1. Packages
  2. Google Cloud Native
  3. API Docs
  4. containeranalysis
  5. containeranalysis/v1beta1
  6. getNote

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

google-native.containeranalysis/v1beta1.getNote

Explore with Pulumi AI

google-native logo

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

    Gets the specified note.

    Using getNote

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getNote(args: GetNoteArgs, opts?: InvokeOptions): Promise<GetNoteResult>
    function getNoteOutput(args: GetNoteOutputArgs, opts?: InvokeOptions): Output<GetNoteResult>
    def get_note(note_id: Optional[str] = None,
                 project: Optional[str] = None,
                 opts: Optional[InvokeOptions] = None) -> GetNoteResult
    def get_note_output(note_id: Optional[pulumi.Input[str]] = None,
                 project: Optional[pulumi.Input[str]] = None,
                 opts: Optional[InvokeOptions] = None) -> Output[GetNoteResult]
    func LookupNote(ctx *Context, args *LookupNoteArgs, opts ...InvokeOption) (*LookupNoteResult, error)
    func LookupNoteOutput(ctx *Context, args *LookupNoteOutputArgs, opts ...InvokeOption) LookupNoteResultOutput

    > Note: This function is named LookupNote in the Go SDK.

    public static class GetNote 
    {
        public static Task<GetNoteResult> InvokeAsync(GetNoteArgs args, InvokeOptions? opts = null)
        public static Output<GetNoteResult> Invoke(GetNoteInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetNoteResult> getNote(GetNoteArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: google-native:containeranalysis/v1beta1:getNote
      arguments:
        # arguments dictionary

    The following arguments are supported:

    NoteId string
    Project string
    NoteId string
    Project string
    noteId String
    project String
    noteId string
    project string
    noteId String
    project String

    getNote Result

    The following output properties are available:

    AttestationAuthority Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.AuthorityResponse
    A note describing an attestation role.
    BaseImage Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.BasisResponse
    A note describing a base image.
    Build Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.BuildResponse
    A note describing build provenance for a verifiable build.
    CreateTime string
    The time this note was created. This field can be used as a filter in list requests.
    Deployable Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.DeployableResponse
    A note describing something that can be deployed.
    Discovery Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.DiscoveryResponse
    A note describing the initial analysis of a resource.
    ExpirationTime string
    Time of expiration for this note. Empty if note does not expire.
    Intoto Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.InTotoResponse
    A note describing an in-toto link.
    Kind string
    The type of analysis. This field can be used as a filter in list requests.
    LongDescription string
    A detailed description of this note.
    Name string
    The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
    Package Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.PackageResponse
    A note describing a package hosted by various package managers.
    RelatedNoteNames List<string>
    Other notes related to this note.
    RelatedUrl List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.RelatedUrlResponse>
    URLs associated with this note.
    Sbom Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.DocumentNoteResponse
    A note describing a software bill of materials.
    SbomReference Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.SBOMReferenceNoteResponse
    A note describing an SBOM reference.
    ShortDescription string
    A one sentence description of this note.
    SpdxFile Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.FileNoteResponse
    A note describing an SPDX File.
    SpdxPackage Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.PackageInfoNoteResponse
    A note describing an SPDX Package.
    SpdxRelationship Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.RelationshipNoteResponse
    A note describing an SPDX File.
    UpdateTime string
    The time this note was last updated. This field can be used as a filter in list requests.
    Vulnerability Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.VulnerabilityResponse
    A note describing a package vulnerability.
    VulnerabilityAssessment Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.VulnerabilityAssessmentNoteResponse
    A note describing a vulnerability assessment.
    AttestationAuthority AuthorityResponse
    A note describing an attestation role.
    BaseImage BasisResponse
    A note describing a base image.
    Build BuildResponse
    A note describing build provenance for a verifiable build.
    CreateTime string
    The time this note was created. This field can be used as a filter in list requests.
    Deployable DeployableResponse
    A note describing something that can be deployed.
    Discovery DiscoveryResponse
    A note describing the initial analysis of a resource.
    ExpirationTime string
    Time of expiration for this note. Empty if note does not expire.
    Intoto InTotoResponse
    A note describing an in-toto link.
    Kind string
    The type of analysis. This field can be used as a filter in list requests.
    LongDescription string
    A detailed description of this note.
    Name string
    The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
    Package PackageResponse
    A note describing a package hosted by various package managers.
    RelatedNoteNames []string
    Other notes related to this note.
    RelatedUrl []RelatedUrlResponse
    URLs associated with this note.
    Sbom DocumentNoteResponse
    A note describing a software bill of materials.
    SbomReference SBOMReferenceNoteResponse
    A note describing an SBOM reference.
    ShortDescription string
    A one sentence description of this note.
    SpdxFile FileNoteResponse
    A note describing an SPDX File.
    SpdxPackage PackageInfoNoteResponse
    A note describing an SPDX Package.
    SpdxRelationship RelationshipNoteResponse
    A note describing an SPDX File.
    UpdateTime string
    The time this note was last updated. This field can be used as a filter in list requests.
    Vulnerability VulnerabilityResponse
    A note describing a package vulnerability.
    VulnerabilityAssessment VulnerabilityAssessmentNoteResponse
    A note describing a vulnerability assessment.
    attestationAuthority AuthorityResponse
    A note describing an attestation role.
    baseImage BasisResponse
    A note describing a base image.
    build BuildResponse
    A note describing build provenance for a verifiable build.
    createTime String
    The time this note was created. This field can be used as a filter in list requests.
    deployable DeployableResponse
    A note describing something that can be deployed.
    discovery DiscoveryResponse
    A note describing the initial analysis of a resource.
    expirationTime String
    Time of expiration for this note. Empty if note does not expire.
    intoto InTotoResponse
    A note describing an in-toto link.
    kind String
    The type of analysis. This field can be used as a filter in list requests.
    longDescription String
    A detailed description of this note.
    name String
    The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
    package_ PackageResponse
    A note describing a package hosted by various package managers.
    relatedNoteNames List<String>
    Other notes related to this note.
    relatedUrl List<RelatedUrlResponse>
    URLs associated with this note.
    sbom DocumentNoteResponse
    A note describing a software bill of materials.
    sbomReference SBOMReferenceNoteResponse
    A note describing an SBOM reference.
    shortDescription String
    A one sentence description of this note.
    spdxFile FileNoteResponse
    A note describing an SPDX File.
    spdxPackage PackageInfoNoteResponse
    A note describing an SPDX Package.
    spdxRelationship RelationshipNoteResponse
    A note describing an SPDX File.
    updateTime String
    The time this note was last updated. This field can be used as a filter in list requests.
    vulnerability VulnerabilityResponse
    A note describing a package vulnerability.
    vulnerabilityAssessment VulnerabilityAssessmentNoteResponse
    A note describing a vulnerability assessment.
    attestationAuthority AuthorityResponse
    A note describing an attestation role.
    baseImage BasisResponse
    A note describing a base image.
    build BuildResponse
    A note describing build provenance for a verifiable build.
    createTime string
    The time this note was created. This field can be used as a filter in list requests.
    deployable DeployableResponse
    A note describing something that can be deployed.
    discovery DiscoveryResponse
    A note describing the initial analysis of a resource.
    expirationTime string
    Time of expiration for this note. Empty if note does not expire.
    intoto InTotoResponse
    A note describing an in-toto link.
    kind string
    The type of analysis. This field can be used as a filter in list requests.
    longDescription string
    A detailed description of this note.
    name string
    The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
    package PackageResponse
    A note describing a package hosted by various package managers.
    relatedNoteNames string[]
    Other notes related to this note.
    relatedUrl RelatedUrlResponse[]
    URLs associated with this note.
    sbom DocumentNoteResponse
    A note describing a software bill of materials.
    sbomReference SBOMReferenceNoteResponse
    A note describing an SBOM reference.
    shortDescription string
    A one sentence description of this note.
    spdxFile FileNoteResponse
    A note describing an SPDX File.
    spdxPackage PackageInfoNoteResponse
    A note describing an SPDX Package.
    spdxRelationship RelationshipNoteResponse
    A note describing an SPDX File.
    updateTime string
    The time this note was last updated. This field can be used as a filter in list requests.
    vulnerability VulnerabilityResponse
    A note describing a package vulnerability.
    vulnerabilityAssessment VulnerabilityAssessmentNoteResponse
    A note describing a vulnerability assessment.
    attestation_authority AuthorityResponse
    A note describing an attestation role.
    base_image BasisResponse
    A note describing a base image.
    build BuildResponse
    A note describing build provenance for a verifiable build.
    create_time str
    The time this note was created. This field can be used as a filter in list requests.
    deployable DeployableResponse
    A note describing something that can be deployed.
    discovery DiscoveryResponse
    A note describing the initial analysis of a resource.
    expiration_time str
    Time of expiration for this note. Empty if note does not expire.
    intoto InTotoResponse
    A note describing an in-toto link.
    kind str
    The type of analysis. This field can be used as a filter in list requests.
    long_description str
    A detailed description of this note.
    name str
    The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
    package PackageResponse
    A note describing a package hosted by various package managers.
    related_note_names Sequence[str]
    Other notes related to this note.
    related_url Sequence[RelatedUrlResponse]
    URLs associated with this note.
    sbom DocumentNoteResponse
    A note describing a software bill of materials.
    sbom_reference SBOMReferenceNoteResponse
    A note describing an SBOM reference.
    short_description str
    A one sentence description of this note.
    spdx_file FileNoteResponse
    A note describing an SPDX File.
    spdx_package PackageInfoNoteResponse
    A note describing an SPDX Package.
    spdx_relationship RelationshipNoteResponse
    A note describing an SPDX File.
    update_time str
    The time this note was last updated. This field can be used as a filter in list requests.
    vulnerability VulnerabilityResponse
    A note describing a package vulnerability.
    vulnerability_assessment VulnerabilityAssessmentNoteResponse
    A note describing a vulnerability assessment.
    attestationAuthority Property Map
    A note describing an attestation role.
    baseImage Property Map
    A note describing a base image.
    build Property Map
    A note describing build provenance for a verifiable build.
    createTime String
    The time this note was created. This field can be used as a filter in list requests.
    deployable Property Map
    A note describing something that can be deployed.
    discovery Property Map
    A note describing the initial analysis of a resource.
    expirationTime String
    Time of expiration for this note. Empty if note does not expire.
    intoto Property Map
    A note describing an in-toto link.
    kind String
    The type of analysis. This field can be used as a filter in list requests.
    longDescription String
    A detailed description of this note.
    name String
    The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
    package Property Map
    A note describing a package hosted by various package managers.
    relatedNoteNames List<String>
    Other notes related to this note.
    relatedUrl List<Property Map>
    URLs associated with this note.
    sbom Property Map
    A note describing a software bill of materials.
    sbomReference Property Map
    A note describing an SBOM reference.
    shortDescription String
    A one sentence description of this note.
    spdxFile Property Map
    A note describing an SPDX File.
    spdxPackage Property Map
    A note describing an SPDX Package.
    spdxRelationship Property Map
    A note describing an SPDX File.
    updateTime String
    The time this note was last updated. This field can be used as a filter in list requests.
    vulnerability Property Map
    A note describing a package vulnerability.
    vulnerabilityAssessment Property Map
    A note describing a vulnerability assessment.

    Supporting Types

    ArtifactRuleResponse

    ArtifactRule List<string>
    ArtifactRule []string
    artifactRule List<String>
    artifactRule string[]
    artifact_rule Sequence[str]
    artifactRule List<String>

    AssessmentResponse

    Cve string
    Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    Deprecated:Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    Impacts List<string>
    Contains information about the impact of this vulnerability, this will change with time.
    Justification Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.JustificationResponse
    Justification provides the justification when the state of the assessment if NOT_AFFECTED.
    LongDescription string
    A detailed description of this Vex.
    RelatedUris List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.RelatedUrlResponse>
    Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
    Remediations List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.RemediationResponse>
    Specifies details on how to handle (and presumably, fix) a vulnerability.
    ShortDescription string
    A one sentence description of this Vex.
    State string
    Provides the state of this Vulnerability assessment.
    VulnerabilityId string
    The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
    Cve string
    Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    Deprecated:Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    Impacts []string
    Contains information about the impact of this vulnerability, this will change with time.
    Justification JustificationResponse
    Justification provides the justification when the state of the assessment if NOT_AFFECTED.
    LongDescription string
    A detailed description of this Vex.
    RelatedUris []RelatedUrlResponse
    Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
    Remediations []RemediationResponse
    Specifies details on how to handle (and presumably, fix) a vulnerability.
    ShortDescription string
    A one sentence description of this Vex.
    State string
    Provides the state of this Vulnerability assessment.
    VulnerabilityId string
    The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
    cve String
    Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    Deprecated:Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    impacts List<String>
    Contains information about the impact of this vulnerability, this will change with time.
    justification JustificationResponse
    Justification provides the justification when the state of the assessment if NOT_AFFECTED.
    longDescription String
    A detailed description of this Vex.
    relatedUris List<RelatedUrlResponse>
    Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
    remediations List<RemediationResponse>
    Specifies details on how to handle (and presumably, fix) a vulnerability.
    shortDescription String
    A one sentence description of this Vex.
    state String
    Provides the state of this Vulnerability assessment.
    vulnerabilityId String
    The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
    cve string
    Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    Deprecated:Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    impacts string[]
    Contains information about the impact of this vulnerability, this will change with time.
    justification JustificationResponse
    Justification provides the justification when the state of the assessment if NOT_AFFECTED.
    longDescription string
    A detailed description of this Vex.
    relatedUris RelatedUrlResponse[]
    Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
    remediations RemediationResponse[]
    Specifies details on how to handle (and presumably, fix) a vulnerability.
    shortDescription string
    A one sentence description of this Vex.
    state string
    Provides the state of this Vulnerability assessment.
    vulnerabilityId string
    The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
    cve str
    Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    Deprecated:Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    impacts Sequence[str]
    Contains information about the impact of this vulnerability, this will change with time.
    justification JustificationResponse
    Justification provides the justification when the state of the assessment if NOT_AFFECTED.
    long_description str
    A detailed description of this Vex.
    related_uris Sequence[RelatedUrlResponse]
    Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
    remediations Sequence[RemediationResponse]
    Specifies details on how to handle (and presumably, fix) a vulnerability.
    short_description str
    A one sentence description of this Vex.
    state str
    Provides the state of this Vulnerability assessment.
    vulnerability_id str
    The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
    cve String
    Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    Deprecated:Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.

    impacts List<String>
    Contains information about the impact of this vulnerability, this will change with time.
    justification Property Map
    Justification provides the justification when the state of the assessment if NOT_AFFECTED.
    longDescription String
    A detailed description of this Vex.
    relatedUris List<Property Map>
    Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
    remediations List<Property Map>
    Specifies details on how to handle (and presumably, fix) a vulnerability.
    shortDescription String
    A one sentence description of this Vex.
    state String
    Provides the state of this Vulnerability assessment.
    vulnerabilityId String
    The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.

    AuthorityResponse

    Hint Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.HintResponse
    Hint hints at the purpose of the attestation authority.
    Hint HintResponse
    Hint hints at the purpose of the attestation authority.
    hint HintResponse
    Hint hints at the purpose of the attestation authority.
    hint HintResponse
    Hint hints at the purpose of the attestation authority.
    hint HintResponse
    Hint hints at the purpose of the attestation authority.
    hint Property Map
    Hint hints at the purpose of the attestation authority.

    BasisResponse

    Fingerprint Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.FingerprintResponse
    Immutable. The fingerprint of the base image.
    ResourceUrl string
    Immutable. The resource_url for the resource representing the basis of associated occurrence images.
    Fingerprint FingerprintResponse
    Immutable. The fingerprint of the base image.
    ResourceUrl string
    Immutable. The resource_url for the resource representing the basis of associated occurrence images.
    fingerprint FingerprintResponse
    Immutable. The fingerprint of the base image.
    resourceUrl String
    Immutable. The resource_url for the resource representing the basis of associated occurrence images.
    fingerprint FingerprintResponse
    Immutable. The fingerprint of the base image.
    resourceUrl string
    Immutable. The resource_url for the resource representing the basis of associated occurrence images.
    fingerprint FingerprintResponse
    Immutable. The fingerprint of the base image.
    resource_url str
    Immutable. The resource_url for the resource representing the basis of associated occurrence images.
    fingerprint Property Map
    Immutable. The fingerprint of the base image.
    resourceUrl String
    Immutable. The resource_url for the resource representing the basis of associated occurrence images.

    BuildResponse

    BuilderVersion string
    Immutable. Version of the builder which produced this build.
    Signature Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.BuildSignatureResponse
    Signature of the build in occurrences pointing to this build note containing build details.
    BuilderVersion string
    Immutable. Version of the builder which produced this build.
    Signature BuildSignatureResponse
    Signature of the build in occurrences pointing to this build note containing build details.
    builderVersion String
    Immutable. Version of the builder which produced this build.
    signature BuildSignatureResponse
    Signature of the build in occurrences pointing to this build note containing build details.
    builderVersion string
    Immutable. Version of the builder which produced this build.
    signature BuildSignatureResponse
    Signature of the build in occurrences pointing to this build note containing build details.
    builder_version str
    Immutable. Version of the builder which produced this build.
    signature BuildSignatureResponse
    Signature of the build in occurrences pointing to this build note containing build details.
    builderVersion String
    Immutable. Version of the builder which produced this build.
    signature Property Map
    Signature of the build in occurrences pointing to this build note containing build details.

    BuildSignatureResponse

    KeyId string
    An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
    KeyType string
    The type of the key, either stored in public_key or referenced in key_id.
    PublicKey string
    Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
    Signature string
    Signature of the related BuildProvenance. In JSON, this is base-64 encoded.
    KeyId string
    An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
    KeyType string
    The type of the key, either stored in public_key or referenced in key_id.
    PublicKey string
    Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
    Signature string
    Signature of the related BuildProvenance. In JSON, this is base-64 encoded.
    keyId String
    An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
    keyType String
    The type of the key, either stored in public_key or referenced in key_id.
    publicKey String
    Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
    signature String
    Signature of the related BuildProvenance. In JSON, this is base-64 encoded.
    keyId string
    An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
    keyType string
    The type of the key, either stored in public_key or referenced in key_id.
    publicKey string
    Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
    signature string
    Signature of the related BuildProvenance. In JSON, this is base-64 encoded.
    key_id str
    An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
    key_type str
    The type of the key, either stored in public_key or referenced in key_id.
    public_key str
    Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
    signature str
    Signature of the related BuildProvenance. In JSON, this is base-64 encoded.
    keyId String
    An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
    keyType String
    The type of the key, either stored in public_key or referenced in key_id.
    publicKey String
    Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
    signature String
    Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

    CVSSResponse

    AttackComplexity string
    Defined in CVSS v3, CVSS v2
    AttackVector string
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
    Authentication string
    Defined in CVSS v2
    AvailabilityImpact string
    Defined in CVSS v3, CVSS v2
    BaseScore double
    The base score is a function of the base metric scores.
    ConfidentialityImpact string
    Defined in CVSS v3, CVSS v2
    ExploitabilityScore double
    ImpactScore double
    IntegrityImpact string
    Defined in CVSS v3, CVSS v2
    PrivilegesRequired string
    Defined in CVSS v3
    Scope string
    Defined in CVSS v3
    UserInteraction string
    Defined in CVSS v3
    AttackComplexity string
    Defined in CVSS v3, CVSS v2
    AttackVector string
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
    Authentication string
    Defined in CVSS v2
    AvailabilityImpact string
    Defined in CVSS v3, CVSS v2
    BaseScore float64
    The base score is a function of the base metric scores.
    ConfidentialityImpact string
    Defined in CVSS v3, CVSS v2
    ExploitabilityScore float64
    ImpactScore float64
    IntegrityImpact string
    Defined in CVSS v3, CVSS v2
    PrivilegesRequired string
    Defined in CVSS v3
    Scope string
    Defined in CVSS v3
    UserInteraction string
    Defined in CVSS v3
    attackComplexity String
    Defined in CVSS v3, CVSS v2
    attackVector String
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
    authentication String
    Defined in CVSS v2
    availabilityImpact String
    Defined in CVSS v3, CVSS v2
    baseScore Double
    The base score is a function of the base metric scores.
    confidentialityImpact String
    Defined in CVSS v3, CVSS v2
    exploitabilityScore Double
    impactScore Double
    integrityImpact String
    Defined in CVSS v3, CVSS v2
    privilegesRequired String
    Defined in CVSS v3
    scope String
    Defined in CVSS v3
    userInteraction String
    Defined in CVSS v3
    attackComplexity string
    Defined in CVSS v3, CVSS v2
    attackVector string
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
    authentication string
    Defined in CVSS v2
    availabilityImpact string
    Defined in CVSS v3, CVSS v2
    baseScore number
    The base score is a function of the base metric scores.
    confidentialityImpact string
    Defined in CVSS v3, CVSS v2
    exploitabilityScore number
    impactScore number
    integrityImpact string
    Defined in CVSS v3, CVSS v2
    privilegesRequired string
    Defined in CVSS v3
    scope string
    Defined in CVSS v3
    userInteraction string
    Defined in CVSS v3
    attack_complexity str
    Defined in CVSS v3, CVSS v2
    attack_vector str
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
    authentication str
    Defined in CVSS v2
    availability_impact str
    Defined in CVSS v3, CVSS v2
    base_score float
    The base score is a function of the base metric scores.
    confidentiality_impact str
    Defined in CVSS v3, CVSS v2
    exploitability_score float
    impact_score float
    integrity_impact str
    Defined in CVSS v3, CVSS v2
    privileges_required str
    Defined in CVSS v3
    scope str
    Defined in CVSS v3
    user_interaction str
    Defined in CVSS v3
    attackComplexity String
    Defined in CVSS v3, CVSS v2
    attackVector String
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
    authentication String
    Defined in CVSS v2
    availabilityImpact String
    Defined in CVSS v3, CVSS v2
    baseScore Number
    The base score is a function of the base metric scores.
    confidentialityImpact String
    Defined in CVSS v3, CVSS v2
    exploitabilityScore Number
    impactScore Number
    integrityImpact String
    Defined in CVSS v3, CVSS v2
    privilegesRequired String
    Defined in CVSS v3
    scope String
    Defined in CVSS v3
    userInteraction String
    Defined in CVSS v3

    CVSSv3Response

    AttackComplexity string
    AttackVector string
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
    AvailabilityImpact string
    BaseScore double
    The base score is a function of the base metric scores.
    ConfidentialityImpact string
    ExploitabilityScore double
    ImpactScore double
    IntegrityImpact string
    PrivilegesRequired string
    Scope string
    UserInteraction string
    AttackComplexity string
    AttackVector string
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
    AvailabilityImpact string
    BaseScore float64
    The base score is a function of the base metric scores.
    ConfidentialityImpact string
    ExploitabilityScore float64
    ImpactScore float64
    IntegrityImpact string
    PrivilegesRequired string
    Scope string
    UserInteraction string
    attackComplexity String
    attackVector String
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
    availabilityImpact String
    baseScore Double
    The base score is a function of the base metric scores.
    confidentialityImpact String
    exploitabilityScore Double
    impactScore Double
    integrityImpact String
    privilegesRequired String
    scope String
    userInteraction String
    attackComplexity string
    attackVector string
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
    availabilityImpact string
    baseScore number
    The base score is a function of the base metric scores.
    confidentialityImpact string
    exploitabilityScore number
    impactScore number
    integrityImpact string
    privilegesRequired string
    scope string
    userInteraction string
    attack_complexity str
    attack_vector str
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
    availability_impact str
    base_score float
    The base score is a function of the base metric scores.
    confidentiality_impact str
    exploitability_score float
    impact_score float
    integrity_impact str
    privileges_required str
    scope str
    user_interaction str
    attackComplexity String
    attackVector String
    Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
    availabilityImpact String
    baseScore Number
    The base score is a function of the base metric scores.
    confidentialityImpact String
    exploitabilityScore Number
    impactScore Number
    integrityImpact String
    privilegesRequired String
    scope String
    userInteraction String

    DeployableResponse

    ResourceUri List<string>
    Resource URI for the artifact being deployed.
    ResourceUri []string
    Resource URI for the artifact being deployed.
    resourceUri List<String>
    Resource URI for the artifact being deployed.
    resourceUri string[]
    Resource URI for the artifact being deployed.
    resource_uri Sequence[str]
    Resource URI for the artifact being deployed.
    resourceUri List<String>
    Resource URI for the artifact being deployed.

    DetailResponse

    CpeUri string
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    Description string
    A vendor-specific description of this note.
    FixedLocation Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VulnerabilityLocationResponse
    The fix for this specific package version.
    IsObsolete bool
    Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
    MaxAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse
    The max version of the package in which the vulnerability exists.
    MinAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse
    The min version of the package in which the vulnerability exists.
    Package string
    The name of the package where the vulnerability was found.
    PackageType string
    The type of package; whether native or non native(ruby gems, node.js packages etc).
    SeverityName string
    The severity (eg: distro assigned severity) for this vulnerability.
    Source string
    The source from which the information in this Detail was obtained.
    SourceUpdateTime string
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    Vendor string
    The name of the vendor of the product.
    CpeUri string
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    Description string
    A vendor-specific description of this note.
    FixedLocation VulnerabilityLocationResponse
    The fix for this specific package version.
    IsObsolete bool
    Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
    MaxAffectedVersion VersionResponse
    The max version of the package in which the vulnerability exists.
    MinAffectedVersion VersionResponse
    The min version of the package in which the vulnerability exists.
    Package string
    The name of the package where the vulnerability was found.
    PackageType string
    The type of package; whether native or non native(ruby gems, node.js packages etc).
    SeverityName string
    The severity (eg: distro assigned severity) for this vulnerability.
    Source string
    The source from which the information in this Detail was obtained.
    SourceUpdateTime string
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    Vendor string
    The name of the vendor of the product.
    cpeUri String
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    description String
    A vendor-specific description of this note.
    fixedLocation VulnerabilityLocationResponse
    The fix for this specific package version.
    isObsolete Boolean
    Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
    maxAffectedVersion VersionResponse
    The max version of the package in which the vulnerability exists.
    minAffectedVersion VersionResponse
    The min version of the package in which the vulnerability exists.
    packageType String
    The type of package; whether native or non native(ruby gems, node.js packages etc).
    package_ String
    The name of the package where the vulnerability was found.
    severityName String
    The severity (eg: distro assigned severity) for this vulnerability.
    source String
    The source from which the information in this Detail was obtained.
    sourceUpdateTime String
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    vendor String
    The name of the vendor of the product.
    cpeUri string
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    description string
    A vendor-specific description of this note.
    fixedLocation VulnerabilityLocationResponse
    The fix for this specific package version.
    isObsolete boolean
    Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
    maxAffectedVersion VersionResponse
    The max version of the package in which the vulnerability exists.
    minAffectedVersion VersionResponse
    The min version of the package in which the vulnerability exists.
    package string
    The name of the package where the vulnerability was found.
    packageType string
    The type of package; whether native or non native(ruby gems, node.js packages etc).
    severityName string
    The severity (eg: distro assigned severity) for this vulnerability.
    source string
    The source from which the information in this Detail was obtained.
    sourceUpdateTime string
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    vendor string
    The name of the vendor of the product.
    cpe_uri str
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    description str
    A vendor-specific description of this note.
    fixed_location VulnerabilityLocationResponse
    The fix for this specific package version.
    is_obsolete bool
    Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
    max_affected_version VersionResponse
    The max version of the package in which the vulnerability exists.
    min_affected_version VersionResponse
    The min version of the package in which the vulnerability exists.
    package str
    The name of the package where the vulnerability was found.
    package_type str
    The type of package; whether native or non native(ruby gems, node.js packages etc).
    severity_name str
    The severity (eg: distro assigned severity) for this vulnerability.
    source str
    The source from which the information in this Detail was obtained.
    source_update_time str
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    vendor str
    The name of the vendor of the product.
    cpeUri String
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    description String
    A vendor-specific description of this note.
    fixedLocation Property Map
    The fix for this specific package version.
    isObsolete Boolean
    Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
    maxAffectedVersion Property Map
    The max version of the package in which the vulnerability exists.
    minAffectedVersion Property Map
    The min version of the package in which the vulnerability exists.
    package String
    The name of the package where the vulnerability was found.
    packageType String
    The type of package; whether native or non native(ruby gems, node.js packages etc).
    severityName String
    The severity (eg: distro assigned severity) for this vulnerability.
    source String
    The source from which the information in this Detail was obtained.
    sourceUpdateTime String
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    vendor String
    The name of the vendor of the product.

    DigestResponse

    Algo string
    SHA1, SHA512 etc.
    DigestBytes string
    Value of the digest.
    Algo string
    SHA1, SHA512 etc.
    DigestBytes string
    Value of the digest.
    algo String
    SHA1, SHA512 etc.
    digestBytes String
    Value of the digest.
    algo string
    SHA1, SHA512 etc.
    digestBytes string
    Value of the digest.
    algo str
    SHA1, SHA512 etc.
    digest_bytes str
    Value of the digest.
    algo String
    SHA1, SHA512 etc.
    digestBytes String
    Value of the digest.

    DiscoveryResponse

    AnalysisKind string
    Immutable. The kind of analysis that is handled by this discovery.
    AnalysisKind string
    Immutable. The kind of analysis that is handled by this discovery.
    analysisKind String
    Immutable. The kind of analysis that is handled by this discovery.
    analysisKind string
    Immutable. The kind of analysis that is handled by this discovery.
    analysis_kind str
    Immutable. The kind of analysis that is handled by this discovery.
    analysisKind String
    Immutable. The kind of analysis that is handled by this discovery.

    DistributionResponse

    Architecture string
    The CPU architecture for which packages in this distribution channel were built.
    CpeUri string
    The cpe_uri in CPE format denoting the package manager version distributing a package.
    Description string
    The distribution channel-specific description of this package.
    LatestVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse
    The latest available version of this package in this distribution channel.
    Maintainer string
    A freeform string denoting the maintainer of this package.
    Url string
    The distribution channel-specific homepage for this package.
    Architecture string
    The CPU architecture for which packages in this distribution channel were built.
    CpeUri string
    The cpe_uri in CPE format denoting the package manager version distributing a package.
    Description string
    The distribution channel-specific description of this package.
    LatestVersion VersionResponse
    The latest available version of this package in this distribution channel.
    Maintainer string
    A freeform string denoting the maintainer of this package.
    Url string
    The distribution channel-specific homepage for this package.
    architecture String
    The CPU architecture for which packages in this distribution channel were built.
    cpeUri String
    The cpe_uri in CPE format denoting the package manager version distributing a package.
    description String
    The distribution channel-specific description of this package.
    latestVersion VersionResponse
    The latest available version of this package in this distribution channel.
    maintainer String
    A freeform string denoting the maintainer of this package.
    url String
    The distribution channel-specific homepage for this package.
    architecture string
    The CPU architecture for which packages in this distribution channel were built.
    cpeUri string
    The cpe_uri in CPE format denoting the package manager version distributing a package.
    description string
    The distribution channel-specific description of this package.
    latestVersion VersionResponse
    The latest available version of this package in this distribution channel.
    maintainer string
    A freeform string denoting the maintainer of this package.
    url string
    The distribution channel-specific homepage for this package.
    architecture str
    The CPU architecture for which packages in this distribution channel were built.
    cpe_uri str
    The cpe_uri in CPE format denoting the package manager version distributing a package.
    description str
    The distribution channel-specific description of this package.
    latest_version VersionResponse
    The latest available version of this package in this distribution channel.
    maintainer str
    A freeform string denoting the maintainer of this package.
    url str
    The distribution channel-specific homepage for this package.
    architecture String
    The CPU architecture for which packages in this distribution channel were built.
    cpeUri String
    The cpe_uri in CPE format denoting the package manager version distributing a package.
    description String
    The distribution channel-specific description of this package.
    latestVersion Property Map
    The latest available version of this package in this distribution channel.
    maintainer String
    A freeform string denoting the maintainer of this package.
    url String
    The distribution channel-specific homepage for this package.

    DocumentNoteResponse

    DataLicence string
    Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
    SpdxVersion string
    Provide a reference number that can be used to understand how to parse and interpret the rest of the file
    DataLicence string
    Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
    SpdxVersion string
    Provide a reference number that can be used to understand how to parse and interpret the rest of the file
    dataLicence String
    Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
    spdxVersion String
    Provide a reference number that can be used to understand how to parse and interpret the rest of the file
    dataLicence string
    Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
    spdxVersion string
    Provide a reference number that can be used to understand how to parse and interpret the rest of the file
    data_licence str
    Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
    spdx_version str
    Provide a reference number that can be used to understand how to parse and interpret the rest of the file
    dataLicence String
    Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
    spdxVersion String
    Provide a reference number that can be used to understand how to parse and interpret the rest of the file

    ExternalRefResponse

    Category string
    An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
    Comment string
    Human-readable information about the purpose and target of the reference
    Locator string
    The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
    Type string
    Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
    Category string
    An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
    Comment string
    Human-readable information about the purpose and target of the reference
    Locator string
    The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
    Type string
    Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
    category String
    An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
    comment String
    Human-readable information about the purpose and target of the reference
    locator String
    The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
    type String
    Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
    category string
    An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
    comment string
    Human-readable information about the purpose and target of the reference
    locator string
    The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
    type string
    Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
    category str
    An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
    comment str
    Human-readable information about the purpose and target of the reference
    locator str
    The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
    type str
    Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
    category String
    An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
    comment String
    Human-readable information about the purpose and target of the reference
    locator String
    The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
    type String
    Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

    FileNoteResponse

    Checksum List<string>
    Provide a unique identifier to match analysis information on each specific file in a package
    FileType string
    This field provides information about the type of file identified
    Title string
    Identify the full path and filename that corresponds to the file information in this section
    Checksum []string
    Provide a unique identifier to match analysis information on each specific file in a package
    FileType string
    This field provides information about the type of file identified
    Title string
    Identify the full path and filename that corresponds to the file information in this section
    checksum List<String>
    Provide a unique identifier to match analysis information on each specific file in a package
    fileType String
    This field provides information about the type of file identified
    title String
    Identify the full path and filename that corresponds to the file information in this section
    checksum string[]
    Provide a unique identifier to match analysis information on each specific file in a package
    fileType string
    This field provides information about the type of file identified
    title string
    Identify the full path and filename that corresponds to the file information in this section
    checksum Sequence[str]
    Provide a unique identifier to match analysis information on each specific file in a package
    file_type str
    This field provides information about the type of file identified
    title str
    Identify the full path and filename that corresponds to the file information in this section
    checksum List<String>
    Provide a unique identifier to match analysis information on each specific file in a package
    fileType String
    This field provides information about the type of file identified
    title String
    Identify the full path and filename that corresponds to the file information in this section

    FingerprintResponse

    V1Name string
    The layer ID of the final layer in the Docker image's v1 representation.
    V2Blob List<string>
    The ordered list of v2 blobs that represent a given image.
    V2Name string
    The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.
    V1Name string
    The layer ID of the final layer in the Docker image's v1 representation.
    V2Blob []string
    The ordered list of v2 blobs that represent a given image.
    V2Name string
    The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.
    v1Name String
    The layer ID of the final layer in the Docker image's v1 representation.
    v2Blob List<String>
    The ordered list of v2 blobs that represent a given image.
    v2Name String
    The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.
    v1Name string
    The layer ID of the final layer in the Docker image's v1 representation.
    v2Blob string[]
    The ordered list of v2 blobs that represent a given image.
    v2Name string
    The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.
    v1_name str
    The layer ID of the final layer in the Docker image's v1 representation.
    v2_blob Sequence[str]
    The ordered list of v2 blobs that represent a given image.
    v2_name str
    The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.
    v1Name String
    The layer ID of the final layer in the Docker image's v1 representation.
    v2Blob List<String>
    The ordered list of v2 blobs that represent a given image.
    v2Name String
    The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

    HintResponse

    HumanReadableName string
    The human readable name of this attestation authority, for example "qa".
    HumanReadableName string
    The human readable name of this attestation authority, for example "qa".
    humanReadableName String
    The human readable name of this attestation authority, for example "qa".
    humanReadableName string
    The human readable name of this attestation authority, for example "qa".
    human_readable_name str
    The human readable name of this attestation authority, for example "qa".
    humanReadableName String
    The human readable name of this attestation authority, for example "qa".

    InTotoResponse

    ExpectedCommand List<string>
    This field contains the expected command used to perform the step.
    ExpectedMaterials List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ArtifactRuleResponse>
    The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
    ExpectedProducts List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ArtifactRuleResponse>
    SigningKeys List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.SigningKeyResponse>
    This field contains the public keys that can be used to verify the signatures on the step metadata.
    StepName string
    This field identifies the name of the step in the supply chain.
    Threshold string
    This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.
    ExpectedCommand []string
    This field contains the expected command used to perform the step.
    ExpectedMaterials []ArtifactRuleResponse
    The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
    ExpectedProducts []ArtifactRuleResponse
    SigningKeys []SigningKeyResponse
    This field contains the public keys that can be used to verify the signatures on the step metadata.
    StepName string
    This field identifies the name of the step in the supply chain.
    Threshold string
    This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.
    expectedCommand List<String>
    This field contains the expected command used to perform the step.
    expectedMaterials List<ArtifactRuleResponse>
    The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
    expectedProducts List<ArtifactRuleResponse>
    signingKeys List<SigningKeyResponse>
    This field contains the public keys that can be used to verify the signatures on the step metadata.
    stepName String
    This field identifies the name of the step in the supply chain.
    threshold String
    This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.
    expectedCommand string[]
    This field contains the expected command used to perform the step.
    expectedMaterials ArtifactRuleResponse[]
    The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
    expectedProducts ArtifactRuleResponse[]
    signingKeys SigningKeyResponse[]
    This field contains the public keys that can be used to verify the signatures on the step metadata.
    stepName string
    This field identifies the name of the step in the supply chain.
    threshold string
    This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.
    expected_command Sequence[str]
    This field contains the expected command used to perform the step.
    expected_materials Sequence[ArtifactRuleResponse]
    The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
    expected_products Sequence[ArtifactRuleResponse]
    signing_keys Sequence[SigningKeyResponse]
    This field contains the public keys that can be used to verify the signatures on the step metadata.
    step_name str
    This field identifies the name of the step in the supply chain.
    threshold str
    This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.
    expectedCommand List<String>
    This field contains the expected command used to perform the step.
    expectedMaterials List<Property Map>
    The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
    expectedProducts List<Property Map>
    signingKeys List<Property Map>
    This field contains the public keys that can be used to verify the signatures on the step metadata.
    stepName String
    This field identifies the name of the step in the supply chain.
    threshold String
    This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

    JustificationResponse

    Details string
    Additional details on why this justification was chosen.
    JustificationType string
    The justification type for this vulnerability.
    Details string
    Additional details on why this justification was chosen.
    JustificationType string
    The justification type for this vulnerability.
    details String
    Additional details on why this justification was chosen.
    justificationType String
    The justification type for this vulnerability.
    details string
    Additional details on why this justification was chosen.
    justificationType string
    The justification type for this vulnerability.
    details str
    Additional details on why this justification was chosen.
    justification_type str
    The justification type for this vulnerability.
    details String
    Additional details on why this justification was chosen.
    justificationType String
    The justification type for this vulnerability.

    KnowledgeBaseResponse

    Name string
    The KB name (generally of the form KB[0-9]+ i.e. KB123456).
    Url string
    A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/
    Name string
    The KB name (generally of the form KB[0-9]+ i.e. KB123456).
    Url string
    A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/
    name String
    The KB name (generally of the form KB[0-9]+ i.e. KB123456).
    url String
    A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/
    name string
    The KB name (generally of the form KB[0-9]+ i.e. KB123456).
    url string
    A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/
    name str
    The KB name (generally of the form KB[0-9]+ i.e. KB123456).
    url str
    A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/
    name String
    The KB name (generally of the form KB[0-9]+ i.e. KB123456).
    url String
    A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

    LicenseResponse

    Comments string
    Comments
    Expression string
    Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
    Comments string
    Comments
    Expression string
    Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
    comments String
    Comments
    expression String
    Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
    comments string
    Comments
    expression string
    Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
    comments str
    Comments
    expression str
    Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
    comments String
    Comments
    expression String
    Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

    PackageInfoNoteResponse

    Analyzed bool
    Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
    Attribution string
    A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
    Checksum string
    Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
    Copyright string
    Identify the copyright holders of the package, as well as any dates present
    DetailedDescription string
    A more detailed description of the package
    DownloadLocation string
    This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
    ExternalRefs List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ExternalRefResponse>
    ExternalRef
    FilesLicenseInfo List<string>
    Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
    HomePage string
    Provide a place for the SPDX file creator to record a web site that serves as the package's home page
    LicenseDeclared Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.LicenseResponse
    List the licenses that have been declared by the authors of the package
    Originator string
    If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
    PackageType string
    The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
    SummaryDescription string
    A short description of the package
    Supplier string
    Identify the actual distribution source for the package/directory identified in the SPDX file
    Title string
    Identify the full name of the package as given by the Package Originator
    VerificationCode string
    This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
    Version string
    Identify the version of the package
    Analyzed bool
    Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
    Attribution string
    A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
    Checksum string
    Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
    Copyright string
    Identify the copyright holders of the package, as well as any dates present
    DetailedDescription string
    A more detailed description of the package
    DownloadLocation string
    This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
    ExternalRefs []ExternalRefResponse
    ExternalRef
    FilesLicenseInfo []string
    Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
    HomePage string
    Provide a place for the SPDX file creator to record a web site that serves as the package's home page
    LicenseDeclared LicenseResponse
    List the licenses that have been declared by the authors of the package
    Originator string
    If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
    PackageType string
    The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
    SummaryDescription string
    A short description of the package
    Supplier string
    Identify the actual distribution source for the package/directory identified in the SPDX file
    Title string
    Identify the full name of the package as given by the Package Originator
    VerificationCode string
    This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
    Version string
    Identify the version of the package
    analyzed Boolean
    Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
    attribution String
    A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
    checksum String
    Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
    copyright String
    Identify the copyright holders of the package, as well as any dates present
    detailedDescription String
    A more detailed description of the package
    downloadLocation String
    This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
    externalRefs List<ExternalRefResponse>
    ExternalRef
    filesLicenseInfo List<String>
    Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
    homePage String
    Provide a place for the SPDX file creator to record a web site that serves as the package's home page
    licenseDeclared LicenseResponse
    List the licenses that have been declared by the authors of the package
    originator String
    If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
    packageType String
    The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
    summaryDescription String
    A short description of the package
    supplier String
    Identify the actual distribution source for the package/directory identified in the SPDX file
    title String
    Identify the full name of the package as given by the Package Originator
    verificationCode String
    This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
    version String
    Identify the version of the package
    analyzed boolean
    Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
    attribution string
    A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
    checksum string
    Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
    copyright string
    Identify the copyright holders of the package, as well as any dates present
    detailedDescription string
    A more detailed description of the package
    downloadLocation string
    This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
    externalRefs ExternalRefResponse[]
    ExternalRef
    filesLicenseInfo string[]
    Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
    homePage string
    Provide a place for the SPDX file creator to record a web site that serves as the package's home page
    licenseDeclared LicenseResponse
    List the licenses that have been declared by the authors of the package
    originator string
    If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
    packageType string
    The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
    summaryDescription string
    A short description of the package
    supplier string
    Identify the actual distribution source for the package/directory identified in the SPDX file
    title string
    Identify the full name of the package as given by the Package Originator
    verificationCode string
    This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
    version string
    Identify the version of the package
    analyzed bool
    Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
    attribution str
    A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
    checksum str
    Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
    copyright str
    Identify the copyright holders of the package, as well as any dates present
    detailed_description str
    A more detailed description of the package
    download_location str
    This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
    external_refs Sequence[ExternalRefResponse]
    ExternalRef
    files_license_info Sequence[str]
    Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
    home_page str
    Provide a place for the SPDX file creator to record a web site that serves as the package's home page
    license_declared LicenseResponse
    List the licenses that have been declared by the authors of the package
    originator str
    If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
    package_type str
    The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
    summary_description str
    A short description of the package
    supplier str
    Identify the actual distribution source for the package/directory identified in the SPDX file
    title str
    Identify the full name of the package as given by the Package Originator
    verification_code str
    This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
    version str
    Identify the version of the package
    analyzed Boolean
    Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
    attribution String
    A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
    checksum String
    Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
    copyright String
    Identify the copyright holders of the package, as well as any dates present
    detailedDescription String
    A more detailed description of the package
    downloadLocation String
    This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
    externalRefs List<Property Map>
    ExternalRef
    filesLicenseInfo List<String>
    Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
    homePage String
    Provide a place for the SPDX file creator to record a web site that serves as the package's home page
    licenseDeclared Property Map
    List the licenses that have been declared by the authors of the package
    originator String
    If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
    packageType String
    The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
    summaryDescription String
    A short description of the package
    supplier String
    Identify the actual distribution source for the package/directory identified in the SPDX file
    title String
    Identify the full name of the package as given by the Package Originator
    verificationCode String
    This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
    version String
    Identify the version of the package

    PackageResponse

    Architecture string
    The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
    CpeUri string
    The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
    Description string
    The description of this package.
    Digest List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DigestResponse>
    Hash value, typically a file digest, that allows unique identification a specific package.
    Distribution List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DistributionResponse>
    The various channels by which a package is distributed.
    License Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.LicenseResponse
    Licenses that have been declared by the authors of the package.
    Maintainer string
    A freeform text denoting the maintainer of this package.
    Name string
    Immutable. The name of the package.
    PackageType string
    The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
    Url string
    The homepage for this package.
    Version Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse
    The version of the package.
    Architecture string
    The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
    CpeUri string
    The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
    Description string
    The description of this package.
    Digest []DigestResponse
    Hash value, typically a file digest, that allows unique identification a specific package.
    Distribution []DistributionResponse
    The various channels by which a package is distributed.
    License LicenseResponse
    Licenses that have been declared by the authors of the package.
    Maintainer string
    A freeform text denoting the maintainer of this package.
    Name string
    Immutable. The name of the package.
    PackageType string
    The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
    Url string
    The homepage for this package.
    Version VersionResponse
    The version of the package.
    architecture String
    The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
    cpeUri String
    The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
    description String
    The description of this package.
    digest List<DigestResponse>
    Hash value, typically a file digest, that allows unique identification a specific package.
    distribution List<DistributionResponse>
    The various channels by which a package is distributed.
    license LicenseResponse
    Licenses that have been declared by the authors of the package.
    maintainer String
    A freeform text denoting the maintainer of this package.
    name String
    Immutable. The name of the package.
    packageType String
    The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
    url String
    The homepage for this package.
    version VersionResponse
    The version of the package.
    architecture string
    The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
    cpeUri string
    The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
    description string
    The description of this package.
    digest DigestResponse[]
    Hash value, typically a file digest, that allows unique identification a specific package.
    distribution DistributionResponse[]
    The various channels by which a package is distributed.
    license LicenseResponse
    Licenses that have been declared by the authors of the package.
    maintainer string
    A freeform text denoting the maintainer of this package.
    name string
    Immutable. The name of the package.
    packageType string
    The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
    url string
    The homepage for this package.
    version VersionResponse
    The version of the package.
    architecture str
    The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
    cpe_uri str
    The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
    description str
    The description of this package.
    digest Sequence[DigestResponse]
    Hash value, typically a file digest, that allows unique identification a specific package.
    distribution Sequence[DistributionResponse]
    The various channels by which a package is distributed.
    license LicenseResponse
    Licenses that have been declared by the authors of the package.
    maintainer str
    A freeform text denoting the maintainer of this package.
    name str
    Immutable. The name of the package.
    package_type str
    The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
    url str
    The homepage for this package.
    version VersionResponse
    The version of the package.
    architecture String
    The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
    cpeUri String
    The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
    description String
    The description of this package.
    digest List<Property Map>
    Hash value, typically a file digest, that allows unique identification a specific package.
    distribution List<Property Map>
    The various channels by which a package is distributed.
    license Property Map
    Licenses that have been declared by the authors of the package.
    maintainer String
    A freeform text denoting the maintainer of this package.
    name String
    Immutable. The name of the package.
    packageType String
    The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
    url String
    The homepage for this package.
    version Property Map
    The version of the package.

    ProductResponse

    GenericUri string
    Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
    Name string
    Name of the product.
    GenericUri string
    Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
    Name string
    Name of the product.
    genericUri String
    Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
    name String
    Name of the product.
    genericUri string
    Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
    name string
    Name of the product.
    generic_uri str
    Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
    name str
    Name of the product.
    genericUri String
    Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
    name String
    Name of the product.

    PublisherResponse

    IssuingAuthority string
    Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
    Name string
    Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
    PublisherNamespace string
    The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
    IssuingAuthority string
    Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
    Name string
    Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
    PublisherNamespace string
    The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
    issuingAuthority String
    Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
    name String
    Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
    publisherNamespace String
    The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
    issuingAuthority string
    Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
    name string
    Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
    publisherNamespace string
    The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
    issuing_authority str
    Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
    name str
    Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
    publisher_namespace str
    The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io
    issuingAuthority String
    Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
    name String
    Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
    publisherNamespace String
    The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io

    RelatedUrlResponse

    Label string
    Label to describe usage of the URL.
    Url string
    Specific URL associated with the resource.
    Label string
    Label to describe usage of the URL.
    Url string
    Specific URL associated with the resource.
    label String
    Label to describe usage of the URL.
    url String
    Specific URL associated with the resource.
    label string
    Label to describe usage of the URL.
    url string
    Specific URL associated with the resource.
    label str
    Label to describe usage of the URL.
    url str
    Specific URL associated with the resource.
    label String
    Label to describe usage of the URL.
    url String
    Specific URL associated with the resource.

    RelationshipNoteResponse

    Type string
    The type of relationship between the source and target SPDX elements
    Type string
    The type of relationship between the source and target SPDX elements
    type String
    The type of relationship between the source and target SPDX elements
    type string
    The type of relationship between the source and target SPDX elements
    type str
    The type of relationship between the source and target SPDX elements
    type String
    The type of relationship between the source and target SPDX elements

    RemediationResponse

    Details string
    Contains a comprehensive human-readable discussion of the remediation.
    RemediationType string
    The type of remediation that can be applied.
    RemediationUri Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.RelatedUrlResponse
    Contains the URL where to obtain the remediation.
    Details string
    Contains a comprehensive human-readable discussion of the remediation.
    RemediationType string
    The type of remediation that can be applied.
    RemediationUri RelatedUrlResponse
    Contains the URL where to obtain the remediation.
    details String
    Contains a comprehensive human-readable discussion of the remediation.
    remediationType String
    The type of remediation that can be applied.
    remediationUri RelatedUrlResponse
    Contains the URL where to obtain the remediation.
    details string
    Contains a comprehensive human-readable discussion of the remediation.
    remediationType string
    The type of remediation that can be applied.
    remediationUri RelatedUrlResponse
    Contains the URL where to obtain the remediation.
    details str
    Contains a comprehensive human-readable discussion of the remediation.
    remediation_type str
    The type of remediation that can be applied.
    remediation_uri RelatedUrlResponse
    Contains the URL where to obtain the remediation.
    details String
    Contains a comprehensive human-readable discussion of the remediation.
    remediationType String
    The type of remediation that can be applied.
    remediationUri Property Map
    Contains the URL where to obtain the remediation.

    SBOMReferenceNoteResponse

    Format string
    The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
    Version string
    The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.
    Format string
    The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
    Version string
    The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.
    format String
    The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
    version String
    The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.
    format string
    The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
    version string
    The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.
    format str
    The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
    version str
    The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.
    format String
    The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
    version String
    The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.

    SigningKeyResponse

    KeyId string
    key_id is an identifier for the signing key.
    KeyScheme string
    This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
    KeyType string
    This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
    PublicKeyValue string
    This field contains the actual public key.
    KeyId string
    key_id is an identifier for the signing key.
    KeyScheme string
    This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
    KeyType string
    This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
    PublicKeyValue string
    This field contains the actual public key.
    keyId String
    key_id is an identifier for the signing key.
    keyScheme String
    This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
    keyType String
    This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
    publicKeyValue String
    This field contains the actual public key.
    keyId string
    key_id is an identifier for the signing key.
    keyScheme string
    This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
    keyType string
    This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
    publicKeyValue string
    This field contains the actual public key.
    key_id str
    key_id is an identifier for the signing key.
    key_scheme str
    This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
    key_type str
    This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
    public_key_value str
    This field contains the actual public key.
    keyId String
    key_id is an identifier for the signing key.
    keyScheme String
    This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
    keyType String
    This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
    publicKeyValue String
    This field contains the actual public key.

    VersionResponse

    Epoch int
    Used to correct mistakes in the version numbering scheme.
    Inclusive bool
    Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
    Kind string
    Distinguishes between sentinel MIN/MAX versions and normal versions.
    Name string
    Required only when version kind is NORMAL. The main part of the version name.
    Revision string
    The iteration of the package build from the above version.
    Epoch int
    Used to correct mistakes in the version numbering scheme.
    Inclusive bool
    Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
    Kind string
    Distinguishes between sentinel MIN/MAX versions and normal versions.
    Name string
    Required only when version kind is NORMAL. The main part of the version name.
    Revision string
    The iteration of the package build from the above version.
    epoch Integer
    Used to correct mistakes in the version numbering scheme.
    inclusive Boolean
    Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
    kind String
    Distinguishes between sentinel MIN/MAX versions and normal versions.
    name String
    Required only when version kind is NORMAL. The main part of the version name.
    revision String
    The iteration of the package build from the above version.
    epoch number
    Used to correct mistakes in the version numbering scheme.
    inclusive boolean
    Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
    kind string
    Distinguishes between sentinel MIN/MAX versions and normal versions.
    name string
    Required only when version kind is NORMAL. The main part of the version name.
    revision string
    The iteration of the package build from the above version.
    epoch int
    Used to correct mistakes in the version numbering scheme.
    inclusive bool
    Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
    kind str
    Distinguishes between sentinel MIN/MAX versions and normal versions.
    name str
    Required only when version kind is NORMAL. The main part of the version name.
    revision str
    The iteration of the package build from the above version.
    epoch Number
    Used to correct mistakes in the version numbering scheme.
    inclusive Boolean
    Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
    kind String
    Distinguishes between sentinel MIN/MAX versions and normal versions.
    name String
    Required only when version kind is NORMAL. The main part of the version name.
    revision String
    The iteration of the package build from the above version.

    VulnerabilityAssessmentNoteResponse

    Assessment Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.AssessmentResponse
    Represents a vulnerability assessment for the product.
    LanguageCode string
    Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
    LongDescription string
    A detailed description of this Vex.
    Product Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ProductResponse
    The product affected by this vex.
    Publisher Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.PublisherResponse
    Publisher details of this Note.
    ShortDescription string
    A one sentence description of this Vex.
    Title string
    The title of the note. E.g. Vex-Debian-11.4
    Assessment AssessmentResponse
    Represents a vulnerability assessment for the product.
    LanguageCode string
    Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
    LongDescription string
    A detailed description of this Vex.
    Product ProductResponse
    The product affected by this vex.
    Publisher PublisherResponse
    Publisher details of this Note.
    ShortDescription string
    A one sentence description of this Vex.
    Title string
    The title of the note. E.g. Vex-Debian-11.4
    assessment AssessmentResponse
    Represents a vulnerability assessment for the product.
    languageCode String
    Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
    longDescription String
    A detailed description of this Vex.
    product ProductResponse
    The product affected by this vex.
    publisher PublisherResponse
    Publisher details of this Note.
    shortDescription String
    A one sentence description of this Vex.
    title String
    The title of the note. E.g. Vex-Debian-11.4
    assessment AssessmentResponse
    Represents a vulnerability assessment for the product.
    languageCode string
    Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
    longDescription string
    A detailed description of this Vex.
    product ProductResponse
    The product affected by this vex.
    publisher PublisherResponse
    Publisher details of this Note.
    shortDescription string
    A one sentence description of this Vex.
    title string
    The title of the note. E.g. Vex-Debian-11.4
    assessment AssessmentResponse
    Represents a vulnerability assessment for the product.
    language_code str
    Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
    long_description str
    A detailed description of this Vex.
    product ProductResponse
    The product affected by this vex.
    publisher PublisherResponse
    Publisher details of this Note.
    short_description str
    A one sentence description of this Vex.
    title str
    The title of the note. E.g. Vex-Debian-11.4
    assessment Property Map
    Represents a vulnerability assessment for the product.
    languageCode String
    Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
    longDescription String
    A detailed description of this Vex.
    product Property Map
    The product affected by this vex.
    publisher Property Map
    Publisher details of this Note.
    shortDescription String
    A one sentence description of this Vex.
    title String
    The title of the note. E.g. Vex-Debian-11.4

    VulnerabilityLocationResponse

    CpeUri string
    The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
    Package string
    The package being described.
    Version Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse
    The version of the package being described.
    CpeUri string
    The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
    Package string
    The package being described.
    Version VersionResponse
    The version of the package being described.
    cpeUri String
    The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
    package_ String
    The package being described.
    version VersionResponse
    The version of the package being described.
    cpeUri string
    The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
    package string
    The package being described.
    version VersionResponse
    The version of the package being described.
    cpe_uri str
    The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
    package str
    The package being described.
    version VersionResponse
    The version of the package being described.
    cpeUri String
    The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
    package String
    The package being described.
    version Property Map
    The version of the package being described.

    VulnerabilityResponse

    CvssScore double
    The CVSS score for this vulnerability.
    CvssV2 Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.CVSSResponse
    The full description of the CVSS for version 2.
    CvssV3 Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.CVSSv3Response
    The full description of the CVSS for version 3.
    CvssVersion string
    CVSS version used to populate cvss_score and severity.
    Cwe List<string>
    A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
    Details List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DetailResponse>
    All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
    Severity string
    Note provider assigned impact of the vulnerability.
    SourceUpdateTime string
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    WindowsDetails List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.WindowsDetailResponse>
    Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.
    CvssScore float64
    The CVSS score for this vulnerability.
    CvssV2 CVSSResponse
    The full description of the CVSS for version 2.
    CvssV3 CVSSv3Response
    The full description of the CVSS for version 3.
    CvssVersion string
    CVSS version used to populate cvss_score and severity.
    Cwe []string
    A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
    Details []DetailResponse
    All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
    Severity string
    Note provider assigned impact of the vulnerability.
    SourceUpdateTime string
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    WindowsDetails []WindowsDetailResponse
    Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.
    cvssScore Double
    The CVSS score for this vulnerability.
    cvssV2 CVSSResponse
    The full description of the CVSS for version 2.
    cvssV3 CVSSv3Response
    The full description of the CVSS for version 3.
    cvssVersion String
    CVSS version used to populate cvss_score and severity.
    cwe List<String>
    A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
    details List<DetailResponse>
    All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
    severity String
    Note provider assigned impact of the vulnerability.
    sourceUpdateTime String
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    windowsDetails List<WindowsDetailResponse>
    Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.
    cvssScore number
    The CVSS score for this vulnerability.
    cvssV2 CVSSResponse
    The full description of the CVSS for version 2.
    cvssV3 CVSSv3Response
    The full description of the CVSS for version 3.
    cvssVersion string
    CVSS version used to populate cvss_score and severity.
    cwe string[]
    A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
    details DetailResponse[]
    All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
    severity string
    Note provider assigned impact of the vulnerability.
    sourceUpdateTime string
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    windowsDetails WindowsDetailResponse[]
    Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.
    cvss_score float
    The CVSS score for this vulnerability.
    cvss_v2 CVSSResponse
    The full description of the CVSS for version 2.
    cvss_v3 CVSSv3Response
    The full description of the CVSS for version 3.
    cvss_version str
    CVSS version used to populate cvss_score and severity.
    cwe Sequence[str]
    A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
    details Sequence[DetailResponse]
    All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
    severity str
    Note provider assigned impact of the vulnerability.
    source_update_time str
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    windows_details Sequence[WindowsDetailResponse]
    Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.
    cvssScore Number
    The CVSS score for this vulnerability.
    cvssV2 Property Map
    The full description of the CVSS for version 2.
    cvssV3 Property Map
    The full description of the CVSS for version 3.
    cvssVersion String
    CVSS version used to populate cvss_score and severity.
    cwe List<String>
    A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
    details List<Property Map>
    All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
    severity String
    Note provider assigned impact of the vulnerability.
    sourceUpdateTime String
    The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
    windowsDetails List<Property Map>
    Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

    WindowsDetailResponse

    CpeUri string
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    Description string
    The description of the vulnerability.
    FixingKbs List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.KnowledgeBaseResponse>
    The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
    Name string
    The name of the vulnerability.
    CpeUri string
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    Description string
    The description of the vulnerability.
    FixingKbs []KnowledgeBaseResponse
    The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
    Name string
    The name of the vulnerability.
    cpeUri String
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    description String
    The description of the vulnerability.
    fixingKbs List<KnowledgeBaseResponse>
    The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
    name String
    The name of the vulnerability.
    cpeUri string
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    description string
    The description of the vulnerability.
    fixingKbs KnowledgeBaseResponse[]
    The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
    name string
    The name of the vulnerability.
    cpe_uri str
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    description str
    The description of the vulnerability.
    fixing_kbs Sequence[KnowledgeBaseResponse]
    The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
    name str
    The name of the vulnerability.
    cpeUri String
    The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
    description String
    The description of the vulnerability.
    fixingKbs List<Property Map>
    The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
    name String
    The name of the vulnerability.

    Package Details

    Repository
    Google Cloud Native pulumi/pulumi-google-native
    License
    Apache-2.0
    google-native logo

    Google Cloud Native is in preview. Google Cloud Classic is fully supported.

    Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi