Name string

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

v2Blob string[]

The ordered list of v2 blobs that represent a given image.

v1_name str

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

v2_blob Sequence[str]

The ordered list of v2 blobs that represent a given image.

v1Name String

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

v2Blob List<String>

The ordered list of v2 blobs that represent a given image.

FingerprintResponse

V1Name string

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

V2Blob List<string>

The ordered list of v2 blobs that represent a given image.

V2Name string

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.

V1Name string

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

V2Blob []string

The ordered list of v2 blobs that represent a given image.

V2Name string

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.

v1Name String

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

v2Blob List<String>

The ordered list of v2 blobs that represent a given image.

v2Name String

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.

v1Name string

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

v2Blob string[]

The ordered list of v2 blobs that represent a given image.

v2Name string

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.

v1_name str

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

v2_blob Sequence[str]

The ordered list of v2 blobs that represent a given image.

v2_name str

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.

v1Name String

The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests.

v2Blob List<String>

The ordered list of v2 blobs that represent a given image.

v2Name String

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests.

License

Comments string

Comments

Expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

Comments string

Comments

Expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments String

Comments

expression String

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments string

Comments

expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments str

Comments

expression str

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments String

Comments

expression String

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

LicenseResponse

Comments string

Comments

Expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

Comments string

Comments

Expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments String

Comments

expression String

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments string

Comments

expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments str

Comments

expression str

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments String

Comments

expression String

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

Package

Architecture Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.PackageArchitecture

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

Description string

The description of this package.

Digest List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.Digest>

Hash value, typically a file digest, that allows unique identification a specific package.

Distribution List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.Distribution>

The various channels by which a package is distributed.

License Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.License

Licenses that have been declared by the authors of the package.

Maintainer string

A freeform text denoting the maintainer of this package.

Name string

The name of the package.

PackageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Url string

The homepage for this package.

Version Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.Version

The version of the package.

Architecture PackageArchitecture

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

Description string

The description of this package.

Digest []Digest

Hash value, typically a file digest, that allows unique identification a specific package.

Distribution []Distribution

The various channels by which a package is distributed.

License License

Licenses that have been declared by the authors of the package.

Maintainer string

A freeform text denoting the maintainer of this package.

Name string

The name of the package.

PackageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Url string

The homepage for this package.

Version Version

The version of the package.

architecture PackageArchitecture

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description String

The description of this package.

digest List<Digest>

Hash value, typically a file digest, that allows unique identification a specific package.

distribution List<Distribution>

The various channels by which a package is distributed.

license License

Licenses that have been declared by the authors of the package.

maintainer String

A freeform text denoting the maintainer of this package.

name String

The name of the package.

packageType String

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url String

The homepage for this package.

version Version

The version of the package.

architecture PackageArchitecture

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description string

The description of this package.

digest Digest[]

Hash value, typically a file digest, that allows unique identification a specific package.

distribution Distribution[]

The various channels by which a package is distributed.

license License

Licenses that have been declared by the authors of the package.

maintainer string

A freeform text denoting the maintainer of this package.

name string

The name of the package.

packageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url string

The homepage for this package.

version Version

The version of the package.

architecture PackageArchitecture

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpe_uri str

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description str

The description of this package.

digest Sequence[Digest]

Hash value, typically a file digest, that allows unique identification a specific package.

distribution Sequence[Distribution]

The various channels by which a package is distributed.

license License

Licenses that have been declared by the authors of the package.

maintainer str

A freeform text denoting the maintainer of this package.

name str

The name of the package.

package_type str

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url str

The homepage for this package.

version Version

The version of the package.

architecture "ARCHITECTURE_UNSPECIFIED" | "X86" | "X64"

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description String

The description of this package.

digest List<Property Map>

Hash value, typically a file digest, that allows unique identification a specific package.

distribution List<Property Map>

The various channels by which a package is distributed.

license Property Map

Licenses that have been declared by the authors of the package.

maintainer String

A freeform text denoting the maintainer of this package.

name String

The name of the package.

packageType String

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url String

The homepage for this package.

version Property Map

The version of the package.

PackageArchitecture

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture

X86
X86

X86 architecture

X64
X64

X64 architecture

PackageArchitectureArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture

PackageArchitectureX86
X86

X86 architecture

PackageArchitectureX64
X64

X64 architecture

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture

X86
X86

X86 architecture

X64
X64

X64 architecture

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture

X86
X86

X86 architecture

X64
X64

X64 architecture

ARCHITECTURE_UNSPECIFIED
ARCHITECTURE_UNSPECIFIED

Unknown architecture

X86
X86

X86 architecture

X64
X64

X64 architecture

"ARCHITECTURE_UNSPECIFIED"
ARCHITECTURE_UNSPECIFIED

Unknown architecture

"X86"
X86

X86 architecture

"X64"
X64

X64 architecture

PackageInfoNote

Analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

Attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

Checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

Copyright string

Identify the copyright holders of the package, as well as any dates present

DetailedDescription string

A more detailed description of the package

DownloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

ExternalRefs List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.ExternalRef>

ExternalRef

FilesLicenseInfo List<string>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

HomePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

LicenseDeclared Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.License

List the licenses that have been declared by the authors of the package

Originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

PackageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

SummaryDescription string

A short description of the package

Supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

Title string

Identify the full name of the package as given by the Package Originator

VerificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

Version string

Identify the version of the package

Analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

Attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

Checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

Copyright string

Identify the copyright holders of the package, as well as any dates present

DetailedDescription string

A more detailed description of the package

DownloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

ExternalRefs []ExternalRef

ExternalRef

FilesLicenseInfo []string

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

HomePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

LicenseDeclared License

List the licenses that have been declared by the authors of the package

Originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

PackageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

SummaryDescription string

A short description of the package

Supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

Title string

Identify the full name of the package as given by the Package Originator

VerificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

Version string

Identify the version of the package

analyzed Boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution String

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum String

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright String

Identify the copyright holders of the package, as well as any dates present

detailedDescription String

A more detailed description of the package

downloadLocation String

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs List<ExternalRef>

ExternalRef

filesLicenseInfo List<String>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage String

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared License

List the licenses that have been declared by the authors of the package

originator String

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType String

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription String

A short description of the package

supplier String

Identify the actual distribution source for the package/directory identified in the SPDX file

title String

Identify the full name of the package as given by the Package Originator

verificationCode String

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version String

Identify the version of the package

analyzed boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright string

Identify the copyright holders of the package, as well as any dates present

detailedDescription string

A more detailed description of the package

downloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs ExternalRef[]

ExternalRef

filesLicenseInfo string[]

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared License

List the licenses that have been declared by the authors of the package

originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription string

A short description of the package

supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

title string

Identify the full name of the package as given by the Package Originator

verificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version string

Identify the version of the package

analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution str

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum str

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright str

Identify the copyright holders of the package, as well as any dates present

detailed_description str

A more detailed description of the package

download_location str

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

external_refs Sequence[ExternalRef]

ExternalRef

files_license_info Sequence[str]

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

home_page str

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

license_declared License

List the licenses that have been declared by the authors of the package

originator str

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

package_type str

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summary_description str

A short description of the package

supplier str

Identify the actual distribution source for the package/directory identified in the SPDX file

title str

Identify the full name of the package as given by the Package Originator

verification_code str

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version str

Identify the version of the package

analyzed Boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution String

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum String

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright String

Identify the copyright holders of the package, as well as any dates present

detailedDescription String

A more detailed description of the package

downloadLocation String

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs List<Property Map>

ExternalRef

filesLicenseInfo List<String>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage String

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared Property Map

List the licenses that have been declared by the authors of the package

originator String

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType String

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription String

A short description of the package

supplier String

Identify the actual distribution source for the package/directory identified in the SPDX file

title String

Identify the full name of the package as given by the Package Originator

verificationCode String

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version String

Identify the version of the package

PackageInfoNoteResponse

Analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

Attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

Checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

Copyright string

Identify the copyright holders of the package, as well as any dates present

DetailedDescription string

A more detailed description of the package

DownloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

ExternalRefs List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.ExternalRefResponse>

ExternalRef

FilesLicenseInfo List<string>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

HomePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

LicenseDeclared Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.LicenseResponse

List the licenses that have been declared by the authors of the package

Originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

PackageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

SummaryDescription string

A short description of the package

Supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

Title string

Identify the full name of the package as given by the Package Originator

VerificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

Version string

Identify the version of the package

Analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

Attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

Checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

Copyright string

Identify the copyright holders of the package, as well as any dates present

DetailedDescription string

A more detailed description of the package

DownloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

ExternalRefs []ExternalRefResponse

ExternalRef

FilesLicenseInfo []string

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

HomePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

LicenseDeclared LicenseResponse

List the licenses that have been declared by the authors of the package

Originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

PackageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

SummaryDescription string

A short description of the package

Supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

Title string

Identify the full name of the package as given by the Package Originator

VerificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

Version string

Identify the version of the package

analyzed Boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution String

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum String

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright String

Identify the copyright holders of the package, as well as any dates present

detailedDescription String

A more detailed description of the package

downloadLocation String

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs List<ExternalRefResponse>

ExternalRef

filesLicenseInfo List<String>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage String

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared LicenseResponse

List the licenses that have been declared by the authors of the package

originator String

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType String

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription String

A short description of the package

supplier String

Identify the actual distribution source for the package/directory identified in the SPDX file

title String

Identify the full name of the package as given by the Package Originator

verificationCode String

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version String

Identify the version of the package

analyzed boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright string

Identify the copyright holders of the package, as well as any dates present

detailedDescription string

A more detailed description of the package

downloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs ExternalRefResponse[]

ExternalRef

filesLicenseInfo string[]

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared LicenseResponse

List the licenses that have been declared by the authors of the package

originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription string

A short description of the package

supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

title string

Identify the full name of the package as given by the Package Originator

verificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version string

Identify the version of the package

analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution str

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum str

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright str

Identify the copyright holders of the package, as well as any dates present

detailed_description str

A more detailed description of the package

download_location str

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

external_refs Sequence[ExternalRefResponse]

ExternalRef

files_license_info Sequence[str]

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

home_page str

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

license_declared LicenseResponse

List the licenses that have been declared by the authors of the package

originator str

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

package_type str

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summary_description str

A short description of the package

supplier str

Identify the actual distribution source for the package/directory identified in the SPDX file

title str

Identify the full name of the package as given by the Package Originator

verification_code str

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version str

Identify the version of the package

analyzed Boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution String

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum String

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright String

Identify the copyright holders of the package, as well as any dates present

detailedDescription String

A more detailed description of the package

downloadLocation String

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs List<Property Map>

ExternalRef

filesLicenseInfo List<String>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage String

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared Property Map

List the licenses that have been declared by the authors of the package

originator String

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType String

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription String

A short description of the package

supplier String

Identify the actual distribution source for the package/directory identified in the SPDX file

title String

Identify the full name of the package as given by the Package Originator

verificationCode String

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version String

Identify the version of the package

PackageResponse

Architecture string

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

Description string

The description of this package.

Digest List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DigestResponse>

Hash value, typically a file digest, that allows unique identification a specific package.

Distribution List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DistributionResponse>

The various channels by which a package is distributed.

License Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.LicenseResponse

Licenses that have been declared by the authors of the package.

Maintainer string

A freeform text denoting the maintainer of this package.

Name string

The name of the package.

PackageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Url string

The homepage for this package.

Version Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionResponse

The version of the package.

Architecture string

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

Description string

The description of this package.

Digest []DigestResponse

Hash value, typically a file digest, that allows unique identification a specific package.

Distribution []DistributionResponse

The various channels by which a package is distributed.

License LicenseResponse

Licenses that have been declared by the authors of the package.

Maintainer string

A freeform text denoting the maintainer of this package.

Name string

The name of the package.

PackageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Url string

The homepage for this package.

Version VersionResponse

The version of the package.

architecture String

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description String

The description of this package.

digest List<DigestResponse>

Hash value, typically a file digest, that allows unique identification a specific package.

distribution List<DistributionResponse>

The various channels by which a package is distributed.

license LicenseResponse

Licenses that have been declared by the authors of the package.

maintainer String

A freeform text denoting the maintainer of this package.

name String

The name of the package.

packageType String

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url String

The homepage for this package.

version VersionResponse

The version of the package.

architecture string

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description string

The description of this package.

digest DigestResponse[]

Hash value, typically a file digest, that allows unique identification a specific package.

distribution DistributionResponse[]

The various channels by which a package is distributed.

license LicenseResponse

Licenses that have been declared by the authors of the package.

maintainer string

A freeform text denoting the maintainer of this package.

name string

The name of the package.

packageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url string

The homepage for this package.

version VersionResponse

The version of the package.

architecture str

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpe_uri str

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description str

The description of this package.

digest Sequence[DigestResponse]

Hash value, typically a file digest, that allows unique identification a specific package.

distribution Sequence[DistributionResponse]

The various channels by which a package is distributed.

license LicenseResponse

Licenses that have been declared by the authors of the package.

maintainer str

A freeform text denoting the maintainer of this package.

name str

The name of the package.

package_type str

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url str

The homepage for this package.

version VersionResponse

The version of the package.

architecture String

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description String

The description of this package.

digest List<Property Map>

Hash value, typically a file digest, that allows unique identification a specific package.

distribution List<Property Map>

The various channels by which a package is distributed.

license Property Map

Licenses that have been declared by the authors of the package.

maintainer String

A freeform text denoting the maintainer of this package.

name String

The name of the package.

packageType String

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url String

The homepage for this package.

version Property Map

The version of the package.

RelatedUrl

Label string

Label to describe usage of the URL

Url string

Specific URL to associate with the note

Label string

Label to describe usage of the URL

Url string

Specific URL to associate with the note

label String

Label to describe usage of the URL

url String

Specific URL to associate with the note

label string

Label to describe usage of the URL

url string

Specific URL to associate with the note

label str

Label to describe usage of the URL

url str

Specific URL to associate with the note

label String

Label to describe usage of the URL

url String

Specific URL to associate with the note

RelatedUrlResponse

Label string

Label to describe usage of the URL

Url string

Specific URL to associate with the note

Label string

Label to describe usage of the URL

Url string

Specific URL to associate with the note

label String

Label to describe usage of the URL

url String

Specific URL to associate with the note

label string

Label to describe usage of the URL

url string

Specific URL to associate with the note

label str

Label to describe usage of the URL

url str

Specific URL to associate with the note

label String

Label to describe usage of the URL

url String

Specific URL to associate with the note

RelationshipNote

Type Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.RelationshipNoteType

The type of relationship between the source and target SPDX elements

Type RelationshipNoteType

The type of relationship between the source and target SPDX elements

type RelationshipNoteType

The type of relationship between the source and target SPDX elements

type RelationshipNoteType

The type of relationship between the source and target SPDX elements

type RelationshipNoteType

The type of relationship between the source and target SPDX elements

type "RELATIONSHIP_TYPE_UNSPECIFIED" | "DESCRIBES" | "DESCRIBED_BY" | "CONTAINS" | "CONTAINED_BY" | "DEPENDS_ON" | "DEPENDENCY_OF" | "DEPENDENCY_MANIFEST_OF" | "BUILD_DEPENDENCY_OF" | "DEV_DEPENDENCY_OF" | "OPTIONAL_DEPENDENCY_OF" | "PROVIDED_DEPENDENCY_OF" | "TEST_DEPENDENCY_OF" | "RUNTIME_DEPENDENCY_OF" | "EXAMPLE_OF" | "GENERATES" | "GENERATED_FROM" | "ANCESTOR_OF" | "DESCENDANT_OF" | "VARIANT_OF" | "DISTRIBUTION_ARTIFACT" | "PATCH_FOR" | "PATCH_APPLIED" | "COPY_OF" | "FILE_ADDED" | "FILE_DELETED" | "FILE_MODIFIED" | "EXPANDED_FROM_ARCHIVE" | "DYNAMIC_LINK" | "STATIC_LINK" | "DATA_FILE_OF" | "TEST_CASE_OF" | "BUILD_TOOL_OF" | "DEV_TOOL_OF" | "TEST_OF" | "TEST_TOOL_OF" | "DOCUMENTATION_OF" | "OPTIONAL_COMPONENT_OF" | "METAFILE_OF" | "PACKAGE_OF" | "AMENDS" | "PREREQUISITE_FOR" | "HAS_PREREQUISITE" | "OTHER"

The type of relationship between the source and target SPDX elements

RelationshipNoteResponse

Type string

The type of relationship between the source and target SPDX elements

Type string

The type of relationship between the source and target SPDX elements

type String

The type of relationship between the source and target SPDX elements

type string

The type of relationship between the source and target SPDX elements

type str

The type of relationship between the source and target SPDX elements

type String

The type of relationship between the source and target SPDX elements

RelationshipNoteType

RelationshipTypeUnspecified
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

Describes
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

DescribedBy
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

Contains
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

ContainedBy
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

DependsOn
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

DependencyOf
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

DependencyManifestOf
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

BuildDependencyOf
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

DevDependencyOf
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

OptionalDependencyOf
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

ProvidedDependencyOf
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

TestDependencyOf
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

RuntimeDependencyOf
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

ExampleOf
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

Generates
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

GeneratedFrom
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

AncestorOf
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

DescendantOf
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

VariantOf
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

DistributionArtifact
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

PatchFor
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

PatchApplied
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

CopyOf
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

FileAdded
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

FileDeleted
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

FileModified
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

ExpandedFromArchive
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

DynamicLink
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

StaticLink
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

DataFileOf
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

TestCaseOf
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

BuildToolOf
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

DevToolOf
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

TestOf
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

TestToolOf
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

DocumentationOf
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

OptionalComponentOf
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

MetafileOf
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

PackageOf
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

Amends
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

PrerequisiteFor
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

HasPrerequisite
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

Other
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

RelationshipNoteTypeRelationshipTypeUnspecified
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

RelationshipNoteTypeDescribes
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

RelationshipNoteTypeDescribedBy
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

RelationshipNoteTypeContains
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

RelationshipNoteTypeContainedBy
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

RelationshipNoteTypeDependsOn
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

RelationshipNoteTypeDependencyOf
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

RelationshipNoteTypeDependencyManifestOf
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

RelationshipNoteTypeBuildDependencyOf
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

RelationshipNoteTypeDevDependencyOf
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

RelationshipNoteTypeOptionalDependencyOf
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

RelationshipNoteTypeProvidedDependencyOf
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

RelationshipNoteTypeTestDependencyOf
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

RelationshipNoteTypeRuntimeDependencyOf
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

RelationshipNoteTypeExampleOf
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

RelationshipNoteTypeGenerates
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

RelationshipNoteTypeGeneratedFrom
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

RelationshipNoteTypeAncestorOf
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

RelationshipNoteTypeDescendantOf
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

RelationshipNoteTypeVariantOf
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

RelationshipNoteTypeDistributionArtifact
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

RelationshipNoteTypePatchFor
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

RelationshipNoteTypePatchApplied
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

RelationshipNoteTypeCopyOf
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

RelationshipNoteTypeFileAdded
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

RelationshipNoteTypeFileDeleted
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

RelationshipNoteTypeFileModified
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

RelationshipNoteTypeExpandedFromArchive
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

RelationshipNoteTypeDynamicLink
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

RelationshipNoteTypeStaticLink
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

RelationshipNoteTypeDataFileOf
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

RelationshipNoteTypeTestCaseOf
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

RelationshipNoteTypeBuildToolOf
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

RelationshipNoteTypeDevToolOf
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

RelationshipNoteTypeTestOf
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

RelationshipNoteTypeTestToolOf
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

RelationshipNoteTypeDocumentationOf
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

RelationshipNoteTypeOptionalComponentOf
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

RelationshipNoteTypeMetafileOf
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

RelationshipNoteTypePackageOf
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

RelationshipNoteTypeAmends
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

RelationshipNoteTypePrerequisiteFor
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

RelationshipNoteTypeHasPrerequisite
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

RelationshipNoteTypeOther
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

RelationshipTypeUnspecified
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

Describes
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

DescribedBy
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

Contains
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

ContainedBy
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

DependsOn
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

DependencyOf
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

DependencyManifestOf
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

BuildDependencyOf
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

DevDependencyOf
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

OptionalDependencyOf
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

ProvidedDependencyOf
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

TestDependencyOf
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

RuntimeDependencyOf
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

ExampleOf
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

Generates
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

GeneratedFrom
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

AncestorOf
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

DescendantOf
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

VariantOf
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

DistributionArtifact
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

PatchFor
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

PatchApplied
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

CopyOf
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

FileAdded
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

FileDeleted
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

FileModified
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

ExpandedFromArchive
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

DynamicLink
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

StaticLink
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

DataFileOf
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

TestCaseOf
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

BuildToolOf
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

DevToolOf
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

TestOf
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

TestToolOf
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

DocumentationOf
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

OptionalComponentOf
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

MetafileOf
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

PackageOf
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

Amends
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

PrerequisiteFor
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

HasPrerequisite
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

Other
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

RelationshipTypeUnspecified
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

Describes
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

DescribedBy
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

Contains
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

ContainedBy
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

DependsOn
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

DependencyOf
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

DependencyManifestOf
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

BuildDependencyOf
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

DevDependencyOf
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

OptionalDependencyOf
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

ProvidedDependencyOf
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

TestDependencyOf
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

RuntimeDependencyOf
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

ExampleOf
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

Generates
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

GeneratedFrom
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

AncestorOf
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

DescendantOf
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

VariantOf
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

DistributionArtifact
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

PatchFor
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

PatchApplied
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

CopyOf
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

FileAdded
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

FileDeleted
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

FileModified
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

ExpandedFromArchive
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

DynamicLink
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

StaticLink
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

DataFileOf
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

TestCaseOf
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

BuildToolOf
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

DevToolOf
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

TestOf
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

TestToolOf
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

DocumentationOf
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

OptionalComponentOf
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

MetafileOf
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

PackageOf
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

Amends
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

PrerequisiteFor
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

HasPrerequisite
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

Other
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

RELATIONSHIP_TYPE_UNSPECIFIED
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

DESCRIBES
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

DESCRIBED_BY
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

CONTAINS
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

CONTAINED_BY
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

DEPENDS_ON
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

DEPENDENCY_OF
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

DEPENDENCY_MANIFEST_OF
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

BUILD_DEPENDENCY_OF
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

DEV_DEPENDENCY_OF
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

OPTIONAL_DEPENDENCY_OF
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

PROVIDED_DEPENDENCY_OF
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

TEST_DEPENDENCY_OF
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

RUNTIME_DEPENDENCY_OF
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

EXAMPLE_OF
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

GENERATES
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

GENERATED_FROM
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

ANCESTOR_OF
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

DESCENDANT_OF
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

VARIANT_OF
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

DISTRIBUTION_ARTIFACT
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

PATCH_FOR
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

PATCH_APPLIED
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

COPY_OF
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

FILE_ADDED
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

FILE_DELETED
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

FILE_MODIFIED
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

EXPANDED_FROM_ARCHIVE
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

DYNAMIC_LINK
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

STATIC_LINK
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

DATA_FILE_OF
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

TEST_CASE_OF
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

BUILD_TOOL_OF
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

DEV_TOOL_OF
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

TEST_OF
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

TEST_TOOL_OF
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

DOCUMENTATION_OF
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

OPTIONAL_COMPONENT_OF
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

METAFILE_OF
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

PACKAGE_OF
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

AMENDS
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

PREREQUISITE_FOR
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

HAS_PREREQUISITE
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

OTHER
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

"RELATIONSHIP_TYPE_UNSPECIFIED"
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

"DESCRIBES"
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

"DESCRIBED_BY"
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

"CONTAINS"
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

"CONTAINED_BY"
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

"DEPENDS_ON"
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

"DEPENDENCY_OF"
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

"DEPENDENCY_MANIFEST_OF"
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

"BUILD_DEPENDENCY_OF"
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

"DEV_DEPENDENCY_OF"
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

"OPTIONAL_DEPENDENCY_OF"
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

"PROVIDED_DEPENDENCY_OF"
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

"TEST_DEPENDENCY_OF"
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

"RUNTIME_DEPENDENCY_OF"
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

"EXAMPLE_OF"
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

"GENERATES"
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

"GENERATED_FROM"
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

"ANCESTOR_OF"
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

"DESCENDANT_OF"
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

"VARIANT_OF"
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

"DISTRIBUTION_ARTIFACT"
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

"PATCH_FOR"
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

"PATCH_APPLIED"
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

"COPY_OF"
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

"FILE_ADDED"
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

"FILE_DELETED"
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

"FILE_MODIFIED"
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

"EXPANDED_FROM_ARCHIVE"
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

"DYNAMIC_LINK"
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

"STATIC_LINK"
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

"DATA_FILE_OF"
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

"TEST_CASE_OF"
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

"BUILD_TOOL_OF"
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

"DEV_TOOL_OF"
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

"TEST_OF"
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

"TEST_TOOL_OF"
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

"DOCUMENTATION_OF"
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

"OPTIONAL_COMPONENT_OF"
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

"METAFILE_OF"
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

"PACKAGE_OF"
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

"AMENDS"
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

"PREREQUISITE_FOR"
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

"HAS_PREREQUISITE"
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

"OTHER"
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

UpgradeDistribution

Classification string

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

CpeUri string

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

Cve List<string>

The cve that would be resolved by this upgrade.

Severity string

The severity as specified by the upstream operating system.

Classification string

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

CpeUri string

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

Cve []string

The cve that would be resolved by this upgrade.

Severity string

The severity as specified by the upstream operating system.

classification String

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

cpeUri String

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

cve List<String>

The cve that would be resolved by this upgrade.

severity String

The severity as specified by the upstream operating system.

classification string

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

cpeUri string

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

cve string[]

The cve that would be resolved by this upgrade.

severity string

The severity as specified by the upstream operating system.

classification str

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

cpe_uri str

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

cve Sequence[str]

The cve that would be resolved by this upgrade.

severity str

The severity as specified by the upstream operating system.

classification String

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

cpeUri String

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

cve List<String>

The cve that would be resolved by this upgrade.

severity String

The severity as specified by the upstream operating system.

UpgradeDistributionResponse

Classification string

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

CpeUri string

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

Cve List<string>

The cve that would be resolved by this upgrade.

Severity string

The severity as specified by the upstream operating system.

Classification string

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

CpeUri string

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

Cve []string

The cve that would be resolved by this upgrade.

Severity string

The severity as specified by the upstream operating system.

classification String

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

cpeUri String

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

cve List<String>

The cve that would be resolved by this upgrade.

severity String

The severity as specified by the upstream operating system.

classification string

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

cpeUri string

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

cve string[]

The cve that would be resolved by this upgrade.

severity string

The severity as specified by the upstream operating system.

classification str

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

cpe_uri str

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

cve Sequence[str]

The cve that would be resolved by this upgrade.

severity str

The severity as specified by the upstream operating system.

classification String

The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed.

cpeUri String

Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.

cve List<String>

The cve that would be resolved by this upgrade.

severity String

The severity as specified by the upstream operating system.

UpgradeNote

Distributions List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.UpgradeDistribution>

Metadata about the upgrade for each specific operating system.

Package string

Required - The package this Upgrade is for.

Version Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.Version

Required - The version of the package in machine + human readable form.

Distributions []UpgradeDistribution

Metadata about the upgrade for each specific operating system.

Package string

Required - The package this Upgrade is for.

Version Version

Required - The version of the package in machine + human readable form.

distributions List<UpgradeDistribution>

Metadata about the upgrade for each specific operating system.

package_ String

Required - The package this Upgrade is for.

version Version

Required - The version of the package in machine + human readable form.

distributions UpgradeDistribution[]

Metadata about the upgrade for each specific operating system.

package string

Required - The package this Upgrade is for.

version Version

Required - The version of the package in machine + human readable form.

distributions Sequence[UpgradeDistribution]

Metadata about the upgrade for each specific operating system.

package str

Required - The package this Upgrade is for.

version Version

Required - The version of the package in machine + human readable form.

distributions List<Property Map>

Metadata about the upgrade for each specific operating system.

package String

Required - The package this Upgrade is for.

version Property Map

Required - The version of the package in machine + human readable form.

UpgradeNoteResponse

Distributions List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.UpgradeDistributionResponse>

Metadata about the upgrade for each specific operating system.

Package string

Required - The package this Upgrade is for.

Version Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionResponse

Required - The version of the package in machine + human readable form.

Distributions []UpgradeDistributionResponse

Metadata about the upgrade for each specific operating system.

Package string

Required - The package this Upgrade is for.

Version VersionResponse

Required - The version of the package in machine + human readable form.

distributions List<UpgradeDistributionResponse>

Metadata about the upgrade for each specific operating system.

package_ String

Required - The package this Upgrade is for.

version VersionResponse

Required - The version of the package in machine + human readable form.

distributions UpgradeDistributionResponse[]

Metadata about the upgrade for each specific operating system.

package string

Required - The package this Upgrade is for.

version VersionResponse

Required - The version of the package in machine + human readable form.

distributions Sequence[UpgradeDistributionResponse]

Metadata about the upgrade for each specific operating system.

package str

Required - The package this Upgrade is for.

version VersionResponse

Required - The version of the package in machine + human readable form.

distributions List<Property Map>

Metadata about the upgrade for each specific operating system.

package String

Required - The package this Upgrade is for.

version Property Map

Required - The version of the package in machine + human readable form.

Version

Epoch int

Used to correct mistakes in the version numbering scheme.

Inclusive bool

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

Kind Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.VersionKind

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

Name string

The main part of the version name.

Revision string

The iteration of the package build from the above version.

Epoch int

Used to correct mistakes in the version numbering scheme.

Inclusive bool

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

Kind VersionKind

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

Name string

The main part of the version name.

Revision string

The iteration of the package build from the above version.

epoch Integer

Used to correct mistakes in the version numbering scheme.

inclusive Boolean

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

kind VersionKind

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

name String

The main part of the version name.

revision String

The iteration of the package build from the above version.

epoch number

Used to correct mistakes in the version numbering scheme.

inclusive boolean

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

kind VersionKind

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

name string

The main part of the version name.

revision string

The iteration of the package build from the above version.

epoch int

Used to correct mistakes in the version numbering scheme.

inclusive bool

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

kind VersionKind

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

name str

The main part of the version name.

revision str

The iteration of the package build from the above version.

epoch Number

Used to correct mistakes in the version numbering scheme.

inclusive Boolean

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

kind "NORMAL" | "MINIMUM" | "MAXIMUM"

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

name String

The main part of the version name.

revision String

The iteration of the package build from the above version.

VersionKind

Normal
NORMAL

A standard package version, defined by the other fields.

Minimum
MINIMUM

A special version representing negative infinity, other fields are ignored.

Maximum
MAXIMUM

A special version representing positive infinity, other fields are ignored.

VersionKindNormal
NORMAL

A standard package version, defined by the other fields.

VersionKindMinimum
MINIMUM

A special version representing negative infinity, other fields are ignored.

VersionKindMaximum
MAXIMUM

A special version representing positive infinity, other fields are ignored.

Normal
NORMAL

A standard package version, defined by the other fields.

Minimum
MINIMUM

A special version representing negative infinity, other fields are ignored.

Maximum
MAXIMUM

A special version representing positive infinity, other fields are ignored.

Normal
NORMAL

A standard package version, defined by the other fields.

Minimum
MINIMUM

A special version representing negative infinity, other fields are ignored.

Maximum
MAXIMUM

A special version representing positive infinity, other fields are ignored.

NORMAL
NORMAL

A standard package version, defined by the other fields.

MINIMUM
MINIMUM

A special version representing negative infinity, other fields are ignored.

MAXIMUM
MAXIMUM

A special version representing positive infinity, other fields are ignored.

"NORMAL"
NORMAL

A standard package version, defined by the other fields.

"MINIMUM"
MINIMUM

A special version representing negative infinity, other fields are ignored.

"MAXIMUM"
MAXIMUM

A special version representing positive infinity, other fields are ignored.

VersionResponse

Epoch int

Used to correct mistakes in the version numbering scheme.

Inclusive bool

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

Kind string

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

Name string

The main part of the version name.

Revision string

The iteration of the package build from the above version.

Epoch int

Used to correct mistakes in the version numbering scheme.

Inclusive bool

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

Kind string

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

Name string

The main part of the version name.

Revision string

The iteration of the package build from the above version.

epoch Integer

Used to correct mistakes in the version numbering scheme.

inclusive Boolean

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

kind String

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

name String

The main part of the version name.

revision String

The iteration of the package build from the above version.

epoch number

Used to correct mistakes in the version numbering scheme.

inclusive boolean

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

kind string

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

name string

The main part of the version name.

revision string

The iteration of the package build from the above version.

epoch int

Used to correct mistakes in the version numbering scheme.

inclusive bool

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

kind str

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

name str

The main part of the version name.

revision str

The iteration of the package build from the above version.

epoch Number

Used to correct mistakes in the version numbering scheme.

inclusive Boolean

Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not

kind String

Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.

name String

The main part of the version name.

revision String

The iteration of the package build from the above version.

VulnerabilityLocation

CpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

FileLocation List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.FileLocation>

The file location at which this package was found.

Package string

The package being described.

Version Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.Version

The version of the package being described. This field can be used as a filter in list requests.

CpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

FileLocation []FileLocation

The file location at which this package was found.

Package string

The package being described.

Version Version

The version of the package being described. This field can be used as a filter in list requests.

cpeUri String

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

fileLocation List<FileLocation>

The file location at which this package was found.

package_ String

The package being described.

version Version

The version of the package being described. This field can be used as a filter in list requests.

cpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

fileLocation FileLocation[]

The file location at which this package was found.

package string

The package being described.

version Version

The version of the package being described. This field can be used as a filter in list requests.

cpe_uri str

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

file_location Sequence[FileLocation]

The file location at which this package was found.

package str

The package being described.

version Version

The version of the package being described. This field can be used as a filter in list requests.

cpeUri String

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

fileLocation List<Property Map>

The file location at which this package was found.

package String

The package being described.

version Property Map

The version of the package being described. This field can be used as a filter in list requests.

VulnerabilityLocationResponse

CpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

FileLocation List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.FileLocationResponse>

The file location at which this package was found.

Package string

The package being described.

Version Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.VersionResponse

The version of the package being described. This field can be used as a filter in list requests.

CpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

FileLocation []FileLocationResponse

The file location at which this package was found.

Package string

The package being described.

Version VersionResponse

The version of the package being described. This field can be used as a filter in list requests.

cpeUri String

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

fileLocation List<FileLocationResponse>

The file location at which this package was found.

package_ String

The package being described.

version VersionResponse

The version of the package being described. This field can be used as a filter in list requests.

cpeUri string

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

fileLocation FileLocationResponse[]

The file location at which this package was found.

package string

The package being described.

version VersionResponse

The version of the package being described. This field can be used as a filter in list requests.

cpe_uri str

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

file_location Sequence[FileLocationResponse]

The file location at which this package was found.

package str

The package being described.

version VersionResponse

The version of the package being described. This field can be used as a filter in list requests.

cpeUri String

The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests.

fileLocation List<Property Map>

The file location at which this package was found.

package String

The package being described.

version Property Map

The version of the package being described. This field can be used as a filter in list requests.

VulnerabilityType

CvssScore double

The CVSS score for this Vulnerability.

CvssV2 Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.CVSS

The full description of the CVSS for version 2.

Cwe List<string>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

Details List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.Detail>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

Severity Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.VulnerabilityTypeSeverity

Note provider assigned impact of the vulnerability

CvssScore float64

The CVSS score for this Vulnerability.

CvssV2 CVSS

The full description of the CVSS for version 2.

Cwe []string

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

Details []Detail

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

Severity VulnerabilityTypeSeverity

Note provider assigned impact of the vulnerability

cvssScore Double

The CVSS score for this Vulnerability.

cvssV2 CVSS

The full description of the CVSS for version 2.

cwe List<String>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details List<Detail>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity VulnerabilityTypeSeverity

Note provider assigned impact of the vulnerability

cvssScore number

The CVSS score for this Vulnerability.

cvssV2 CVSS

The full description of the CVSS for version 2.

cwe string[]

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details Detail[]

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity VulnerabilityTypeSeverity

Note provider assigned impact of the vulnerability

cvss_score float

The CVSS score for this Vulnerability.

cvss_v2 CVSS

The full description of the CVSS for version 2.

cwe Sequence[str]

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details Sequence[Detail]

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity VulnerabilityTypeSeverity

Note provider assigned impact of the vulnerability

cvssScore Number

The CVSS score for this Vulnerability.

cvssV2 Property Map

The full description of the CVSS for version 2.

cwe List<String>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details List<Property Map>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity "SEVERITY_UNSPECIFIED" | "MINIMAL" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL"

Note provider assigned impact of the vulnerability

VulnerabilityTypeResponse

CvssScore double

The CVSS score for this Vulnerability.

CvssV2 Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.CVSSResponse

The full description of the CVSS for version 2.

Cwe List<string>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

Details List<Pulumi.GoogleNative.ContainerAnalysis.V1Alpha1.Inputs.DetailResponse>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

Severity string

Note provider assigned impact of the vulnerability

CvssScore float64

The CVSS score for this Vulnerability.

CvssV2 CVSSResponse

The full description of the CVSS for version 2.

Cwe []string

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

Details []DetailResponse

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

Severity string

Note provider assigned impact of the vulnerability

cvssScore Double

The CVSS score for this Vulnerability.

cvssV2 CVSSResponse

The full description of the CVSS for version 2.

cwe List<String>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details List<DetailResponse>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity String

Note provider assigned impact of the vulnerability

cvssScore number

The CVSS score for this Vulnerability.

cvssV2 CVSSResponse

The full description of the CVSS for version 2.

cwe string[]

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details DetailResponse[]

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity string

Note provider assigned impact of the vulnerability

cvss_score float

The CVSS score for this Vulnerability.

cvss_v2 CVSSResponse

The full description of the CVSS for version 2.

cwe Sequence[str]

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details Sequence[DetailResponse]

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity str

Note provider assigned impact of the vulnerability

cvssScore Number

The CVSS score for this Vulnerability.

cvssV2 Property Map

The full description of the CVSS for version 2.

cwe List<String>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details List<Property Map>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity String

Note provider assigned impact of the vulnerability

VulnerabilityTypeSeverity

SeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown Impact

Minimal
MINIMAL

Minimal Impact

Low
LOW

Low Impact

Medium
MEDIUM

Medium Impact

High
HIGH

High Impact

Critical
CRITICAL

Critical Impact

VulnerabilityTypeSeveritySeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown Impact

VulnerabilityTypeSeverityMinimal
MINIMAL

Minimal Impact

VulnerabilityTypeSeverityLow
LOW

Low Impact

VulnerabilityTypeSeverityMedium
MEDIUM

Medium Impact

VulnerabilityTypeSeverityHigh
HIGH

High Impact

VulnerabilityTypeSeverityCritical
CRITICAL

Critical Impact

SeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown Impact

Minimal
MINIMAL

Minimal Impact

Low
LOW

Low Impact

Medium
MEDIUM

Medium Impact

High
HIGH

High Impact

Critical
CRITICAL

Critical Impact

SeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown Impact

Minimal
MINIMAL

Minimal Impact

Low
LOW

Low Impact

Medium
MEDIUM

Medium Impact

High
HIGH

High Impact

Critical
CRITICAL

Critical Impact

SEVERITY_UNSPECIFIED
SEVERITY_UNSPECIFIED

Unknown Impact

MINIMAL
MINIMAL

Minimal Impact

LOW
LOW

Low Impact

MEDIUM
MEDIUM

Medium Impact

HIGH
HIGH

High Impact

CRITICAL
CRITICAL

Critical Impact

"SEVERITY_UNSPECIFIED"
SEVERITY_UNSPECIFIED

Unknown Impact

"MINIMAL"
MINIMAL

Minimal Impact

"LOW"
LOW

Low Impact

"MEDIUM"
MEDIUM

Medium Impact

"HIGH"
HIGH

High Impact

"CRITICAL"
CRITICAL

Critical Impact

Package Details

Repository
https://github.com/pulumi/pulumi-google-native
License
Apache-2.0