Google Native

v0.26.0 published on Friday, Sep 16, 2022 by Pulumi

Note

Creates a new note. Auto-naming is currently not supported for this resource.

Create a Note Resource

new Note(name: string, args: NoteArgs, opts?: CustomResourceOptions);
@overload
def Note(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         attestation_authority: Optional[AuthorityArgs] = None,
         base_image: Optional[BasisArgs] = None,
         build: Optional[BuildArgs] = None,
         deployable: Optional[DeployableArgs] = None,
         discovery: Optional[DiscoveryArgs] = None,
         expiration_time: Optional[str] = None,
         intoto: Optional[InTotoArgs] = None,
         long_description: Optional[str] = None,
         note_id: Optional[str] = None,
         package: Optional[PackageArgs] = None,
         project: Optional[str] = None,
         related_note_names: Optional[Sequence[str]] = None,
         related_url: Optional[Sequence[RelatedUrlArgs]] = None,
         sbom: Optional[DocumentNoteArgs] = None,
         short_description: Optional[str] = None,
         spdx_file: Optional[FileNoteArgs] = None,
         spdx_package: Optional[PackageInfoNoteArgs] = None,
         spdx_relationship: Optional[RelationshipNoteArgs] = None,
         vulnerability: Optional[VulnerabilityArgs] = None)
@overload
def Note(resource_name: str,
         args: NoteArgs,
         opts: Optional[ResourceOptions] = None)
func NewNote(ctx *Context, name string, args NoteArgs, opts ...ResourceOption) (*Note, error)
public Note(string name, NoteArgs args, CustomResourceOptions? opts = null)
public Note(String name, NoteArgs args)
public Note(String name, NoteArgs args, CustomResourceOptions options)
type: google-native:containeranalysis/v1beta1:Note
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args NoteArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args NoteArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args NoteArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args NoteArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args NoteArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Note Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Note resource accepts the following input properties:

NoteId string

Required. The ID to use for this note.

AttestationAuthority Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.AuthorityArgs

A note describing an attestation role.

BaseImage Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.BasisArgs

A note describing a base image.

Build Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.BuildArgs

A note describing build provenance for a verifiable build.

Deployable Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DeployableArgs

A note describing something that can be deployed.

Discovery Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DiscoveryArgs

A note describing the initial analysis of a resource.

ExpirationTime string

Time of expiration for this note. Empty if note does not expire.

Intoto Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.InTotoArgs

A note describing an in-toto link.

LongDescription string

A detailed description of this note.

Package Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.PackageArgs

A note describing a package hosted by various package managers.

Project string
RelatedNoteNames List<string>

Other notes related to this note.

RelatedUrl List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.RelatedUrlArgs>

URLs associated with this note.

Sbom Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DocumentNoteArgs

A note describing a software bill of materials.

ShortDescription string

A one sentence description of this note.

SpdxFile Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.FileNoteArgs

A note describing an SPDX File.

SpdxPackage Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.PackageInfoNoteArgs

A note describing an SPDX Package.

SpdxRelationship Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.RelationshipNoteArgs

A note describing an SPDX File.

Vulnerability Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VulnerabilityArgs

A note describing a package vulnerability.

NoteId string

Required. The ID to use for this note.

AttestationAuthority AuthorityArgs

A note describing an attestation role.

BaseImage BasisArgs

A note describing a base image.

Build BuildArgs

A note describing build provenance for a verifiable build.

Deployable DeployableArgs

A note describing something that can be deployed.

Discovery DiscoveryArgs

A note describing the initial analysis of a resource.

ExpirationTime string

Time of expiration for this note. Empty if note does not expire.

Intoto InTotoArgs

A note describing an in-toto link.

LongDescription string

A detailed description of this note.

Package PackageArgs

A note describing a package hosted by various package managers.

Project string
RelatedNoteNames []string

Other notes related to this note.

RelatedUrl []RelatedUrlArgs

URLs associated with this note.

Sbom DocumentNoteArgs

A note describing a software bill of materials.

ShortDescription string

A one sentence description of this note.

SpdxFile FileNoteArgs

A note describing an SPDX File.

SpdxPackage PackageInfoNoteArgs

A note describing an SPDX Package.

SpdxRelationship RelationshipNoteArgs

A note describing an SPDX File.

Vulnerability VulnerabilityArgs

A note describing a package vulnerability.

noteId String

Required. The ID to use for this note.

attestationAuthority AuthorityArgs

A note describing an attestation role.

baseImage BasisArgs

A note describing a base image.

build BuildArgs

A note describing build provenance for a verifiable build.

deployable DeployableArgs

A note describing something that can be deployed.

discovery DiscoveryArgs

A note describing the initial analysis of a resource.

expirationTime String

Time of expiration for this note. Empty if note does not expire.

intoto InTotoArgs

A note describing an in-toto link.

longDescription String

A detailed description of this note.

package_ PackageArgs

A note describing a package hosted by various package managers.

project String
relatedNoteNames List<String>

Other notes related to this note.

relatedUrl List<RelatedUrlArgs>

URLs associated with this note.

sbom DocumentNoteArgs

A note describing a software bill of materials.

shortDescription String

A one sentence description of this note.

spdxFile FileNoteArgs

A note describing an SPDX File.

spdxPackage PackageInfoNoteArgs

A note describing an SPDX Package.

spdxRelationship RelationshipNoteArgs

A note describing an SPDX File.

vulnerability VulnerabilityArgs

A note describing a package vulnerability.

noteId string

Required. The ID to use for this note.

attestationAuthority AuthorityArgs

A note describing an attestation role.

baseImage BasisArgs

A note describing a base image.

build BuildArgs

A note describing build provenance for a verifiable build.

deployable DeployableArgs

A note describing something that can be deployed.

discovery DiscoveryArgs

A note describing the initial analysis of a resource.

expirationTime string

Time of expiration for this note. Empty if note does not expire.

intoto InTotoArgs

A note describing an in-toto link.

longDescription string

A detailed description of this note.

package PackageArgs

A note describing a package hosted by various package managers.

project string
relatedNoteNames string[]

Other notes related to this note.

relatedUrl RelatedUrlArgs[]

URLs associated with this note.

sbom DocumentNoteArgs

A note describing a software bill of materials.

shortDescription string

A one sentence description of this note.

spdxFile FileNoteArgs

A note describing an SPDX File.

spdxPackage PackageInfoNoteArgs

A note describing an SPDX Package.

spdxRelationship RelationshipNoteArgs

A note describing an SPDX File.

vulnerability VulnerabilityArgs

A note describing a package vulnerability.

note_id str

Required. The ID to use for this note.

attestation_authority AuthorityArgs

A note describing an attestation role.

base_image BasisArgs

A note describing a base image.

build BuildArgs

A note describing build provenance for a verifiable build.

deployable DeployableArgs

A note describing something that can be deployed.

discovery DiscoveryArgs

A note describing the initial analysis of a resource.

expiration_time str

Time of expiration for this note. Empty if note does not expire.

intoto InTotoArgs

A note describing an in-toto link.

long_description str

A detailed description of this note.

package PackageArgs

A note describing a package hosted by various package managers.

project str
related_note_names Sequence[str]

Other notes related to this note.

related_url Sequence[RelatedUrlArgs]

URLs associated with this note.

sbom DocumentNoteArgs

A note describing a software bill of materials.

short_description str

A one sentence description of this note.

spdx_file FileNoteArgs

A note describing an SPDX File.

spdx_package PackageInfoNoteArgs

A note describing an SPDX Package.

spdx_relationship RelationshipNoteArgs

A note describing an SPDX File.

vulnerability VulnerabilityArgs

A note describing a package vulnerability.

noteId String

Required. The ID to use for this note.

attestationAuthority Property Map

A note describing an attestation role.

baseImage Property Map

A note describing a base image.

build Property Map

A note describing build provenance for a verifiable build.

deployable Property Map

A note describing something that can be deployed.

discovery Property Map

A note describing the initial analysis of a resource.

expirationTime String

Time of expiration for this note. Empty if note does not expire.

intoto Property Map

A note describing an in-toto link.

longDescription String

A detailed description of this note.

package Property Map

A note describing a package hosted by various package managers.

project String
relatedNoteNames List<String>

Other notes related to this note.

relatedUrl List<Property Map>

URLs associated with this note.

sbom Property Map

A note describing a software bill of materials.

shortDescription String

A one sentence description of this note.

spdxFile Property Map

A note describing an SPDX File.

spdxPackage Property Map

A note describing an SPDX Package.

spdxRelationship Property Map

A note describing an SPDX File.

vulnerability Property Map

A note describing a package vulnerability.

Outputs

All input properties are implicitly available as output properties. Additionally, the Note resource produces the following output properties:

CreateTime string

The time this note was created. This field can be used as a filter in list requests.

Id string

The provider-assigned unique ID for this managed resource.

Kind string

The type of analysis. This field can be used as a filter in list requests.

Name string

The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].

UpdateTime string

The time this note was last updated. This field can be used as a filter in list requests.

CreateTime string

The time this note was created. This field can be used as a filter in list requests.

Id string

The provider-assigned unique ID for this managed resource.

Kind string

The type of analysis. This field can be used as a filter in list requests.

Name string

The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].

UpdateTime string

The time this note was last updated. This field can be used as a filter in list requests.

createTime String

The time this note was created. This field can be used as a filter in list requests.

id String

The provider-assigned unique ID for this managed resource.

kind String

The type of analysis. This field can be used as a filter in list requests.

name String

The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].

updateTime String

The time this note was last updated. This field can be used as a filter in list requests.

createTime string

The time this note was created. This field can be used as a filter in list requests.

id string

The provider-assigned unique ID for this managed resource.

kind string

The type of analysis. This field can be used as a filter in list requests.

name string

The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].

updateTime string

The time this note was last updated. This field can be used as a filter in list requests.

create_time str

The time this note was created. This field can be used as a filter in list requests.

id str

The provider-assigned unique ID for this managed resource.

kind str

The type of analysis. This field can be used as a filter in list requests.

name str

The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].

update_time str

The time this note was last updated. This field can be used as a filter in list requests.

createTime String

The time this note was created. This field can be used as a filter in list requests.

id String

The provider-assigned unique ID for this managed resource.

kind String

The type of analysis. This field can be used as a filter in list requests.

name String

The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].

updateTime String

The time this note was last updated. This field can be used as a filter in list requests.

Supporting Types

ArtifactRule

ArtifactRule List<string>
ArtifactRule []string
artifactRule List<String>
artifactRule string[]
artifact_rule Sequence[str]
artifactRule List<String>

ArtifactRuleResponse

ArtifactRule List<string>
ArtifactRule []string
artifactRule List<String>
artifactRule string[]
artifact_rule Sequence[str]
artifactRule List<String>

Authority

Hint Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.Hint

Hint hints at the purpose of the attestation authority.

Hint Hint

Hint hints at the purpose of the attestation authority.

hint Hint

Hint hints at the purpose of the attestation authority.

hint Hint

Hint hints at the purpose of the attestation authority.

hint Hint

Hint hints at the purpose of the attestation authority.

hint Property Map

Hint hints at the purpose of the attestation authority.

AuthorityResponse

Hint Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.HintResponse

Hint hints at the purpose of the attestation authority.

Hint HintResponse

Hint hints at the purpose of the attestation authority.

hint HintResponse

Hint hints at the purpose of the attestation authority.

hint HintResponse

Hint hints at the purpose of the attestation authority.

hint HintResponse

Hint hints at the purpose of the attestation authority.

hint Property Map

Hint hints at the purpose of the attestation authority.

Basis

Fingerprint Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.Fingerprint

Immutable. The fingerprint of the base image.

ResourceUrl string

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

Fingerprint Fingerprint

Immutable. The fingerprint of the base image.

ResourceUrl string

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint Fingerprint

Immutable. The fingerprint of the base image.

resourceUrl String

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint Fingerprint

Immutable. The fingerprint of the base image.

resourceUrl string

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint Fingerprint

Immutable. The fingerprint of the base image.

resource_url str

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint Property Map

Immutable. The fingerprint of the base image.

resourceUrl String

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

BasisResponse

Fingerprint Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.FingerprintResponse

Immutable. The fingerprint of the base image.

ResourceUrl string

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

Fingerprint FingerprintResponse

Immutable. The fingerprint of the base image.

ResourceUrl string

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint FingerprintResponse

Immutable. The fingerprint of the base image.

resourceUrl String

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint FingerprintResponse

Immutable. The fingerprint of the base image.

resourceUrl string

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint FingerprintResponse

Immutable. The fingerprint of the base image.

resource_url str

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint Property Map

Immutable. The fingerprint of the base image.

resourceUrl String

Immutable. The resource_url for the resource representing the basis of associated occurrence images.

Build

BuilderVersion string

Immutable. Version of the builder which produced this build.

Signature Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.BuildSignature

Signature of the build in occurrences pointing to this build note containing build details.

BuilderVersion string

Immutable. Version of the builder which produced this build.

Signature BuildSignature

Signature of the build in occurrences pointing to this build note containing build details.

builderVersion String

Immutable. Version of the builder which produced this build.

signature BuildSignature

Signature of the build in occurrences pointing to this build note containing build details.

builderVersion string

Immutable. Version of the builder which produced this build.

signature BuildSignature

Signature of the build in occurrences pointing to this build note containing build details.

builder_version str

Immutable. Version of the builder which produced this build.

signature BuildSignature

Signature of the build in occurrences pointing to this build note containing build details.

builderVersion String

Immutable. Version of the builder which produced this build.

signature Property Map

Signature of the build in occurrences pointing to this build note containing build details.

BuildResponse

BuilderVersion string

Immutable. Version of the builder which produced this build.

Signature Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.BuildSignatureResponse

Signature of the build in occurrences pointing to this build note containing build details.

BuilderVersion string

Immutable. Version of the builder which produced this build.

Signature BuildSignatureResponse

Signature of the build in occurrences pointing to this build note containing build details.

builderVersion String

Immutable. Version of the builder which produced this build.

signature BuildSignatureResponse

Signature of the build in occurrences pointing to this build note containing build details.

builderVersion string

Immutable. Version of the builder which produced this build.

signature BuildSignatureResponse

Signature of the build in occurrences pointing to this build note containing build details.

builder_version str

Immutable. Version of the builder which produced this build.

signature BuildSignatureResponse

Signature of the build in occurrences pointing to this build note containing build details.

builderVersion String

Immutable. Version of the builder which produced this build.

signature Property Map

Signature of the build in occurrences pointing to this build note containing build details.

BuildSignature

Signature string

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

KeyId string

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

KeyType Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.BuildSignatureKeyType

The type of the key, either stored in public_key or referenced in key_id.

PublicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

Signature string

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

KeyId string

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

KeyType BuildSignatureKeyType

The type of the key, either stored in public_key or referenced in key_id.

PublicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature String

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

keyId String

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType BuildSignatureKeyType

The type of the key, either stored in public_key or referenced in key_id.

publicKey String

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature string

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

keyId string

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType BuildSignatureKeyType

The type of the key, either stored in public_key or referenced in key_id.

publicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature str

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

key_id str

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

key_type BuildSignatureKeyType

The type of the key, either stored in public_key or referenced in key_id.

public_key str

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature String

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

keyId String

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType "KEY_TYPE_UNSPECIFIED" | "PGP_ASCII_ARMORED" | "PKIX_PEM"

The type of the key, either stored in public_key or referenced in key_id.

publicKey String

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

BuildSignatureKeyType

KeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

KeyType is not set.

PgpAsciiArmored
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

PkixPem
PKIX_PEM

PKIX PEM public key.

BuildSignatureKeyTypeKeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

KeyType is not set.

BuildSignatureKeyTypePgpAsciiArmored
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

BuildSignatureKeyTypePkixPem
PKIX_PEM

PKIX PEM public key.

KeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

KeyType is not set.

PgpAsciiArmored
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

PkixPem
PKIX_PEM

PKIX PEM public key.

KeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

KeyType is not set.

PgpAsciiArmored
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

PkixPem
PKIX_PEM

PKIX PEM public key.

KEY_TYPE_UNSPECIFIED
KEY_TYPE_UNSPECIFIED

KeyType is not set.

PGP_ASCII_ARMORED
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

PKIX_PEM
PKIX_PEM

PKIX PEM public key.

"KEY_TYPE_UNSPECIFIED"
KEY_TYPE_UNSPECIFIED

KeyType is not set.

"PGP_ASCII_ARMORED"
PGP_ASCII_ARMORED

PGP ASCII Armored public key.

"PKIX_PEM"
PKIX_PEM

PKIX PEM public key.

BuildSignatureResponse

KeyId string

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

KeyType string

The type of the key, either stored in public_key or referenced in key_id.

PublicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

Signature string

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

KeyId string

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

KeyType string

The type of the key, either stored in public_key or referenced in key_id.

PublicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

Signature string

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

keyId String

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType String

The type of the key, either stored in public_key or referenced in key_id.

publicKey String

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature String

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

keyId string

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType string

The type of the key, either stored in public_key or referenced in key_id.

publicKey string

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature string

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

key_id str

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

key_type str

The type of the key, either stored in public_key or referenced in key_id.

public_key str

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature str

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

keyId String

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

keyType String

The type of the key, either stored in public_key or referenced in key_id.

publicKey String

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

signature String

Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

CVSS

AttackComplexity Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSAttackComplexity

Defined in CVSS v3, CVSS v2

AttackVector Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSAttackVector

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

Authentication Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSAuthentication

Defined in CVSS v2

AvailabilityImpact Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSAvailabilityImpact

Defined in CVSS v3, CVSS v2

BaseScore double

The base score is a function of the base metric scores.

ConfidentialityImpact Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSConfidentialityImpact

Defined in CVSS v3, CVSS v2

ExploitabilityScore double
ImpactScore double
IntegrityImpact Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSIntegrityImpact

Defined in CVSS v3, CVSS v2

PrivilegesRequired Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSPrivilegesRequired

Defined in CVSS v3

Scope Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSScope

Defined in CVSS v3

UserInteraction Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSUserInteraction

Defined in CVSS v3

AttackComplexity CVSSAttackComplexity

Defined in CVSS v3, CVSS v2

AttackVector CVSSAttackVector

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

Authentication CVSSAuthentication

Defined in CVSS v2

AvailabilityImpact CVSSAvailabilityImpact

Defined in CVSS v3, CVSS v2

BaseScore float64

The base score is a function of the base metric scores.

ConfidentialityImpact CVSSConfidentialityImpact

Defined in CVSS v3, CVSS v2

ExploitabilityScore float64
ImpactScore float64
IntegrityImpact CVSSIntegrityImpact

Defined in CVSS v3, CVSS v2

PrivilegesRequired CVSSPrivilegesRequired

Defined in CVSS v3

Scope CVSSScope

Defined in CVSS v3

UserInteraction CVSSUserInteraction

Defined in CVSS v3

attackComplexity CVSSAttackComplexity

Defined in CVSS v3, CVSS v2

attackVector CVSSAttackVector

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication CVSSAuthentication

Defined in CVSS v2

availabilityImpact CVSSAvailabilityImpact

Defined in CVSS v3, CVSS v2

baseScore Double

The base score is a function of the base metric scores.

confidentialityImpact CVSSConfidentialityImpact

Defined in CVSS v3, CVSS v2

exploitabilityScore Double
impactScore Double
integrityImpact CVSSIntegrityImpact

Defined in CVSS v3, CVSS v2

privilegesRequired CVSSPrivilegesRequired

Defined in CVSS v3

scope CVSSScope

Defined in CVSS v3

userInteraction CVSSUserInteraction

Defined in CVSS v3

attackComplexity CVSSAttackComplexity

Defined in CVSS v3, CVSS v2

attackVector CVSSAttackVector

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication CVSSAuthentication

Defined in CVSS v2

availabilityImpact CVSSAvailabilityImpact

Defined in CVSS v3, CVSS v2

baseScore number

The base score is a function of the base metric scores.

confidentialityImpact CVSSConfidentialityImpact

Defined in CVSS v3, CVSS v2

exploitabilityScore number
impactScore number
integrityImpact CVSSIntegrityImpact

Defined in CVSS v3, CVSS v2

privilegesRequired CVSSPrivilegesRequired

Defined in CVSS v3

scope CVSSScope

Defined in CVSS v3

userInteraction CVSSUserInteraction

Defined in CVSS v3

attack_complexity CVSSAttackComplexity

Defined in CVSS v3, CVSS v2

attack_vector CVSSAttackVector

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication CVSSAuthentication

Defined in CVSS v2

availability_impact CVSSAvailabilityImpact

Defined in CVSS v3, CVSS v2

base_score float

The base score is a function of the base metric scores.

confidentiality_impact CVSSConfidentialityImpact

Defined in CVSS v3, CVSS v2

exploitability_score float
impact_score float
integrity_impact CVSSIntegrityImpact

Defined in CVSS v3, CVSS v2

privileges_required CVSSPrivilegesRequired

Defined in CVSS v3

scope CVSSScope

Defined in CVSS v3

user_interaction CVSSUserInteraction

Defined in CVSS v3

attackComplexity "ATTACK_COMPLEXITY_UNSPECIFIED" | "ATTACK_COMPLEXITY_LOW" | "ATTACK_COMPLEXITY_HIGH" | "ATTACK_COMPLEXITY_MEDIUM"

Defined in CVSS v3, CVSS v2

attackVector "ATTACK_VECTOR_UNSPECIFIED" | "ATTACK_VECTOR_NETWORK" | "ATTACK_VECTOR_ADJACENT" | "ATTACK_VECTOR_LOCAL" | "ATTACK_VECTOR_PHYSICAL"

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication "AUTHENTICATION_UNSPECIFIED" | "AUTHENTICATION_MULTIPLE" | "AUTHENTICATION_SINGLE" | "AUTHENTICATION_NONE"

Defined in CVSS v2

availabilityImpact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE"

Defined in CVSS v3, CVSS v2

baseScore Number

The base score is a function of the base metric scores.

confidentialityImpact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE"

Defined in CVSS v3, CVSS v2

exploitabilityScore Number
impactScore Number
integrityImpact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE"

Defined in CVSS v3, CVSS v2

privilegesRequired "PRIVILEGES_REQUIRED_UNSPECIFIED" | "PRIVILEGES_REQUIRED_NONE" | "PRIVILEGES_REQUIRED_LOW" | "PRIVILEGES_REQUIRED_HIGH"

Defined in CVSS v3

scope "SCOPE_UNSPECIFIED" | "SCOPE_UNCHANGED" | "SCOPE_CHANGED"

Defined in CVSS v3

userInteraction "USER_INTERACTION_UNSPECIFIED" | "USER_INTERACTION_NONE" | "USER_INTERACTION_REQUIRED"

Defined in CVSS v3

CVSSAttackComplexity

AttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackComplexityLow
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

AttackComplexityHigh
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

AttackComplexityMedium
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

CVSSAttackComplexityAttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

CVSSAttackComplexityAttackComplexityLow
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

CVSSAttackComplexityAttackComplexityHigh
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

CVSSAttackComplexityAttackComplexityMedium
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

AttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackComplexityLow
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

AttackComplexityHigh
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

AttackComplexityMedium
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

AttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackComplexityLow
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

AttackComplexityHigh
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

AttackComplexityMedium
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

ATTACK_COMPLEXITY_UNSPECIFIED
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ATTACK_COMPLEXITY_LOW
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

ATTACK_COMPLEXITY_HIGH
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

ATTACK_COMPLEXITY_MEDIUM
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

"ATTACK_COMPLEXITY_UNSPECIFIED"
ATTACK_COMPLEXITY_UNSPECIFIED

Defined in CVSS v3, CVSS v2

"ATTACK_COMPLEXITY_LOW"
ATTACK_COMPLEXITY_LOW

Defined in CVSS v3, CVSS v2

"ATTACK_COMPLEXITY_HIGH"
ATTACK_COMPLEXITY_HIGH

Defined in CVSS v3, CVSS v2

"ATTACK_COMPLEXITY_MEDIUM"
ATTACK_COMPLEXITY_MEDIUM

Defined in CVSS v2

CVSSAttackVector

AttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackVectorNetwork
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

AttackVectorAdjacent
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

AttackVectorLocal
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

AttackVectorPhysical
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

CVSSAttackVectorAttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

CVSSAttackVectorAttackVectorNetwork
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

CVSSAttackVectorAttackVectorAdjacent
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

CVSSAttackVectorAttackVectorLocal
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

CVSSAttackVectorAttackVectorPhysical
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

AttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackVectorNetwork
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

AttackVectorAdjacent
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

AttackVectorLocal
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

AttackVectorPhysical
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

AttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

AttackVectorNetwork
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

AttackVectorAdjacent
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

AttackVectorLocal
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

AttackVectorPhysical
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

ATTACK_VECTOR_UNSPECIFIED
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ATTACK_VECTOR_NETWORK
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

ATTACK_VECTOR_ADJACENT
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

ATTACK_VECTOR_LOCAL
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

ATTACK_VECTOR_PHYSICAL
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

"ATTACK_VECTOR_UNSPECIFIED"
ATTACK_VECTOR_UNSPECIFIED

Defined in CVSS v3, CVSS v2

"ATTACK_VECTOR_NETWORK"
ATTACK_VECTOR_NETWORK

Defined in CVSS v3, CVSS v2

"ATTACK_VECTOR_ADJACENT"
ATTACK_VECTOR_ADJACENT

Defined in CVSS v3, CVSS v2

"ATTACK_VECTOR_LOCAL"
ATTACK_VECTOR_LOCAL

Defined in CVSS v3, CVSS v2

"ATTACK_VECTOR_PHYSICAL"
ATTACK_VECTOR_PHYSICAL

Defined in CVSS v3

CVSSAuthentication

AuthenticationUnspecified
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

AuthenticationMultiple
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

AuthenticationSingle
AUTHENTICATION_SINGLE

Defined in CVSS v2

AuthenticationNone
AUTHENTICATION_NONE

Defined in CVSS v2

CVSSAuthenticationAuthenticationUnspecified
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

CVSSAuthenticationAuthenticationMultiple
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

CVSSAuthenticationAuthenticationSingle
AUTHENTICATION_SINGLE

Defined in CVSS v2

CVSSAuthenticationAuthenticationNone
AUTHENTICATION_NONE

Defined in CVSS v2

AuthenticationUnspecified
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

AuthenticationMultiple
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

AuthenticationSingle
AUTHENTICATION_SINGLE

Defined in CVSS v2

AuthenticationNone
AUTHENTICATION_NONE

Defined in CVSS v2

AuthenticationUnspecified
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

AuthenticationMultiple
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

AuthenticationSingle
AUTHENTICATION_SINGLE

Defined in CVSS v2

AuthenticationNone
AUTHENTICATION_NONE

Defined in CVSS v2

AUTHENTICATION_UNSPECIFIED
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

AUTHENTICATION_MULTIPLE
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

AUTHENTICATION_SINGLE
AUTHENTICATION_SINGLE

Defined in CVSS v2

AUTHENTICATION_NONE
AUTHENTICATION_NONE

Defined in CVSS v2

"AUTHENTICATION_UNSPECIFIED"
AUTHENTICATION_UNSPECIFIED

Defined in CVSS v2

"AUTHENTICATION_MULTIPLE"
AUTHENTICATION_MULTIPLE

Defined in CVSS v2

"AUTHENTICATION_SINGLE"
AUTHENTICATION_SINGLE

Defined in CVSS v2

"AUTHENTICATION_NONE"
AUTHENTICATION_NONE

Defined in CVSS v2

CVSSAvailabilityImpact

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

CVSSAvailabilityImpactImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

CVSSAvailabilityImpactImpactHigh
IMPACT_HIGH

Defined in CVSS v3

CVSSAvailabilityImpactImpactLow
IMPACT_LOW

Defined in CVSS v3

CVSSAvailabilityImpactImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

CVSSAvailabilityImpactImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

CVSSAvailabilityImpactImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

IMPACT_UNSPECIFIED
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

IMPACT_HIGH
IMPACT_HIGH

Defined in CVSS v3

IMPACT_LOW
IMPACT_LOW

Defined in CVSS v3

IMPACT_NONE
IMPACT_NONE

Defined in CVSS v3, CVSS v2

IMPACT_PARTIAL
IMPACT_PARTIAL

Defined in CVSS v2

IMPACT_COMPLETE
IMPACT_COMPLETE

Defined in CVSS v2

"IMPACT_UNSPECIFIED"
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

"IMPACT_HIGH"
IMPACT_HIGH

Defined in CVSS v3

"IMPACT_LOW"
IMPACT_LOW

Defined in CVSS v3

"IMPACT_NONE"
IMPACT_NONE

Defined in CVSS v3, CVSS v2

"IMPACT_PARTIAL"
IMPACT_PARTIAL

Defined in CVSS v2

"IMPACT_COMPLETE"
IMPACT_COMPLETE

Defined in CVSS v2

CVSSConfidentialityImpact

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

CVSSConfidentialityImpactImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

CVSSConfidentialityImpactImpactHigh
IMPACT_HIGH

Defined in CVSS v3

CVSSConfidentialityImpactImpactLow
IMPACT_LOW

Defined in CVSS v3

CVSSConfidentialityImpactImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

CVSSConfidentialityImpactImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

CVSSConfidentialityImpactImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

IMPACT_UNSPECIFIED
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

IMPACT_HIGH
IMPACT_HIGH

Defined in CVSS v3

IMPACT_LOW
IMPACT_LOW

Defined in CVSS v3

IMPACT_NONE
IMPACT_NONE

Defined in CVSS v3, CVSS v2

IMPACT_PARTIAL
IMPACT_PARTIAL

Defined in CVSS v2

IMPACT_COMPLETE
IMPACT_COMPLETE

Defined in CVSS v2

"IMPACT_UNSPECIFIED"
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

"IMPACT_HIGH"
IMPACT_HIGH

Defined in CVSS v3

"IMPACT_LOW"
IMPACT_LOW

Defined in CVSS v3

"IMPACT_NONE"
IMPACT_NONE

Defined in CVSS v3, CVSS v2

"IMPACT_PARTIAL"
IMPACT_PARTIAL

Defined in CVSS v2

"IMPACT_COMPLETE"
IMPACT_COMPLETE

Defined in CVSS v2

CVSSIntegrityImpact

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

CVSSIntegrityImpactImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

CVSSIntegrityImpactImpactHigh
IMPACT_HIGH

Defined in CVSS v3

CVSSIntegrityImpactImpactLow
IMPACT_LOW

Defined in CVSS v3

CVSSIntegrityImpactImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

CVSSIntegrityImpactImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

CVSSIntegrityImpactImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

ImpactUnspecified
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

ImpactHigh
IMPACT_HIGH

Defined in CVSS v3

ImpactLow
IMPACT_LOW

Defined in CVSS v3

ImpactNone
IMPACT_NONE

Defined in CVSS v3, CVSS v2

ImpactPartial
IMPACT_PARTIAL

Defined in CVSS v2

ImpactComplete
IMPACT_COMPLETE

Defined in CVSS v2

IMPACT_UNSPECIFIED
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

IMPACT_HIGH
IMPACT_HIGH

Defined in CVSS v3

IMPACT_LOW
IMPACT_LOW

Defined in CVSS v3

IMPACT_NONE
IMPACT_NONE

Defined in CVSS v3, CVSS v2

IMPACT_PARTIAL
IMPACT_PARTIAL

Defined in CVSS v2

IMPACT_COMPLETE
IMPACT_COMPLETE

Defined in CVSS v2

"IMPACT_UNSPECIFIED"
IMPACT_UNSPECIFIED

Defined in CVSS v3, CVSS v2

"IMPACT_HIGH"
IMPACT_HIGH

Defined in CVSS v3

"IMPACT_LOW"
IMPACT_LOW

Defined in CVSS v3

"IMPACT_NONE"
IMPACT_NONE

Defined in CVSS v3, CVSS v2

"IMPACT_PARTIAL"
IMPACT_PARTIAL

Defined in CVSS v2

"IMPACT_COMPLETE"
IMPACT_COMPLETE

Defined in CVSS v2

CVSSPrivilegesRequired

PrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

PrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

PrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

PrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

CVSSPrivilegesRequiredPrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

CVSSPrivilegesRequiredPrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

CVSSPrivilegesRequiredPrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

CVSSPrivilegesRequiredPrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

PrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

PrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

PrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

PrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

PrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

PrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

PrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

PrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

PRIVILEGES_REQUIRED_UNSPECIFIED
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

PRIVILEGES_REQUIRED_NONE
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

PRIVILEGES_REQUIRED_LOW
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

PRIVILEGES_REQUIRED_HIGH
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

"PRIVILEGES_REQUIRED_UNSPECIFIED"
PRIVILEGES_REQUIRED_UNSPECIFIED

Defined in CVSS v3

"PRIVILEGES_REQUIRED_NONE"
PRIVILEGES_REQUIRED_NONE

Defined in CVSS v3

"PRIVILEGES_REQUIRED_LOW"
PRIVILEGES_REQUIRED_LOW

Defined in CVSS v3

"PRIVILEGES_REQUIRED_HIGH"
PRIVILEGES_REQUIRED_HIGH

Defined in CVSS v3

CVSSResponse

AttackComplexity string

Defined in CVSS v3, CVSS v2

AttackVector string

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

Authentication string

Defined in CVSS v2

AvailabilityImpact string

Defined in CVSS v3, CVSS v2

BaseScore double

The base score is a function of the base metric scores.

ConfidentialityImpact string

Defined in CVSS v3, CVSS v2

ExploitabilityScore double
ImpactScore double
IntegrityImpact string

Defined in CVSS v3, CVSS v2

PrivilegesRequired string

Defined in CVSS v3

Scope string

Defined in CVSS v3

UserInteraction string

Defined in CVSS v3

AttackComplexity string

Defined in CVSS v3, CVSS v2

AttackVector string

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

Authentication string

Defined in CVSS v2

AvailabilityImpact string

Defined in CVSS v3, CVSS v2

BaseScore float64

The base score is a function of the base metric scores.

ConfidentialityImpact string

Defined in CVSS v3, CVSS v2

ExploitabilityScore float64
ImpactScore float64
IntegrityImpact string

Defined in CVSS v3, CVSS v2

PrivilegesRequired string

Defined in CVSS v3

Scope string

Defined in CVSS v3

UserInteraction string

Defined in CVSS v3

attackComplexity String

Defined in CVSS v3, CVSS v2

attackVector String

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication String

Defined in CVSS v2

availabilityImpact String

Defined in CVSS v3, CVSS v2

baseScore Double

The base score is a function of the base metric scores.

confidentialityImpact String

Defined in CVSS v3, CVSS v2

exploitabilityScore Double
impactScore Double
integrityImpact String

Defined in CVSS v3, CVSS v2

privilegesRequired String

Defined in CVSS v3

scope String

Defined in CVSS v3

userInteraction String

Defined in CVSS v3

attackComplexity string

Defined in CVSS v3, CVSS v2

attackVector string

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication string

Defined in CVSS v2

availabilityImpact string

Defined in CVSS v3, CVSS v2

baseScore number

The base score is a function of the base metric scores.

confidentialityImpact string

Defined in CVSS v3, CVSS v2

exploitabilityScore number
impactScore number
integrityImpact string

Defined in CVSS v3, CVSS v2

privilegesRequired string

Defined in CVSS v3

scope string

Defined in CVSS v3

userInteraction string

Defined in CVSS v3

attack_complexity str

Defined in CVSS v3, CVSS v2

attack_vector str

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication str

Defined in CVSS v2

availability_impact str

Defined in CVSS v3, CVSS v2

base_score float

The base score is a function of the base metric scores.

confidentiality_impact str

Defined in CVSS v3, CVSS v2

exploitability_score float
impact_score float
integrity_impact str

Defined in CVSS v3, CVSS v2

privileges_required str

Defined in CVSS v3

scope str

Defined in CVSS v3

user_interaction str

Defined in CVSS v3

attackComplexity String

Defined in CVSS v3, CVSS v2

attackVector String

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2

authentication String

Defined in CVSS v2

availabilityImpact String

Defined in CVSS v3, CVSS v2

baseScore Number

The base score is a function of the base metric scores.

confidentialityImpact String

Defined in CVSS v3, CVSS v2

exploitabilityScore Number
impactScore Number
integrityImpact String

Defined in CVSS v3, CVSS v2

privilegesRequired String

Defined in CVSS v3

scope String

Defined in CVSS v3

userInteraction String

Defined in CVSS v3

CVSSScope

ScopeUnspecified
SCOPE_UNSPECIFIED

Defined in CVSS v3

ScopeUnchanged
SCOPE_UNCHANGED

Defined in CVSS v3

ScopeChanged
SCOPE_CHANGED

Defined in CVSS v3

CVSSScopeScopeUnspecified
SCOPE_UNSPECIFIED

Defined in CVSS v3

CVSSScopeScopeUnchanged
SCOPE_UNCHANGED

Defined in CVSS v3

CVSSScopeScopeChanged
SCOPE_CHANGED

Defined in CVSS v3

ScopeUnspecified
SCOPE_UNSPECIFIED

Defined in CVSS v3

ScopeUnchanged
SCOPE_UNCHANGED

Defined in CVSS v3

ScopeChanged
SCOPE_CHANGED

Defined in CVSS v3

ScopeUnspecified
SCOPE_UNSPECIFIED

Defined in CVSS v3

ScopeUnchanged
SCOPE_UNCHANGED

Defined in CVSS v3

ScopeChanged
SCOPE_CHANGED

Defined in CVSS v3

SCOPE_UNSPECIFIED
SCOPE_UNSPECIFIED

Defined in CVSS v3

SCOPE_UNCHANGED
SCOPE_UNCHANGED

Defined in CVSS v3

SCOPE_CHANGED
SCOPE_CHANGED

Defined in CVSS v3

"SCOPE_UNSPECIFIED"
SCOPE_UNSPECIFIED

Defined in CVSS v3

"SCOPE_UNCHANGED"
SCOPE_UNCHANGED

Defined in CVSS v3

"SCOPE_CHANGED"
SCOPE_CHANGED

Defined in CVSS v3

CVSSUserInteraction

UserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

UserInteractionNone
USER_INTERACTION_NONE

Defined in CVSS v3

UserInteractionRequired
USER_INTERACTION_REQUIRED

Defined in CVSS v3

CVSSUserInteractionUserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

CVSSUserInteractionUserInteractionNone
USER_INTERACTION_NONE

Defined in CVSS v3

CVSSUserInteractionUserInteractionRequired
USER_INTERACTION_REQUIRED

Defined in CVSS v3

UserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

UserInteractionNone
USER_INTERACTION_NONE

Defined in CVSS v3

UserInteractionRequired
USER_INTERACTION_REQUIRED

Defined in CVSS v3

UserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

UserInteractionNone
USER_INTERACTION_NONE

Defined in CVSS v3

UserInteractionRequired
USER_INTERACTION_REQUIRED

Defined in CVSS v3

USER_INTERACTION_UNSPECIFIED
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

USER_INTERACTION_NONE
USER_INTERACTION_NONE

Defined in CVSS v3

USER_INTERACTION_REQUIRED
USER_INTERACTION_REQUIRED

Defined in CVSS v3

"USER_INTERACTION_UNSPECIFIED"
USER_INTERACTION_UNSPECIFIED

Defined in CVSS v3

"USER_INTERACTION_NONE"
USER_INTERACTION_NONE

Defined in CVSS v3

"USER_INTERACTION_REQUIRED"
USER_INTERACTION_REQUIRED

Defined in CVSS v3

CVSSv3

AttackComplexity Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSv3AttackComplexity
AttackVector Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSv3AttackVector

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.

AvailabilityImpact Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSv3AvailabilityImpact
BaseScore double

The base score is a function of the base metric scores.

ConfidentialityImpact Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSv3ConfidentialityImpact
ExploitabilityScore double
ImpactScore double
IntegrityImpact Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSv3IntegrityImpact
PrivilegesRequired Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSv3PrivilegesRequired
Scope Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSv3Scope
UserInteraction Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.CVSSv3UserInteraction
attackComplexity "ATTACK_COMPLEXITY_UNSPECIFIED" | "ATTACK_COMPLEXITY_LOW" | "ATTACK_COMPLEXITY_HIGH"
attackVector "ATTACK_VECTOR_UNSPECIFIED" | "ATTACK_VECTOR_NETWORK" | "ATTACK_VECTOR_ADJACENT" | "ATTACK_VECTOR_LOCAL" | "ATTACK_VECTOR_PHYSICAL"

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.

availabilityImpact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE"
baseScore Number

The base score is a function of the base metric scores.

confidentialityImpact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE"
exploitabilityScore Number
impactScore Number
integrityImpact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE"
privilegesRequired "PRIVILEGES_REQUIRED_UNSPECIFIED" | "PRIVILEGES_REQUIRED_NONE" | "PRIVILEGES_REQUIRED_LOW" | "PRIVILEGES_REQUIRED_HIGH"
scope "SCOPE_UNSPECIFIED" | "SCOPE_UNCHANGED" | "SCOPE_CHANGED"
userInteraction "USER_INTERACTION_UNSPECIFIED" | "USER_INTERACTION_NONE" | "USER_INTERACTION_REQUIRED"

CVSSv3AttackComplexity

AttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED
AttackComplexityLow
ATTACK_COMPLEXITY_LOW
AttackComplexityHigh
ATTACK_COMPLEXITY_HIGH
CVSSv3AttackComplexityAttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED
CVSSv3AttackComplexityAttackComplexityLow
ATTACK_COMPLEXITY_LOW
CVSSv3AttackComplexityAttackComplexityHigh
ATTACK_COMPLEXITY_HIGH
AttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED
AttackComplexityLow
ATTACK_COMPLEXITY_LOW
AttackComplexityHigh
ATTACK_COMPLEXITY_HIGH
AttackComplexityUnspecified
ATTACK_COMPLEXITY_UNSPECIFIED
AttackComplexityLow
ATTACK_COMPLEXITY_LOW
AttackComplexityHigh
ATTACK_COMPLEXITY_HIGH
ATTACK_COMPLEXITY_UNSPECIFIED
ATTACK_COMPLEXITY_UNSPECIFIED
ATTACK_COMPLEXITY_LOW
ATTACK_COMPLEXITY_LOW
ATTACK_COMPLEXITY_HIGH
ATTACK_COMPLEXITY_HIGH
"ATTACK_COMPLEXITY_UNSPECIFIED"
ATTACK_COMPLEXITY_UNSPECIFIED
"ATTACK_COMPLEXITY_LOW"
ATTACK_COMPLEXITY_LOW
"ATTACK_COMPLEXITY_HIGH"
ATTACK_COMPLEXITY_HIGH

CVSSv3AttackVector

AttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED
AttackVectorNetwork
ATTACK_VECTOR_NETWORK
AttackVectorAdjacent
ATTACK_VECTOR_ADJACENT
AttackVectorLocal
ATTACK_VECTOR_LOCAL
AttackVectorPhysical
ATTACK_VECTOR_PHYSICAL
CVSSv3AttackVectorAttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED
CVSSv3AttackVectorAttackVectorNetwork
ATTACK_VECTOR_NETWORK
CVSSv3AttackVectorAttackVectorAdjacent
ATTACK_VECTOR_ADJACENT
CVSSv3AttackVectorAttackVectorLocal
ATTACK_VECTOR_LOCAL
CVSSv3AttackVectorAttackVectorPhysical
ATTACK_VECTOR_PHYSICAL
AttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED
AttackVectorNetwork
ATTACK_VECTOR_NETWORK
AttackVectorAdjacent
ATTACK_VECTOR_ADJACENT
AttackVectorLocal
ATTACK_VECTOR_LOCAL
AttackVectorPhysical
ATTACK_VECTOR_PHYSICAL
AttackVectorUnspecified
ATTACK_VECTOR_UNSPECIFIED
AttackVectorNetwork
ATTACK_VECTOR_NETWORK
AttackVectorAdjacent
ATTACK_VECTOR_ADJACENT
AttackVectorLocal
ATTACK_VECTOR_LOCAL
AttackVectorPhysical
ATTACK_VECTOR_PHYSICAL
ATTACK_VECTOR_UNSPECIFIED
ATTACK_VECTOR_UNSPECIFIED
ATTACK_VECTOR_NETWORK
ATTACK_VECTOR_NETWORK
ATTACK_VECTOR_ADJACENT
ATTACK_VECTOR_ADJACENT
ATTACK_VECTOR_LOCAL
ATTACK_VECTOR_LOCAL
ATTACK_VECTOR_PHYSICAL
ATTACK_VECTOR_PHYSICAL
"ATTACK_VECTOR_UNSPECIFIED"
ATTACK_VECTOR_UNSPECIFIED
"ATTACK_VECTOR_NETWORK"
ATTACK_VECTOR_NETWORK
"ATTACK_VECTOR_ADJACENT"
ATTACK_VECTOR_ADJACENT
"ATTACK_VECTOR_LOCAL"
ATTACK_VECTOR_LOCAL
"ATTACK_VECTOR_PHYSICAL"
ATTACK_VECTOR_PHYSICAL

CVSSv3AvailabilityImpact

ImpactUnspecified
IMPACT_UNSPECIFIED
ImpactHigh
IMPACT_HIGH
ImpactLow
IMPACT_LOW
ImpactNone
IMPACT_NONE
CVSSv3AvailabilityImpactImpactUnspecified
IMPACT_UNSPECIFIED
CVSSv3AvailabilityImpactImpactHigh
IMPACT_HIGH
CVSSv3AvailabilityImpactImpactLow
IMPACT_LOW
CVSSv3AvailabilityImpactImpactNone
IMPACT_NONE
ImpactUnspecified
IMPACT_UNSPECIFIED
ImpactHigh
IMPACT_HIGH
ImpactLow
IMPACT_LOW
ImpactNone
IMPACT_NONE
ImpactUnspecified
IMPACT_UNSPECIFIED
ImpactHigh
IMPACT_HIGH
ImpactLow
IMPACT_LOW
ImpactNone
IMPACT_NONE
IMPACT_UNSPECIFIED
IMPACT_UNSPECIFIED
IMPACT_HIGH
IMPACT_HIGH
IMPACT_LOW
IMPACT_LOW
IMPACT_NONE
IMPACT_NONE
"IMPACT_UNSPECIFIED"
IMPACT_UNSPECIFIED
"IMPACT_HIGH"
IMPACT_HIGH
"IMPACT_LOW"
IMPACT_LOW
"IMPACT_NONE"
IMPACT_NONE

CVSSv3ConfidentialityImpact

ImpactUnspecified
IMPACT_UNSPECIFIED
ImpactHigh
IMPACT_HIGH
ImpactLow
IMPACT_LOW
ImpactNone
IMPACT_NONE
CVSSv3ConfidentialityImpactImpactUnspecified
IMPACT_UNSPECIFIED
CVSSv3ConfidentialityImpactImpactHigh
IMPACT_HIGH
CVSSv3ConfidentialityImpactImpactLow
IMPACT_LOW
CVSSv3ConfidentialityImpactImpactNone
IMPACT_NONE
ImpactUnspecified
IMPACT_UNSPECIFIED
ImpactHigh
IMPACT_HIGH
ImpactLow
IMPACT_LOW
ImpactNone
IMPACT_NONE
ImpactUnspecified
IMPACT_UNSPECIFIED
ImpactHigh
IMPACT_HIGH
ImpactLow
IMPACT_LOW
ImpactNone
IMPACT_NONE
IMPACT_UNSPECIFIED
IMPACT_UNSPECIFIED
IMPACT_HIGH
IMPACT_HIGH
IMPACT_LOW
IMPACT_LOW
IMPACT_NONE
IMPACT_NONE
"IMPACT_UNSPECIFIED"
IMPACT_UNSPECIFIED
"IMPACT_HIGH"
IMPACT_HIGH
"IMPACT_LOW"
IMPACT_LOW
"IMPACT_NONE"
IMPACT_NONE

CVSSv3IntegrityImpact

ImpactUnspecified
IMPACT_UNSPECIFIED
ImpactHigh
IMPACT_HIGH
ImpactLow
IMPACT_LOW
ImpactNone
IMPACT_NONE
CVSSv3IntegrityImpactImpactUnspecified
IMPACT_UNSPECIFIED
CVSSv3IntegrityImpactImpactHigh
IMPACT_HIGH
CVSSv3IntegrityImpactImpactLow
IMPACT_LOW
CVSSv3IntegrityImpactImpactNone
IMPACT_NONE
ImpactUnspecified
IMPACT_UNSPECIFIED
ImpactHigh
IMPACT_HIGH
ImpactLow
IMPACT_LOW
ImpactNone
IMPACT_NONE
ImpactUnspecified
IMPACT_UNSPECIFIED
ImpactHigh
IMPACT_HIGH
ImpactLow
IMPACT_LOW
ImpactNone
IMPACT_NONE
IMPACT_UNSPECIFIED
IMPACT_UNSPECIFIED
IMPACT_HIGH
IMPACT_HIGH
IMPACT_LOW
IMPACT_LOW
IMPACT_NONE
IMPACT_NONE
"IMPACT_UNSPECIFIED"
IMPACT_UNSPECIFIED
"IMPACT_HIGH"
IMPACT_HIGH
"IMPACT_LOW"
IMPACT_LOW
"IMPACT_NONE"
IMPACT_NONE

CVSSv3PrivilegesRequired

PrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED
PrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE
PrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW
PrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH
CVSSv3PrivilegesRequiredPrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED
CVSSv3PrivilegesRequiredPrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE
CVSSv3PrivilegesRequiredPrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW
CVSSv3PrivilegesRequiredPrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH
PrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED
PrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE
PrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW
PrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH
PrivilegesRequiredUnspecified
PRIVILEGES_REQUIRED_UNSPECIFIED
PrivilegesRequiredNone
PRIVILEGES_REQUIRED_NONE
PrivilegesRequiredLow
PRIVILEGES_REQUIRED_LOW
PrivilegesRequiredHigh
PRIVILEGES_REQUIRED_HIGH
PRIVILEGES_REQUIRED_UNSPECIFIED
PRIVILEGES_REQUIRED_UNSPECIFIED
PRIVILEGES_REQUIRED_NONE
PRIVILEGES_REQUIRED_NONE
PRIVILEGES_REQUIRED_LOW
PRIVILEGES_REQUIRED_LOW
PRIVILEGES_REQUIRED_HIGH
PRIVILEGES_REQUIRED_HIGH
"PRIVILEGES_REQUIRED_UNSPECIFIED"
PRIVILEGES_REQUIRED_UNSPECIFIED
"PRIVILEGES_REQUIRED_NONE"
PRIVILEGES_REQUIRED_NONE
"PRIVILEGES_REQUIRED_LOW"
PRIVILEGES_REQUIRED_LOW
"PRIVILEGES_REQUIRED_HIGH"
PRIVILEGES_REQUIRED_HIGH

CVSSv3Response

AttackComplexity string
AttackVector string

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.

AvailabilityImpact string
BaseScore double

The base score is a function of the base metric scores.

ConfidentialityImpact string
ExploitabilityScore double
ImpactScore double
IntegrityImpact string
PrivilegesRequired string
Scope string
UserInteraction string
AttackComplexity string
AttackVector string

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.

AvailabilityImpact string
BaseScore float64

The base score is a function of the base metric scores.

ConfidentialityImpact string
ExploitabilityScore float64
ImpactScore float64
IntegrityImpact string
PrivilegesRequired string
Scope string
UserInteraction string
attackComplexity String
attackVector String

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.

availabilityImpact String
baseScore Double

The base score is a function of the base metric scores.

confidentialityImpact String
exploitabilityScore Double
impactScore Double
integrityImpact String
privilegesRequired String
scope String
userInteraction String
attackComplexity string
attackVector string

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.

availabilityImpact string
baseScore number

The base score is a function of the base metric scores.

confidentialityImpact string
exploitabilityScore number
impactScore number
integrityImpact string
privilegesRequired string
scope string
userInteraction string
attack_complexity str
attack_vector str

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.

availability_impact str
base_score float

The base score is a function of the base metric scores.

confidentiality_impact str
exploitability_score float
impact_score float
integrity_impact str
privileges_required str
scope str
user_interaction str
attackComplexity String
attackVector String

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.

availabilityImpact String
baseScore Number

The base score is a function of the base metric scores.

confidentialityImpact String
exploitabilityScore Number
impactScore Number
integrityImpact String
privilegesRequired String
scope String
userInteraction String

CVSSv3Scope

ScopeUnspecified
SCOPE_UNSPECIFIED
ScopeUnchanged
SCOPE_UNCHANGED
ScopeChanged
SCOPE_CHANGED
CVSSv3ScopeScopeUnspecified
SCOPE_UNSPECIFIED
CVSSv3ScopeScopeUnchanged
SCOPE_UNCHANGED
CVSSv3ScopeScopeChanged
SCOPE_CHANGED
ScopeUnspecified
SCOPE_UNSPECIFIED
ScopeUnchanged
SCOPE_UNCHANGED
ScopeChanged
SCOPE_CHANGED
ScopeUnspecified
SCOPE_UNSPECIFIED
ScopeUnchanged
SCOPE_UNCHANGED
ScopeChanged
SCOPE_CHANGED
SCOPE_UNSPECIFIED
SCOPE_UNSPECIFIED
SCOPE_UNCHANGED
SCOPE_UNCHANGED
SCOPE_CHANGED
SCOPE_CHANGED
"SCOPE_UNSPECIFIED"
SCOPE_UNSPECIFIED
"SCOPE_UNCHANGED"
SCOPE_UNCHANGED
"SCOPE_CHANGED"
SCOPE_CHANGED

CVSSv3UserInteraction

UserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED
UserInteractionNone
USER_INTERACTION_NONE
UserInteractionRequired
USER_INTERACTION_REQUIRED
CVSSv3UserInteractionUserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED
CVSSv3UserInteractionUserInteractionNone
USER_INTERACTION_NONE
CVSSv3UserInteractionUserInteractionRequired
USER_INTERACTION_REQUIRED
UserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED
UserInteractionNone
USER_INTERACTION_NONE
UserInteractionRequired
USER_INTERACTION_REQUIRED
UserInteractionUnspecified
USER_INTERACTION_UNSPECIFIED
UserInteractionNone
USER_INTERACTION_NONE
UserInteractionRequired
USER_INTERACTION_REQUIRED
USER_INTERACTION_UNSPECIFIED
USER_INTERACTION_UNSPECIFIED
USER_INTERACTION_NONE
USER_INTERACTION_NONE
USER_INTERACTION_REQUIRED
USER_INTERACTION_REQUIRED
"USER_INTERACTION_UNSPECIFIED"
USER_INTERACTION_UNSPECIFIED
"USER_INTERACTION_NONE"
USER_INTERACTION_NONE
"USER_INTERACTION_REQUIRED"
USER_INTERACTION_REQUIRED

Deployable

ResourceUri List<string>

Resource URI for the artifact being deployed.

ResourceUri []string

Resource URI for the artifact being deployed.

resourceUri List<String>

Resource URI for the artifact being deployed.

resourceUri string[]

Resource URI for the artifact being deployed.

resource_uri Sequence[str]

Resource URI for the artifact being deployed.

resourceUri List<String>

Resource URI for the artifact being deployed.

DeployableResponse

ResourceUri List<string>

Resource URI for the artifact being deployed.

ResourceUri []string

Resource URI for the artifact being deployed.

resourceUri List<String>

Resource URI for the artifact being deployed.

resourceUri string[]

Resource URI for the artifact being deployed.

resource_uri Sequence[str]

Resource URI for the artifact being deployed.

resourceUri List<String>

Resource URI for the artifact being deployed.

Detail

CpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

Package string

The name of the package where the vulnerability was found.

Description string

A vendor-specific description of this note.

FixedLocation Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VulnerabilityLocation

The fix for this specific package version.

IsObsolete bool

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

MaxAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.Version

The max version of the package in which the vulnerability exists.

MinAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.Version

The min version of the package in which the vulnerability exists.

PackageType string

The type of package; whether native or non native(ruby gems, node.js packages etc).

SeverityName string

The severity (eg: distro assigned severity) for this vulnerability.

Source string

The source from which the information in this Detail was obtained.

SourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

Vendor string

The name of the vendor of the product.

CpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

Package string

The name of the package where the vulnerability was found.

Description string

A vendor-specific description of this note.

FixedLocation VulnerabilityLocation

The fix for this specific package version.

IsObsolete bool

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

MaxAffectedVersion Version

The max version of the package in which the vulnerability exists.

MinAffectedVersion Version

The min version of the package in which the vulnerability exists.

PackageType string

The type of package; whether native or non native(ruby gems, node.js packages etc).

SeverityName string

The severity (eg: distro assigned severity) for this vulnerability.

Source string

The source from which the information in this Detail was obtained.

SourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

Vendor string

The name of the vendor of the product.

cpeUri String

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

package_ String

The name of the package where the vulnerability was found.

description String

A vendor-specific description of this note.

fixedLocation VulnerabilityLocation

The fix for this specific package version.

isObsolete Boolean

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion Version

The max version of the package in which the vulnerability exists.

minAffectedVersion Version

The min version of the package in which the vulnerability exists.

packageType String

The type of package; whether native or non native(ruby gems, node.js packages etc).

severityName String

The severity (eg: distro assigned severity) for this vulnerability.

source String

The source from which the information in this Detail was obtained.

sourceUpdateTime String

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

vendor String

The name of the vendor of the product.

cpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

package string

The name of the package where the vulnerability was found.

description string

A vendor-specific description of this note.

fixedLocation VulnerabilityLocation

The fix for this specific package version.

isObsolete boolean

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion Version

The max version of the package in which the vulnerability exists.

minAffectedVersion Version

The min version of the package in which the vulnerability exists.

packageType string

The type of package; whether native or non native(ruby gems, node.js packages etc).

severityName string

The severity (eg: distro assigned severity) for this vulnerability.

source string

The source from which the information in this Detail was obtained.

sourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

vendor string

The name of the vendor of the product.

cpe_uri str

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

package str

The name of the package where the vulnerability was found.

description str

A vendor-specific description of this note.

fixed_location VulnerabilityLocation

The fix for this specific package version.

is_obsolete bool

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

max_affected_version Version

The max version of the package in which the vulnerability exists.

min_affected_version Version

The min version of the package in which the vulnerability exists.

package_type str

The type of package; whether native or non native(ruby gems, node.js packages etc).

severity_name str

The severity (eg: distro assigned severity) for this vulnerability.

source str

The source from which the information in this Detail was obtained.

source_update_time str

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

vendor str

The name of the vendor of the product.

cpeUri String

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

package String

The name of the package where the vulnerability was found.

description String

A vendor-specific description of this note.

fixedLocation Property Map

The fix for this specific package version.

isObsolete Boolean

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion Property Map

The max version of the package in which the vulnerability exists.

minAffectedVersion Property Map

The min version of the package in which the vulnerability exists.

packageType String

The type of package; whether native or non native(ruby gems, node.js packages etc).

severityName String

The severity (eg: distro assigned severity) for this vulnerability.

source String

The source from which the information in this Detail was obtained.

sourceUpdateTime String

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

vendor String

The name of the vendor of the product.

DetailResponse

CpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

Description string

A vendor-specific description of this note.

FixedLocation Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VulnerabilityLocationResponse

The fix for this specific package version.

IsObsolete bool

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

MaxAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse

The max version of the package in which the vulnerability exists.

MinAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse

The min version of the package in which the vulnerability exists.

Package string

The name of the package where the vulnerability was found.

PackageType string

The type of package; whether native or non native(ruby gems, node.js packages etc).

SeverityName string

The severity (eg: distro assigned severity) for this vulnerability.

Source string

The source from which the information in this Detail was obtained.

SourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

Vendor string

The name of the vendor of the product.

CpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

Description string

A vendor-specific description of this note.

FixedLocation VulnerabilityLocationResponse

The fix for this specific package version.

IsObsolete bool

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

MaxAffectedVersion VersionResponse

The max version of the package in which the vulnerability exists.

MinAffectedVersion VersionResponse

The min version of the package in which the vulnerability exists.

Package string

The name of the package where the vulnerability was found.

PackageType string

The type of package; whether native or non native(ruby gems, node.js packages etc).

SeverityName string

The severity (eg: distro assigned severity) for this vulnerability.

Source string

The source from which the information in this Detail was obtained.

SourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

Vendor string

The name of the vendor of the product.

cpeUri String

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

description String

A vendor-specific description of this note.

fixedLocation VulnerabilityLocationResponse

The fix for this specific package version.

isObsolete Boolean

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion VersionResponse

The max version of the package in which the vulnerability exists.

minAffectedVersion VersionResponse

The min version of the package in which the vulnerability exists.

packageType String

The type of package; whether native or non native(ruby gems, node.js packages etc).

package_ String

The name of the package where the vulnerability was found.

severityName String

The severity (eg: distro assigned severity) for this vulnerability.

source String

The source from which the information in this Detail was obtained.

sourceUpdateTime String

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

vendor String

The name of the vendor of the product.

cpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

description string

A vendor-specific description of this note.

fixedLocation VulnerabilityLocationResponse

The fix for this specific package version.

isObsolete boolean

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion VersionResponse

The max version of the package in which the vulnerability exists.

minAffectedVersion VersionResponse

The min version of the package in which the vulnerability exists.

package string

The name of the package where the vulnerability was found.

packageType string

The type of package; whether native or non native(ruby gems, node.js packages etc).

severityName string

The severity (eg: distro assigned severity) for this vulnerability.

source string

The source from which the information in this Detail was obtained.

sourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

vendor string

The name of the vendor of the product.

cpe_uri str

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

description str

A vendor-specific description of this note.

fixed_location VulnerabilityLocationResponse

The fix for this specific package version.

is_obsolete bool

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

max_affected_version VersionResponse

The max version of the package in which the vulnerability exists.

min_affected_version VersionResponse

The min version of the package in which the vulnerability exists.

package str

The name of the package where the vulnerability was found.

package_type str

The type of package; whether native or non native(ruby gems, node.js packages etc).

severity_name str

The severity (eg: distro assigned severity) for this vulnerability.

source str

The source from which the information in this Detail was obtained.

source_update_time str

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

vendor str

The name of the vendor of the product.

cpeUri String

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

description String

A vendor-specific description of this note.

fixedLocation Property Map

The fix for this specific package version.

isObsolete Boolean

Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.

maxAffectedVersion Property Map

The max version of the package in which the vulnerability exists.

minAffectedVersion Property Map

The min version of the package in which the vulnerability exists.

package String

The name of the package where the vulnerability was found.

packageType String

The type of package; whether native or non native(ruby gems, node.js packages etc).

severityName String

The severity (eg: distro assigned severity) for this vulnerability.

source String

The source from which the information in this Detail was obtained.

sourceUpdateTime String

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

vendor String

The name of the vendor of the product.

Digest

Algo string

SHA1, SHA512 etc.

DigestBytes string

Value of the digest.

Algo string

SHA1, SHA512 etc.

DigestBytes string

Value of the digest.

algo String

SHA1, SHA512 etc.

digestBytes String

Value of the digest.

algo string

SHA1, SHA512 etc.

digestBytes string

Value of the digest.

algo str

SHA1, SHA512 etc.

digest_bytes str

Value of the digest.

algo String

SHA1, SHA512 etc.

digestBytes String

Value of the digest.

DigestResponse

Algo string

SHA1, SHA512 etc.

DigestBytes string

Value of the digest.

Algo string

SHA1, SHA512 etc.

DigestBytes string

Value of the digest.

algo String

SHA1, SHA512 etc.

digestBytes String

Value of the digest.

algo string

SHA1, SHA512 etc.

digestBytes string

Value of the digest.

algo str

SHA1, SHA512 etc.

digest_bytes str

Value of the digest.

algo String

SHA1, SHA512 etc.

digestBytes String

Value of the digest.

Discovery

AnalysisKind Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.DiscoveryAnalysisKind

Immutable. The kind of analysis that is handled by this discovery.

AnalysisKind DiscoveryAnalysisKind

Immutable. The kind of analysis that is handled by this discovery.

analysisKind DiscoveryAnalysisKind

Immutable. The kind of analysis that is handled by this discovery.

analysisKind DiscoveryAnalysisKind

Immutable. The kind of analysis that is handled by this discovery.

analysis_kind DiscoveryAnalysisKind

Immutable. The kind of analysis that is handled by this discovery.

DiscoveryAnalysisKind

NoteKindUnspecified
NOTE_KIND_UNSPECIFIED

Default value. This value is unused.

Vulnerability
VULNERABILITY

The note and occurrence represent a package vulnerability.

Build
BUILD

The note and occurrence assert build provenance.

Image
IMAGE

This represents an image basis relationship.

Package
PACKAGE

This represents a package installed via a package manager.

Deployment
DEPLOYMENT

The note and occurrence track deployment events.

Discovery
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

Attestation
ATTESTATION

This represents a logical "role" that can attest to artifacts.

Intoto
INTOTO

This represents an in-toto link.

Sbom
SBOM

This represents a software bill of materials.

SpdxPackage
SPDX_PACKAGE

This represents an SPDX Package.

SpdxFile
SPDX_FILE

This represents an SPDX File.

SpdxRelationship
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

DiscoveryAnalysisKindNoteKindUnspecified
NOTE_KIND_UNSPECIFIED

Default value. This value is unused.

DiscoveryAnalysisKindVulnerability
VULNERABILITY

The note and occurrence represent a package vulnerability.

DiscoveryAnalysisKindBuild
BUILD

The note and occurrence assert build provenance.

DiscoveryAnalysisKindImage
IMAGE

This represents an image basis relationship.

DiscoveryAnalysisKindPackage
PACKAGE

This represents a package installed via a package manager.

DiscoveryAnalysisKindDeployment
DEPLOYMENT

The note and occurrence track deployment events.

DiscoveryAnalysisKindDiscovery
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

DiscoveryAnalysisKindAttestation
ATTESTATION

This represents a logical "role" that can attest to artifacts.

DiscoveryAnalysisKindIntoto
INTOTO

This represents an in-toto link.

DiscoveryAnalysisKindSbom
SBOM

This represents a software bill of materials.

DiscoveryAnalysisKindSpdxPackage
SPDX_PACKAGE

This represents an SPDX Package.

DiscoveryAnalysisKindSpdxFile
SPDX_FILE

This represents an SPDX File.

DiscoveryAnalysisKindSpdxRelationship
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

NoteKindUnspecified
NOTE_KIND_UNSPECIFIED

Default value. This value is unused.

Vulnerability
VULNERABILITY

The note and occurrence represent a package vulnerability.

Build
BUILD

The note and occurrence assert build provenance.

Image
IMAGE

This represents an image basis relationship.

Package
PACKAGE

This represents a package installed via a package manager.

Deployment
DEPLOYMENT

The note and occurrence track deployment events.

Discovery
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

Attestation
ATTESTATION

This represents a logical "role" that can attest to artifacts.

Intoto
INTOTO

This represents an in-toto link.

Sbom
SBOM

This represents a software bill of materials.

SpdxPackage
SPDX_PACKAGE

This represents an SPDX Package.

SpdxFile
SPDX_FILE

This represents an SPDX File.

SpdxRelationship
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

NoteKindUnspecified
NOTE_KIND_UNSPECIFIED

Default value. This value is unused.

Vulnerability
VULNERABILITY

The note and occurrence represent a package vulnerability.

Build
BUILD

The note and occurrence assert build provenance.

Image
IMAGE

This represents an image basis relationship.

Package
PACKAGE

This represents a package installed via a package manager.

Deployment
DEPLOYMENT

The note and occurrence track deployment events.

Discovery
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

Attestation
ATTESTATION

This represents a logical "role" that can attest to artifacts.

Intoto
INTOTO

This represents an in-toto link.

Sbom
SBOM

This represents a software bill of materials.

SpdxPackage
SPDX_PACKAGE

This represents an SPDX Package.

SpdxFile
SPDX_FILE

This represents an SPDX File.

SpdxRelationship
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

NOTE_KIND_UNSPECIFIED
NOTE_KIND_UNSPECIFIED

Default value. This value is unused.

VULNERABILITY
VULNERABILITY

The note and occurrence represent a package vulnerability.

BUILD
BUILD

The note and occurrence assert build provenance.

IMAGE
IMAGE

This represents an image basis relationship.

PACKAGE
PACKAGE

This represents a package installed via a package manager.

DEPLOYMENT
DEPLOYMENT

The note and occurrence track deployment events.

DISCOVERY
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

ATTESTATION
ATTESTATION

This represents a logical "role" that can attest to artifacts.

INTOTO
INTOTO

This represents an in-toto link.

SBOM
SBOM

This represents a software bill of materials.

SPDX_PACKAGE
SPDX_PACKAGE

This represents an SPDX Package.

SPDX_FILE
SPDX_FILE

This represents an SPDX File.

SPDX_RELATIONSHIP
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

"NOTE_KIND_UNSPECIFIED"
NOTE_KIND_UNSPECIFIED

Default value. This value is unused.

"VULNERABILITY"
VULNERABILITY

The note and occurrence represent a package vulnerability.

"BUILD"
BUILD

The note and occurrence assert build provenance.

"IMAGE"
IMAGE

This represents an image basis relationship.

"PACKAGE"
PACKAGE

This represents a package installed via a package manager.

"DEPLOYMENT"
DEPLOYMENT

The note and occurrence track deployment events.

"DISCOVERY"
DISCOVERY

The note and occurrence track the initial discovery status of a resource.

"ATTESTATION"
ATTESTATION

This represents a logical "role" that can attest to artifacts.

"INTOTO"
INTOTO

This represents an in-toto link.

"SBOM"
SBOM

This represents a software bill of materials.

"SPDX_PACKAGE"
SPDX_PACKAGE

This represents an SPDX Package.

"SPDX_FILE"
SPDX_FILE

This represents an SPDX File.

"SPDX_RELATIONSHIP"
SPDX_RELATIONSHIP

This represents an SPDX Relationship.

DiscoveryResponse

AnalysisKind string

Immutable. The kind of analysis that is handled by this discovery.

AnalysisKind string

Immutable. The kind of analysis that is handled by this discovery.

analysisKind String

Immutable. The kind of analysis that is handled by this discovery.

analysisKind string

Immutable. The kind of analysis that is handled by this discovery.

analysis_kind str

Immutable. The kind of analysis that is handled by this discovery.

analysisKind String

Immutable. The kind of analysis that is handled by this discovery.

Distribution

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package.

Architecture Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.DistributionArchitecture

The CPU architecture for which packages in this distribution channel were built.

Description string

The distribution channel-specific description of this package.

LatestVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.Version

The latest available version of this package in this distribution channel.

Maintainer string

A freeform string denoting the maintainer of this package.

Url string

The distribution channel-specific homepage for this package.

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package.

Architecture DistributionArchitecture

The CPU architecture for which packages in this distribution channel were built.

Description string

The distribution channel-specific description of this package.

LatestVersion Version

The latest available version of this package in this distribution channel.

Maintainer string

A freeform string denoting the maintainer of this package.

Url string

The distribution channel-specific homepage for this package.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package.

architecture DistributionArchitecture

The CPU architecture for which packages in this distribution channel were built.

description String

The distribution channel-specific description of this package.

latestVersion Version

The latest available version of this package in this distribution channel.

maintainer String

A freeform string denoting the maintainer of this package.

url String

The distribution channel-specific homepage for this package.

cpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package.

architecture DistributionArchitecture

The CPU architecture for which packages in this distribution channel were built.

description string

The distribution channel-specific description of this package.

latestVersion Version

The latest available version of this package in this distribution channel.

maintainer string

A freeform string denoting the maintainer of this package.

url string

The distribution channel-specific homepage for this package.

cpe_uri str

The cpe_uri in CPE format denoting the package manager version distributing a package.

architecture DistributionArchitecture

The CPU architecture for which packages in this distribution channel were built.

description str

The distribution channel-specific description of this package.

latest_version Version

The latest available version of this package in this distribution channel.

maintainer str

A freeform string denoting the maintainer of this package.

url str

The distribution channel-specific homepage for this package.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package.

architecture "ARCHITECTURE_UNSPECIFIED" | "X86" | "X64"

The CPU architecture for which packages in this distribution channel were built.

description String

The distribution channel-specific description of this package.

latestVersion Property Map

The latest available version of this package in this distribution channel.

maintainer String

A freeform string denoting the maintainer of this package.

url String

The distribution channel-specific homepage for this package.

DistributionArchitecture

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

X86
X86

X86 architecture.

X64
X64

X64 architecture.

DistributionArchitectureArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

DistributionArchitectureX86
X86

X86 architecture.

DistributionArchitectureX64
X64

X64 architecture.

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

X86
X86

X86 architecture.

X64
X64

X64 architecture.

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

X86
X86

X86 architecture.

X64
X64

X64 architecture.

ARCHITECTURE_UNSPECIFIED
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

X86
X86

X86 architecture.

X64
X64

X64 architecture.

"ARCHITECTURE_UNSPECIFIED"
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

"X86"
X86

X86 architecture.

"X64"
X64

X64 architecture.

DistributionResponse

Architecture string

The CPU architecture for which packages in this distribution channel were built.

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package.

Description string

The distribution channel-specific description of this package.

LatestVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse

The latest available version of this package in this distribution channel.

Maintainer string

A freeform string denoting the maintainer of this package.

Url string

The distribution channel-specific homepage for this package.

Architecture string

The CPU architecture for which packages in this distribution channel were built.

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package.

Description string

The distribution channel-specific description of this package.

LatestVersion VersionResponse

The latest available version of this package in this distribution channel.

Maintainer string

A freeform string denoting the maintainer of this package.

Url string

The distribution channel-specific homepage for this package.

architecture String

The CPU architecture for which packages in this distribution channel were built.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package.

description String

The distribution channel-specific description of this package.

latestVersion VersionResponse

The latest available version of this package in this distribution channel.

maintainer String

A freeform string denoting the maintainer of this package.

url String

The distribution channel-specific homepage for this package.

architecture string

The CPU architecture for which packages in this distribution channel were built.

cpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package.

description string

The distribution channel-specific description of this package.

latestVersion VersionResponse

The latest available version of this package in this distribution channel.

maintainer string

A freeform string denoting the maintainer of this package.

url string

The distribution channel-specific homepage for this package.

architecture str

The CPU architecture for which packages in this distribution channel were built.

cpe_uri str

The cpe_uri in CPE format denoting the package manager version distributing a package.

description str

The distribution channel-specific description of this package.

latest_version VersionResponse

The latest available version of this package in this distribution channel.

maintainer str

A freeform string denoting the maintainer of this package.

url str

The distribution channel-specific homepage for this package.

architecture String

The CPU architecture for which packages in this distribution channel were built.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package.

description String

The distribution channel-specific description of this package.

latestVersion Property Map

The latest available version of this package in this distribution channel.

maintainer String

A freeform string denoting the maintainer of this package.

url String

The distribution channel-specific homepage for this package.

DocumentNote

DataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

SpdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

DataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

SpdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence String

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion String

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

data_licence str

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdx_version str

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence String

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion String

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

DocumentNoteResponse

DataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

SpdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

DataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

SpdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence String

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion String

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence string

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion string

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

data_licence str

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdx_version str

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence String

Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")

spdxVersion String

Provide a reference number that can be used to understand how to parse and interpret the rest of the file

ExternalRef

Category Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.ExternalRefCategory

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

Comment string

Human-readable information about the purpose and target of the reference

Locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

Type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

Category ExternalRefCategory

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

Comment string

Human-readable information about the purpose and target of the reference

Locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

Type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category ExternalRefCategory

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment String

Human-readable information about the purpose and target of the reference

locator String

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type String

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category ExternalRefCategory

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment string

Human-readable information about the purpose and target of the reference

locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category ExternalRefCategory

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment str

Human-readable information about the purpose and target of the reference

locator str

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type str

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category "CATEGORY_UNSPECIFIED" | "SECURITY" | "PACKAGE_MANAGER" | "PERSISTENT_ID" | "OTHER"

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment String

Human-readable information about the purpose and target of the reference

locator String

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type String

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

ExternalRefCategory

CategoryUnspecified
CATEGORY_UNSPECIFIED

Unspecified

Security
SECURITY

Security (e.g. cpe22Type, cpe23Type)

PackageManager
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

PersistentId
PERSISTENT_ID

Persistent-Id (e.g. swh)

Other
OTHER

Other

ExternalRefCategoryCategoryUnspecified
CATEGORY_UNSPECIFIED

Unspecified

ExternalRefCategorySecurity
SECURITY

Security (e.g. cpe22Type, cpe23Type)

ExternalRefCategoryPackageManager
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

ExternalRefCategoryPersistentId
PERSISTENT_ID

Persistent-Id (e.g. swh)

ExternalRefCategoryOther
OTHER

Other

CategoryUnspecified
CATEGORY_UNSPECIFIED

Unspecified

Security
SECURITY

Security (e.g. cpe22Type, cpe23Type)

PackageManager
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

PersistentId
PERSISTENT_ID

Persistent-Id (e.g. swh)

Other
OTHER

Other

CategoryUnspecified
CATEGORY_UNSPECIFIED

Unspecified

Security
SECURITY

Security (e.g. cpe22Type, cpe23Type)

PackageManager
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

PersistentId
PERSISTENT_ID

Persistent-Id (e.g. swh)

Other
OTHER

Other

CATEGORY_UNSPECIFIED
CATEGORY_UNSPECIFIED

Unspecified

SECURITY
SECURITY

Security (e.g. cpe22Type, cpe23Type)

PACKAGE_MANAGER
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

PERSISTENT_ID
PERSISTENT_ID

Persistent-Id (e.g. swh)

OTHER
OTHER

Other

"CATEGORY_UNSPECIFIED"
CATEGORY_UNSPECIFIED

Unspecified

"SECURITY"
SECURITY

Security (e.g. cpe22Type, cpe23Type)

"PACKAGE_MANAGER"
PACKAGE_MANAGER

Package Manager (e.g. maven-central, npm, nuget, bower, purl)

"PERSISTENT_ID"
PERSISTENT_ID

Persistent-Id (e.g. swh)

"OTHER"
OTHER

Other

ExternalRefResponse

Category string

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

Comment string

Human-readable information about the purpose and target of the reference

Locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

Type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

Category string

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

Comment string

Human-readable information about the purpose and target of the reference

Locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

Type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category String

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment String

Human-readable information about the purpose and target of the reference

locator String

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type String

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category string

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment string

Human-readable information about the purpose and target of the reference

locator string

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type string

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category str

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment str

Human-readable information about the purpose and target of the reference

locator str

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type str

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category String

An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package

comment String

Human-readable information about the purpose and target of the reference

locator String

The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location

type String

Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

FileNote

Checksum List<string>

Provide a unique identifier to match analysis information on each specific file in a package

FileType Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.FileNoteFileType

This field provides information about the type of file identified

Title string

Identify the full path and filename that corresponds to the file information in this section

Checksum []string

Provide a unique identifier to match analysis information on each specific file in a package

FileType FileNoteFileType

This field provides information about the type of file identified

Title string

Identify the full path and filename that corresponds to the file information in this section

checksum List<String>

Provide a unique identifier to match analysis information on each specific file in a package

fileType FileNoteFileType

This field provides information about the type of file identified

title String

Identify the full path and filename that corresponds to the file information in this section

checksum string[]

Provide a unique identifier to match analysis information on each specific file in a package

fileType FileNoteFileType

This field provides information about the type of file identified

title string

Identify the full path and filename that corresponds to the file information in this section

checksum Sequence[str]

Provide a unique identifier to match analysis information on each specific file in a package

file_type FileNoteFileType

This field provides information about the type of file identified

title str

Identify the full path and filename that corresponds to the file information in this section

checksum List<String>

Provide a unique identifier to match analysis information on each specific file in a package

fileType "FILE_TYPE_UNSPECIFIED" | "SOURCE" | "BINARY" | "ARCHIVE" | "APPLICATION" | "AUDIO" | "IMAGE" | "TEXT" | "VIDEO" | "DOCUMENTATION" | "SPDX" | "OTHER"

This field provides information about the type of file identified

title String

Identify the full path and filename that corresponds to the file information in this section

FileNoteFileType

FileTypeUnspecified
FILE_TYPE_UNSPECIFIED

Unspecified

Source
SOURCE

The file is human readable source code (.c, .html, etc.)

Binary
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

Archive
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

Application
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

Audio
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

Image
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

Text
TEXT

The file is human readable text file (MIME type of text/*)

Video
VIDEO

The file is associated with a video file type (MIME type of video/*)

Documentation
DOCUMENTATION

The file serves as documentation

Spdx
SPDX

The file is an SPDX document

Other
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

FileNoteFileTypeFileTypeUnspecified
FILE_TYPE_UNSPECIFIED

Unspecified

FileNoteFileTypeSource
SOURCE

The file is human readable source code (.c, .html, etc.)

FileNoteFileTypeBinary
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

FileNoteFileTypeArchive
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

FileNoteFileTypeApplication
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

FileNoteFileTypeAudio
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

FileNoteFileTypeImage
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

FileNoteFileTypeText
TEXT

The file is human readable text file (MIME type of text/*)

FileNoteFileTypeVideo
VIDEO

The file is associated with a video file type (MIME type of video/*)

FileNoteFileTypeDocumentation
DOCUMENTATION

The file serves as documentation

FileNoteFileTypeSpdx
SPDX

The file is an SPDX document

FileNoteFileTypeOther
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

FileTypeUnspecified
FILE_TYPE_UNSPECIFIED

Unspecified

Source
SOURCE

The file is human readable source code (.c, .html, etc.)

Binary
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

Archive
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

Application
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

Audio
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

Image
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

Text
TEXT

The file is human readable text file (MIME type of text/*)

Video
VIDEO

The file is associated with a video file type (MIME type of video/*)

Documentation
DOCUMENTATION

The file serves as documentation

Spdx
SPDX

The file is an SPDX document

Other
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

FileTypeUnspecified
FILE_TYPE_UNSPECIFIED

Unspecified

Source
SOURCE

The file is human readable source code (.c, .html, etc.)

Binary
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

Archive
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

Application
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

Audio
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

Image
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

Text
TEXT

The file is human readable text file (MIME type of text/*)

Video
VIDEO

The file is associated with a video file type (MIME type of video/*)

Documentation
DOCUMENTATION

The file serves as documentation

Spdx
SPDX

The file is an SPDX document

Other
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

FILE_TYPE_UNSPECIFIED
FILE_TYPE_UNSPECIFIED

Unspecified

SOURCE
SOURCE

The file is human readable source code (.c, .html, etc.)

BINARY
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

ARCHIVE
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

APPLICATION
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

AUDIO
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

IMAGE
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

TEXT
TEXT

The file is human readable text file (MIME type of text/*)

VIDEO
VIDEO

The file is associated with a video file type (MIME type of video/*)

DOCUMENTATION
DOCUMENTATION

The file serves as documentation

SPDX
SPDX

The file is an SPDX document

OTHER
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

"FILE_TYPE_UNSPECIFIED"
FILE_TYPE_UNSPECIFIED

Unspecified

"SOURCE"
SOURCE

The file is human readable source code (.c, .html, etc.)

"BINARY"
BINARY

The file is a compiled object, target image or binary executable (.o, .a, etc.)

"ARCHIVE"
ARCHIVE

The file represents an archive (.tar, .jar, etc.)

"APPLICATION"
APPLICATION

The file is associated with a specific application type (MIME type of application/*)

"AUDIO"
AUDIO

The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)

"IMAGE"
IMAGE

The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)

"TEXT"
TEXT

The file is human readable text file (MIME type of text/*)

"VIDEO"
VIDEO

The file is associated with a video file type (MIME type of video/*)

"DOCUMENTATION"
DOCUMENTATION

The file serves as documentation

"SPDX"
SPDX

The file is an SPDX document

"OTHER"
OTHER

The file doesn't fit into the above categories (generated artifacts, data files, etc.)

FileNoteResponse

Checksum List<string>

Provide a unique identifier to match analysis information on each specific file in a package

FileType string

This field provides information about the type of file identified

Title string

Identify the full path and filename that corresponds to the file information in this section

Checksum []string

Provide a unique identifier to match analysis information on each specific file in a package

FileType string

This field provides information about the type of file identified

Title string

Identify the full path and filename that corresponds to the file information in this section

checksum List<String>

Provide a unique identifier to match analysis information on each specific file in a package

fileType String

This field provides information about the type of file identified

title String

Identify the full path and filename that corresponds to the file information in this section

checksum string[]

Provide a unique identifier to match analysis information on each specific file in a package

fileType string

This field provides information about the type of file identified

title string

Identify the full path and filename that corresponds to the file information in this section

checksum Sequence[str]

Provide a unique identifier to match analysis information on each specific file in a package

file_type str

This field provides information about the type of file identified

title str

Identify the full path and filename that corresponds to the file information in this section

checksum List<String>

Provide a unique identifier to match analysis information on each specific file in a package

fileType String

This field provides information about the type of file identified

title String

Identify the full path and filename that corresponds to the file information in this section

Fingerprint

V1Name string

The layer ID of the final layer in the Docker image's v1 representation.

V2Blob List<string>

The ordered list of v2 blobs that represent a given image.

V1Name string

The layer ID of the final layer in the Docker image's v1 representation.

V2Blob []string

The ordered list of v2 blobs that represent a given image.

v1Name String

The layer ID of the final layer in the Docker image's v1 representation.

v2Blob List<String>

The ordered list of v2 blobs that represent a given image.

v1Name string

The layer ID of the final layer in the Docker image's v1 representation.

v2Blob string[]

The ordered list of v2 blobs that represent a given image.

v1_name str

The layer ID of the final layer in the Docker image's v1 representation.

v2_blob Sequence[str]

The ordered list of v2 blobs that represent a given image.

v1Name String

The layer ID of the final layer in the Docker image's v1 representation.

v2Blob List<String>

The ordered list of v2 blobs that represent a given image.

FingerprintResponse

V1Name string

The layer ID of the final layer in the Docker image's v1 representation.

V2Blob List<string>

The ordered list of v2 blobs that represent a given image.

V2Name string

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

V1Name string

The layer ID of the final layer in the Docker image's v1 representation.

V2Blob []string

The ordered list of v2 blobs that represent a given image.

V2Name string

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

v1Name String

The layer ID of the final layer in the Docker image's v1 representation.

v2Blob List<String>

The ordered list of v2 blobs that represent a given image.

v2Name String

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

v1Name string

The layer ID of the final layer in the Docker image's v1 representation.

v2Blob string[]

The ordered list of v2 blobs that represent a given image.

v2Name string

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

v1_name str

The layer ID of the final layer in the Docker image's v1 representation.

v2_blob Sequence[str]

The ordered list of v2 blobs that represent a given image.

v2_name str

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

v1Name String

The layer ID of the final layer in the Docker image's v1 representation.

v2Blob List<String>

The ordered list of v2 blobs that represent a given image.

v2Name String

The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

Hint

HumanReadableName string

The human readable name of this attestation authority, for example "qa".

HumanReadableName string

The human readable name of this attestation authority, for example "qa".

humanReadableName String

The human readable name of this attestation authority, for example "qa".

humanReadableName string

The human readable name of this attestation authority, for example "qa".

human_readable_name str

The human readable name of this attestation authority, for example "qa".

humanReadableName String

The human readable name of this attestation authority, for example "qa".

HintResponse

HumanReadableName string

The human readable name of this attestation authority, for example "qa".

HumanReadableName string

The human readable name of this attestation authority, for example "qa".

humanReadableName String

The human readable name of this attestation authority, for example "qa".

humanReadableName string

The human readable name of this attestation authority, for example "qa".

human_readable_name str

The human readable name of this attestation authority, for example "qa".

humanReadableName String

The human readable name of this attestation authority, for example "qa".

InToto

ExpectedCommand List<string>

This field contains the expected command used to perform the step.

ExpectedMaterials List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ArtifactRule>

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

ExpectedProducts List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ArtifactRule>
SigningKeys List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.SigningKey>

This field contains the public keys that can be used to verify the signatures on the step metadata.

StepName string

This field identifies the name of the step in the supply chain.

Threshold string

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

ExpectedCommand []string

This field contains the expected command used to perform the step.

ExpectedMaterials []ArtifactRule

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

ExpectedProducts []ArtifactRule
SigningKeys []SigningKey

This field contains the public keys that can be used to verify the signatures on the step metadata.

StepName string

This field identifies the name of the step in the supply chain.

Threshold string

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expectedCommand List<String>

This field contains the expected command used to perform the step.

expectedMaterials List<ArtifactRule>

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

expectedProducts List<ArtifactRule>
signingKeys List<SigningKey>

This field contains the public keys that can be used to verify the signatures on the step metadata.

stepName String

This field identifies the name of the step in the supply chain.

threshold String

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expectedCommand string[]

This field contains the expected command used to perform the step.

expectedMaterials ArtifactRule[]

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

expectedProducts ArtifactRule[]
signingKeys SigningKey[]

This field contains the public keys that can be used to verify the signatures on the step metadata.

stepName string

This field identifies the name of the step in the supply chain.

threshold string

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expected_command Sequence[str]

This field contains the expected command used to perform the step.

expected_materials Sequence[ArtifactRule]

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

expected_products Sequence[ArtifactRule]
signing_keys Sequence[SigningKey]

This field contains the public keys that can be used to verify the signatures on the step metadata.

step_name str

This field identifies the name of the step in the supply chain.

threshold str

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expectedCommand List<String>

This field contains the expected command used to perform the step.

expectedMaterials List<Property Map>

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

expectedProducts List<Property Map>
signingKeys List<Property Map>

This field contains the public keys that can be used to verify the signatures on the step metadata.

stepName String

This field identifies the name of the step in the supply chain.

threshold String

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

InTotoResponse

ExpectedCommand List<string>

This field contains the expected command used to perform the step.

ExpectedMaterials List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ArtifactRuleResponse>

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

ExpectedProducts List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ArtifactRuleResponse>
SigningKeys List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.SigningKeyResponse>

This field contains the public keys that can be used to verify the signatures on the step metadata.

StepName string

This field identifies the name of the step in the supply chain.

Threshold string

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

ExpectedCommand []string

This field contains the expected command used to perform the step.

ExpectedMaterials []ArtifactRuleResponse

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

ExpectedProducts []ArtifactRuleResponse
SigningKeys []SigningKeyResponse

This field contains the public keys that can be used to verify the signatures on the step metadata.

StepName string

This field identifies the name of the step in the supply chain.

Threshold string

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expectedCommand List<String>

This field contains the expected command used to perform the step.

expectedMaterials List<ArtifactRuleResponse>

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

expectedProducts List<ArtifactRuleResponse>
signingKeys List<SigningKeyResponse>

This field contains the public keys that can be used to verify the signatures on the step metadata.

stepName String

This field identifies the name of the step in the supply chain.

threshold String

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expectedCommand string[]

This field contains the expected command used to perform the step.

expectedMaterials ArtifactRuleResponse[]

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

expectedProducts ArtifactRuleResponse[]
signingKeys SigningKeyResponse[]

This field contains the public keys that can be used to verify the signatures on the step metadata.

stepName string

This field identifies the name of the step in the supply chain.

threshold string

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expected_command Sequence[str]

This field contains the expected command used to perform the step.

expected_materials Sequence[ArtifactRuleResponse]

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

expected_products Sequence[ArtifactRuleResponse]
signing_keys Sequence[SigningKeyResponse]

This field contains the public keys that can be used to verify the signatures on the step metadata.

step_name str

This field identifies the name of the step in the supply chain.

threshold str

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expectedCommand List<String>

This field contains the expected command used to perform the step.

expectedMaterials List<Property Map>

The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.

expectedProducts List<Property Map>
signingKeys List<Property Map>

This field contains the public keys that can be used to verify the signatures on the step metadata.

stepName String

This field identifies the name of the step in the supply chain.

threshold String

This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

KnowledgeBase

Name string

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

Url string

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

Name string

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

Url string

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name String

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

url String

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name string

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

url string

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name str

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

url str

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name String

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

url String

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

KnowledgeBaseResponse

Name string

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

Url string

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

Name string

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

Url string

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name String

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

url String

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name string

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

url string

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name str

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

url str

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name String

The KB name (generally of the form KB[0-9]+ i.e. KB123456).

url String

A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

License

Comments string

Comments

Expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

Comments string

Comments

Expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments String

Comments

expression String

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments string

Comments

expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments str

Comments

expression str

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments String

Comments

expression String

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

LicenseResponse

Comments string

Comments

Expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

Comments string

Comments

Expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments String

Comments

expression String

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments string

Comments

expression string

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments str

Comments

expression str

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments String

Comments

expression String

Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

Package

Name string

Immutable. The name of the package.

Architecture Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.PackageArchitecture

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

Description string

The description of this package.

Digest List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.Digest>

Hash value, typically a file digest, that allows unique identification a specific package.

Distribution List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.Distribution>

The various channels by which a package is distributed.

License Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.License

Licenses that have been declared by the authors of the package.

Maintainer string

A freeform text denoting the maintainer of this package.

PackageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Url string

The homepage for this package.

Version Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.Version

The version of the package.

Name string

Immutable. The name of the package.

Architecture PackageArchitecture

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

Description string

The description of this package.

Digest []Digest

Hash value, typically a file digest, that allows unique identification a specific package.

Distribution []Distribution

The various channels by which a package is distributed.

License License

Licenses that have been declared by the authors of the package.

Maintainer string

A freeform text denoting the maintainer of this package.

PackageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Url string

The homepage for this package.

Version Version

The version of the package.

name String

Immutable. The name of the package.

architecture PackageArchitecture

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description String

The description of this package.

digest List<Digest>

Hash value, typically a file digest, that allows unique identification a specific package.

distribution List<Distribution>

The various channels by which a package is distributed.

license License

Licenses that have been declared by the authors of the package.

maintainer String

A freeform text denoting the maintainer of this package.

packageType String

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url String

The homepage for this package.

version Version

The version of the package.

name string

Immutable. The name of the package.

architecture PackageArchitecture

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description string

The description of this package.

digest Digest[]

Hash value, typically a file digest, that allows unique identification a specific package.

distribution Distribution[]

The various channels by which a package is distributed.

license License

Licenses that have been declared by the authors of the package.

maintainer string

A freeform text denoting the maintainer of this package.

packageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url string

The homepage for this package.

version Version

The version of the package.

name str

Immutable. The name of the package.

architecture PackageArchitecture

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpe_uri str

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description str

The description of this package.

digest Sequence[Digest]

Hash value, typically a file digest, that allows unique identification a specific package.

distribution Sequence[Distribution]

The various channels by which a package is distributed.

license License

Licenses that have been declared by the authors of the package.

maintainer str

A freeform text denoting the maintainer of this package.

package_type str

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url str

The homepage for this package.

version Version

The version of the package.

name String

Immutable. The name of the package.

architecture "ARCHITECTURE_UNSPECIFIED" | "X86" | "X64"

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description String

The description of this package.

digest List<Property Map>

Hash value, typically a file digest, that allows unique identification a specific package.

distribution List<Property Map>

The various channels by which a package is distributed.

license Property Map

Licenses that have been declared by the authors of the package.

maintainer String

A freeform text denoting the maintainer of this package.

packageType String

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url String

The homepage for this package.

version Property Map

The version of the package.

PackageArchitecture

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

X86
X86

X86 architecture.

X64
X64

X64 architecture.

PackageArchitectureArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

PackageArchitectureX86
X86

X86 architecture.

PackageArchitectureX64
X64

X64 architecture.

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

X86
X86

X86 architecture.

X64
X64

X64 architecture.

ArchitectureUnspecified
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

X86
X86

X86 architecture.

X64
X64

X64 architecture.

ARCHITECTURE_UNSPECIFIED
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

X86
X86

X86 architecture.

X64
X64

X64 architecture.

"ARCHITECTURE_UNSPECIFIED"
ARCHITECTURE_UNSPECIFIED

Unknown architecture.

"X86"
X86

X86 architecture.

"X64"
X64

X64 architecture.

PackageInfoNote

Analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

Attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

Checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

Copyright string

Identify the copyright holders of the package, as well as any dates present

DetailedDescription string

A more detailed description of the package

DownloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

ExternalRefs List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ExternalRef>

ExternalRef

FilesLicenseInfo List<string>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

HomePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

LicenseDeclared Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.License

List the licenses that have been declared by the authors of the package

Originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

PackageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

SummaryDescription string

A short description of the package

Supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

Title string

Identify the full name of the package as given by the Package Originator

VerificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

Version string

Identify the version of the package

Analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

Attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

Checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

Copyright string

Identify the copyright holders of the package, as well as any dates present

DetailedDescription string

A more detailed description of the package

DownloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

ExternalRefs []ExternalRef

ExternalRef

FilesLicenseInfo []string

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

HomePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

LicenseDeclared License

List the licenses that have been declared by the authors of the package

Originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

PackageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

SummaryDescription string

A short description of the package

Supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

Title string

Identify the full name of the package as given by the Package Originator

VerificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

Version string

Identify the version of the package

analyzed Boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution String

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum String

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright String

Identify the copyright holders of the package, as well as any dates present

detailedDescription String

A more detailed description of the package

downloadLocation String

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs List<ExternalRef>

ExternalRef

filesLicenseInfo List<String>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage String

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared License

List the licenses that have been declared by the authors of the package

originator String

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType String

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription String

A short description of the package

supplier String

Identify the actual distribution source for the package/directory identified in the SPDX file

title String

Identify the full name of the package as given by the Package Originator

verificationCode String

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version String

Identify the version of the package

analyzed boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright string

Identify the copyright holders of the package, as well as any dates present

detailedDescription string

A more detailed description of the package

downloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs ExternalRef[]

ExternalRef

filesLicenseInfo string[]

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared License

List the licenses that have been declared by the authors of the package

originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription string

A short description of the package

supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

title string

Identify the full name of the package as given by the Package Originator

verificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version string

Identify the version of the package

analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution str

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum str

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright str

Identify the copyright holders of the package, as well as any dates present

detailed_description str

A more detailed description of the package

download_location str

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

external_refs Sequence[ExternalRef]

ExternalRef

files_license_info Sequence[str]

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

home_page str

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

license_declared License

List the licenses that have been declared by the authors of the package

originator str

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

package_type str

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summary_description str

A short description of the package

supplier str

Identify the actual distribution source for the package/directory identified in the SPDX file

title str

Identify the full name of the package as given by the Package Originator

verification_code str

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version str

Identify the version of the package

analyzed Boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution String

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum String

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright String

Identify the copyright holders of the package, as well as any dates present

detailedDescription String

A more detailed description of the package

downloadLocation String

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs List<Property Map>

ExternalRef

filesLicenseInfo List<String>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage String

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared Property Map

List the licenses that have been declared by the authors of the package

originator String

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType String

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription String

A short description of the package

supplier String

Identify the actual distribution source for the package/directory identified in the SPDX file

title String

Identify the full name of the package as given by the Package Originator

verificationCode String

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version String

Identify the version of the package

PackageInfoNoteResponse

Analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

Attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

Checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

Copyright string

Identify the copyright holders of the package, as well as any dates present

DetailedDescription string

A more detailed description of the package

DownloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

ExternalRefs List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ExternalRefResponse>

ExternalRef

FilesLicenseInfo List<string>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

HomePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

LicenseDeclared Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.LicenseResponse

List the licenses that have been declared by the authors of the package

Originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

PackageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

SummaryDescription string

A short description of the package

Supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

Title string

Identify the full name of the package as given by the Package Originator

VerificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

Version string

Identify the version of the package

Analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

Attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

Checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

Copyright string

Identify the copyright holders of the package, as well as any dates present

DetailedDescription string

A more detailed description of the package

DownloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

ExternalRefs []ExternalRefResponse

ExternalRef

FilesLicenseInfo []string

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

HomePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

LicenseDeclared LicenseResponse

List the licenses that have been declared by the authors of the package

Originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

PackageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

SummaryDescription string

A short description of the package

Supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

Title string

Identify the full name of the package as given by the Package Originator

VerificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

Version string

Identify the version of the package

analyzed Boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution String

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum String

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright String

Identify the copyright holders of the package, as well as any dates present

detailedDescription String

A more detailed description of the package

downloadLocation String

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs List<ExternalRefResponse>

ExternalRef

filesLicenseInfo List<String>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage String

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared LicenseResponse

List the licenses that have been declared by the authors of the package

originator String

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType String

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription String

A short description of the package

supplier String

Identify the actual distribution source for the package/directory identified in the SPDX file

title String

Identify the full name of the package as given by the Package Originator

verificationCode String

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version String

Identify the version of the package

analyzed boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution string

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum string

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright string

Identify the copyright holders of the package, as well as any dates present

detailedDescription string

A more detailed description of the package

downloadLocation string

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs ExternalRefResponse[]

ExternalRef

filesLicenseInfo string[]

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage string

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared LicenseResponse

List the licenses that have been declared by the authors of the package

originator string

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType string

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription string

A short description of the package

supplier string

Identify the actual distribution source for the package/directory identified in the SPDX file

title string

Identify the full name of the package as given by the Package Originator

verificationCode string

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version string

Identify the version of the package

analyzed bool

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution str

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum str

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright str

Identify the copyright holders of the package, as well as any dates present

detailed_description str

A more detailed description of the package

download_location str

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

external_refs Sequence[ExternalRefResponse]

ExternalRef

files_license_info Sequence[str]

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

home_page str

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

license_declared LicenseResponse

List the licenses that have been declared by the authors of the package

originator str

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

package_type str

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summary_description str

A short description of the package

supplier str

Identify the actual distribution source for the package/directory identified in the SPDX file

title str

Identify the full name of the package as given by the Package Originator

verification_code str

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version str

Identify the version of the package

analyzed Boolean

Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document

attribution String

A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts

checksum String

Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file

copyright String

Identify the copyright holders of the package, as well as any dates present

detailedDescription String

A more detailed description of the package

downloadLocation String

This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created

externalRefs List<Property Map>

ExternalRef

filesLicenseInfo List<String>

Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found

homePage String

Provide a place for the SPDX file creator to record a web site that serves as the package's home page

licenseDeclared Property Map

List the licenses that have been declared by the authors of the package

originator String

If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came

packageType String

The type of package: OS, MAVEN, GO, GO_STDLIB, etc.

summaryDescription String

A short description of the package

supplier String

Identify the actual distribution source for the package/directory identified in the SPDX file

title String

Identify the full name of the package as given by the Package Originator

verificationCode String

This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file

version String

Identify the version of the package

PackageResponse

Architecture string

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

Description string

The description of this package.

Digest List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DigestResponse>

Hash value, typically a file digest, that allows unique identification a specific package.

Distribution List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DistributionResponse>

The various channels by which a package is distributed.

License Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.LicenseResponse

Licenses that have been declared by the authors of the package.

Maintainer string

A freeform text denoting the maintainer of this package.

Name string

Immutable. The name of the package.

PackageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Url string

The homepage for this package.

Version Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse

The version of the package.

Architecture string

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

CpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

Description string

The description of this package.

Digest []DigestResponse

Hash value, typically a file digest, that allows unique identification a specific package.

Distribution []DistributionResponse

The various channels by which a package is distributed.

License LicenseResponse

Licenses that have been declared by the authors of the package.

Maintainer string

A freeform text denoting the maintainer of this package.

Name string

Immutable. The name of the package.

PackageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Url string

The homepage for this package.

Version VersionResponse

The version of the package.

architecture String

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description String

The description of this package.

digest List<DigestResponse>

Hash value, typically a file digest, that allows unique identification a specific package.

distribution List<DistributionResponse>

The various channels by which a package is distributed.

license LicenseResponse

Licenses that have been declared by the authors of the package.

maintainer String

A freeform text denoting the maintainer of this package.

name String

Immutable. The name of the package.

packageType String

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url String

The homepage for this package.

version VersionResponse

The version of the package.

architecture string

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri string

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description string

The description of this package.

digest DigestResponse[]

Hash value, typically a file digest, that allows unique identification a specific package.

distribution DistributionResponse[]

The various channels by which a package is distributed.

license LicenseResponse

Licenses that have been declared by the authors of the package.

maintainer string

A freeform text denoting the maintainer of this package.

name string

Immutable. The name of the package.

packageType string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url string

The homepage for this package.

version VersionResponse

The version of the package.

architecture str

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpe_uri str

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description str

The description of this package.

digest Sequence[DigestResponse]

Hash value, typically a file digest, that allows unique identification a specific package.

distribution Sequence[DistributionResponse]

The various channels by which a package is distributed.

license LicenseResponse

Licenses that have been declared by the authors of the package.

maintainer str

A freeform text denoting the maintainer of this package.

name str

Immutable. The name of the package.

package_type str

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url str

The homepage for this package.

version VersionResponse

The version of the package.

architecture String

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

cpeUri String

The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.

description String

The description of this package.

digest List<Property Map>

Hash value, typically a file digest, that allows unique identification a specific package.

distribution List<Property Map>

The various channels by which a package is distributed.

license Property Map

Licenses that have been declared by the authors of the package.

maintainer String

A freeform text denoting the maintainer of this package.

name String

Immutable. The name of the package.

packageType String

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

url String

The homepage for this package.

version Property Map

The version of the package.

RelatedUrl

Label string

Label to describe usage of the URL.

Url string

Specific URL associated with the resource.

Label string

Label to describe usage of the URL.

Url string

Specific URL associated with the resource.

label String

Label to describe usage of the URL.

url String

Specific URL associated with the resource.

label string

Label to describe usage of the URL.

url string

Specific URL associated with the resource.

label str

Label to describe usage of the URL.

url str

Specific URL associated with the resource.

label String

Label to describe usage of the URL.

url String

Specific URL associated with the resource.

RelatedUrlResponse

Label string

Label to describe usage of the URL.

Url string

Specific URL associated with the resource.

Label string

Label to describe usage of the URL.

Url string

Specific URL associated with the resource.

label String

Label to describe usage of the URL.

url String

Specific URL associated with the resource.

label string

Label to describe usage of the URL.

url string

Specific URL associated with the resource.

label str

Label to describe usage of the URL.

url str

Specific URL associated with the resource.

label String

Label to describe usage of the URL.

url String

Specific URL associated with the resource.

RelationshipNote

Type Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.RelationshipNoteType

The type of relationship between the source and target SPDX elements

Type RelationshipNoteType

The type of relationship between the source and target SPDX elements

type RelationshipNoteType

The type of relationship between the source and target SPDX elements

type RelationshipNoteType

The type of relationship between the source and target SPDX elements

type RelationshipNoteType

The type of relationship between the source and target SPDX elements

type "RELATIONSHIP_TYPE_UNSPECIFIED" | "DESCRIBES" | "DESCRIBED_BY" | "CONTAINS" | "CONTAINED_BY" | "DEPENDS_ON" | "DEPENDENCY_OF" | "DEPENDENCY_MANIFEST_OF" | "BUILD_DEPENDENCY_OF" | "DEV_DEPENDENCY_OF" | "OPTIONAL_DEPENDENCY_OF" | "PROVIDED_DEPENDENCY_OF" | "TEST_DEPENDENCY_OF" | "RUNTIME_DEPENDENCY_OF" | "EXAMPLE_OF" | "GENERATES" | "GENERATED_FROM" | "ANCESTOR_OF" | "DESCENDANT_OF" | "VARIANT_OF" | "DISTRIBUTION_ARTIFACT" | "PATCH_FOR" | "PATCH_APPLIED" | "COPY_OF" | "FILE_ADDED" | "FILE_DELETED" | "FILE_MODIFIED" | "EXPANDED_FROM_ARCHIVE" | "DYNAMIC_LINK" | "STATIC_LINK" | "DATA_FILE_OF" | "TEST_CASE_OF" | "BUILD_TOOL_OF" | "DEV_TOOL_OF" | "TEST_OF" | "TEST_TOOL_OF" | "DOCUMENTATION_OF" | "OPTIONAL_COMPONENT_OF" | "METAFILE_OF" | "PACKAGE_OF" | "AMENDS" | "PREREQUISITE_FOR" | "HAS_PREREQUISITE" | "OTHER"

The type of relationship between the source and target SPDX elements

RelationshipNoteResponse

Type string

The type of relationship between the source and target SPDX elements

Type string

The type of relationship between the source and target SPDX elements

type String

The type of relationship between the source and target SPDX elements

type string

The type of relationship between the source and target SPDX elements

type str

The type of relationship between the source and target SPDX elements

type String

The type of relationship between the source and target SPDX elements

RelationshipNoteType

RelationshipTypeUnspecified
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

Describes
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

DescribedBy
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

Contains
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

ContainedBy
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

DependsOn
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

DependencyOf
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

DependencyManifestOf
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

BuildDependencyOf
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

DevDependencyOf
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

OptionalDependencyOf
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

ProvidedDependencyOf
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

TestDependencyOf
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

RuntimeDependencyOf
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

ExampleOf
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

Generates
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

GeneratedFrom
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

AncestorOf
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

DescendantOf
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

VariantOf
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

DistributionArtifact
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

PatchFor
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

PatchApplied
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

CopyOf
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

FileAdded
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

FileDeleted
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

FileModified
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

ExpandedFromArchive
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

DynamicLink
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

StaticLink
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

DataFileOf
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

TestCaseOf
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

BuildToolOf
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

DevToolOf
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

TestOf
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

TestToolOf
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

DocumentationOf
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

OptionalComponentOf
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

MetafileOf
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

PackageOf
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

Amends
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

PrerequisiteFor
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

HasPrerequisite
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

Other
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

RelationshipNoteTypeRelationshipTypeUnspecified
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

RelationshipNoteTypeDescribes
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

RelationshipNoteTypeDescribedBy
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

RelationshipNoteTypeContains
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

RelationshipNoteTypeContainedBy
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

RelationshipNoteTypeDependsOn
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

RelationshipNoteTypeDependencyOf
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

RelationshipNoteTypeDependencyManifestOf
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

RelationshipNoteTypeBuildDependencyOf
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

RelationshipNoteTypeDevDependencyOf
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

RelationshipNoteTypeOptionalDependencyOf
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

RelationshipNoteTypeProvidedDependencyOf
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

RelationshipNoteTypeTestDependencyOf
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

RelationshipNoteTypeRuntimeDependencyOf
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

RelationshipNoteTypeExampleOf
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

RelationshipNoteTypeGenerates
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

RelationshipNoteTypeGeneratedFrom
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

RelationshipNoteTypeAncestorOf
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

RelationshipNoteTypeDescendantOf
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

RelationshipNoteTypeVariantOf
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

RelationshipNoteTypeDistributionArtifact
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

RelationshipNoteTypePatchFor
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

RelationshipNoteTypePatchApplied
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

RelationshipNoteTypeCopyOf
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

RelationshipNoteTypeFileAdded
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

RelationshipNoteTypeFileDeleted
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

RelationshipNoteTypeFileModified
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

RelationshipNoteTypeExpandedFromArchive
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

RelationshipNoteTypeDynamicLink
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

RelationshipNoteTypeStaticLink
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

RelationshipNoteTypeDataFileOf
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

RelationshipNoteTypeTestCaseOf
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

RelationshipNoteTypeBuildToolOf
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

RelationshipNoteTypeDevToolOf
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

RelationshipNoteTypeTestOf
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

RelationshipNoteTypeTestToolOf
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

RelationshipNoteTypeDocumentationOf
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

RelationshipNoteTypeOptionalComponentOf
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

RelationshipNoteTypeMetafileOf
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

RelationshipNoteTypePackageOf
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

RelationshipNoteTypeAmends
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

RelationshipNoteTypePrerequisiteFor
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

RelationshipNoteTypeHasPrerequisite
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

RelationshipNoteTypeOther
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

RelationshipTypeUnspecified
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

Describes
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

DescribedBy
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

Contains
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

ContainedBy
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

DependsOn
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

DependencyOf
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

DependencyManifestOf
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

BuildDependencyOf
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

DevDependencyOf
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

OptionalDependencyOf
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

ProvidedDependencyOf
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

TestDependencyOf
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

RuntimeDependencyOf
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

ExampleOf
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

Generates
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

GeneratedFrom
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

AncestorOf
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

DescendantOf
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

VariantOf
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

DistributionArtifact
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

PatchFor
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

PatchApplied
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

CopyOf
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

FileAdded
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

FileDeleted
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

FileModified
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

ExpandedFromArchive
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

DynamicLink
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

StaticLink
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

DataFileOf
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

TestCaseOf
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

BuildToolOf
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

DevToolOf
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

TestOf
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

TestToolOf
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

DocumentationOf
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

OptionalComponentOf
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

MetafileOf
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

PackageOf
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

Amends
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

PrerequisiteFor
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

HasPrerequisite
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

Other
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

RelationshipTypeUnspecified
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

Describes
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

DescribedBy
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

Contains
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

ContainedBy
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

DependsOn
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

DependencyOf
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

DependencyManifestOf
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

BuildDependencyOf
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

DevDependencyOf
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

OptionalDependencyOf
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

ProvidedDependencyOf
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

TestDependencyOf
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

RuntimeDependencyOf
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

ExampleOf
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

Generates
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

GeneratedFrom
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

AncestorOf
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

DescendantOf
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

VariantOf
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

DistributionArtifact
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

PatchFor
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

PatchApplied
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

CopyOf
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

FileAdded
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

FileDeleted
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

FileModified
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

ExpandedFromArchive
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

DynamicLink
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

StaticLink
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

DataFileOf
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

TestCaseOf
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

BuildToolOf
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

DevToolOf
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

TestOf
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

TestToolOf
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

DocumentationOf
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

OptionalComponentOf
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

MetafileOf
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

PackageOf
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

Amends
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

PrerequisiteFor
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

HasPrerequisite
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

Other
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

RELATIONSHIP_TYPE_UNSPECIFIED
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

DESCRIBES
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

DESCRIBED_BY
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

CONTAINS
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

CONTAINED_BY
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

DEPENDS_ON
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

DEPENDENCY_OF
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

DEPENDENCY_MANIFEST_OF
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

BUILD_DEPENDENCY_OF
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

DEV_DEPENDENCY_OF
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

OPTIONAL_DEPENDENCY_OF
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

PROVIDED_DEPENDENCY_OF
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

TEST_DEPENDENCY_OF
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

RUNTIME_DEPENDENCY_OF
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

EXAMPLE_OF
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

GENERATES
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

GENERATED_FROM
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

ANCESTOR_OF
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

DESCENDANT_OF
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

VARIANT_OF
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

DISTRIBUTION_ARTIFACT
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

PATCH_FOR
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

PATCH_APPLIED
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

COPY_OF
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

FILE_ADDED
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

FILE_DELETED
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

FILE_MODIFIED
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

EXPANDED_FROM_ARCHIVE
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

DYNAMIC_LINK
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

STATIC_LINK
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

DATA_FILE_OF
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

TEST_CASE_OF
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

BUILD_TOOL_OF
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

DEV_TOOL_OF
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

TEST_OF
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

TEST_TOOL_OF
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

DOCUMENTATION_OF
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

OPTIONAL_COMPONENT_OF
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

METAFILE_OF
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

PACKAGE_OF
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

AMENDS
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

PREREQUISITE_FOR
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

HAS_PREREQUISITE
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

OTHER
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

"RELATIONSHIP_TYPE_UNSPECIFIED"
RELATIONSHIP_TYPE_UNSPECIFIED

Unspecified

"DESCRIBES"
DESCRIBES

Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A

"DESCRIBED_BY"
DESCRIBED_BY

Is to be used when SPDXRef-A is described by SPDXREF-Document

"CONTAINS"
CONTAINS

Is to be used when SPDXRef-A contains SPDXRef-B

"CONTAINED_BY"
CONTAINED_BY

Is to be used when SPDXRef-A is contained by SPDXRef-B

"DEPENDS_ON"
DEPENDS_ON

Is to be used when SPDXRef-A depends on SPDXRef-B

"DEPENDENCY_OF"
DEPENDENCY_OF

Is to be used when SPDXRef-A is dependency of SPDXRef-B

"DEPENDENCY_MANIFEST_OF"
DEPENDENCY_MANIFEST_OF

Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B

"BUILD_DEPENDENCY_OF"
BUILD_DEPENDENCY_OF

Is to be used when SPDXRef-A is a build dependency of SPDXRef-B

"DEV_DEPENDENCY_OF"
DEV_DEPENDENCY_OF

Is to be used when SPDXRef-A is a development dependency of SPDXRef-B

"OPTIONAL_DEPENDENCY_OF"
OPTIONAL_DEPENDENCY_OF

Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B

"PROVIDED_DEPENDENCY_OF"
PROVIDED_DEPENDENCY_OF

Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B

"TEST_DEPENDENCY_OF"
TEST_DEPENDENCY_OF

Is to be used when SPDXRef-A is a test dependency of SPDXRef-B

"RUNTIME_DEPENDENCY_OF"
RUNTIME_DEPENDENCY_OF

Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B

"EXAMPLE_OF"
EXAMPLE_OF

Is to be used when SPDXRef-A is an example of SPDXRef-B

"GENERATES"
GENERATES

Is to be used when SPDXRef-A generates SPDXRef-B

"GENERATED_FROM"
GENERATED_FROM

Is to be used when SPDXRef-A was generated from SPDXRef-B

"ANCESTOR_OF"
ANCESTOR_OF

Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B

"DESCENDANT_OF"
DESCENDANT_OF

Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B

"VARIANT_OF"
VARIANT_OF

Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B

"DISTRIBUTION_ARTIFACT"
DISTRIBUTION_ARTIFACT

Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed

"PATCH_FOR"
PATCH_FOR

Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B

"PATCH_APPLIED"
PATCH_APPLIED

Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B

"COPY_OF"
COPY_OF

Is to be used when SPDXRef-A is an exact copy of SPDXRef-B

"FILE_ADDED"
FILE_ADDED

Is to be used when SPDXRef-A is a file that was added to SPDXRef-B

"FILE_DELETED"
FILE_DELETED

Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B

"FILE_MODIFIED"
FILE_MODIFIED

Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B

"EXPANDED_FROM_ARCHIVE"
EXPANDED_FROM_ARCHIVE

Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B

"DYNAMIC_LINK"
DYNAMIC_LINK

Is to be used when SPDXRef-A dynamically links to SPDXRef-B

"STATIC_LINK"
STATIC_LINK

Is to be used when SPDXRef-A statically links to SPDXRef-B

"DATA_FILE_OF"
DATA_FILE_OF

Is to be used when SPDXRef-A is a data file used in SPDXRef-B

"TEST_CASE_OF"
TEST_CASE_OF

Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B

"BUILD_TOOL_OF"
BUILD_TOOL_OF

Is to be used when SPDXRef-A is used to build SPDXRef-B

"DEV_TOOL_OF"
DEV_TOOL_OF

Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B

"TEST_OF"
TEST_OF

Is to be used when SPDXRef-A is used for testing SPDXRef-B

"TEST_TOOL_OF"
TEST_TOOL_OF

Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B

"DOCUMENTATION_OF"
DOCUMENTATION_OF

Is to be used when SPDXRef-A provides documentation of SPDXRef-B

"OPTIONAL_COMPONENT_OF"
OPTIONAL_COMPONENT_OF

Is to be used when SPDXRef-A is an optional component of SPDXRef-B

"METAFILE_OF"
METAFILE_OF

Is to be used when SPDXRef-A is a metafile of SPDXRef-B

"PACKAGE_OF"
PACKAGE_OF

Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B

"AMENDS"
AMENDS

Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B

"PREREQUISITE_FOR"
PREREQUISITE_FOR

Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B

"HAS_PREREQUISITE"
HAS_PREREQUISITE

Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B

"OTHER"
OTHER

Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field

SigningKey

KeyId string

key_id is an identifier for the signing key.

KeyScheme string

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

KeyType string

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

PublicKeyValue string

This field contains the actual public key.

KeyId string

key_id is an identifier for the signing key.

KeyScheme string

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

KeyType string

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

PublicKeyValue string

This field contains the actual public key.

keyId String

key_id is an identifier for the signing key.

keyScheme String

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

keyType String

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

publicKeyValue String

This field contains the actual public key.

keyId string

key_id is an identifier for the signing key.

keyScheme string

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

keyType string

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

publicKeyValue string

This field contains the actual public key.

key_id str

key_id is an identifier for the signing key.

key_scheme str

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

key_type str

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

public_key_value str

This field contains the actual public key.

keyId String

key_id is an identifier for the signing key.

keyScheme String

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

keyType String

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

publicKeyValue String

This field contains the actual public key.

SigningKeyResponse

KeyId string

key_id is an identifier for the signing key.

KeyScheme string

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

KeyType string

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

PublicKeyValue string

This field contains the actual public key.

KeyId string

key_id is an identifier for the signing key.

KeyScheme string

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

KeyType string

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

PublicKeyValue string

This field contains the actual public key.

keyId String

key_id is an identifier for the signing key.

keyScheme String

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

keyType String

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

publicKeyValue String

This field contains the actual public key.

keyId string

key_id is an identifier for the signing key.

keyScheme string

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

keyType string

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

publicKeyValue string

This field contains the actual public key.

key_id str

key_id is an identifier for the signing key.

key_scheme str

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

key_type str

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

public_key_value str

This field contains the actual public key.

keyId String

key_id is an identifier for the signing key.

keyScheme String

This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".

keyType String

This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".

publicKeyValue String

This field contains the actual public key.

Version

Kind Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.VersionKind

Distinguishes between sentinel MIN/MAX versions and normal versions.

Epoch int

Used to correct mistakes in the version numbering scheme.

Inclusive bool

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

Name string

Required only when version kind is NORMAL. The main part of the version name.

Revision string

The iteration of the package build from the above version.

Kind VersionKind

Distinguishes between sentinel MIN/MAX versions and normal versions.

Epoch int

Used to correct mistakes in the version numbering scheme.

Inclusive bool

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

Name string

Required only when version kind is NORMAL. The main part of the version name.

Revision string

The iteration of the package build from the above version.

kind VersionKind

Distinguishes between sentinel MIN/MAX versions and normal versions.

epoch Integer

Used to correct mistakes in the version numbering scheme.

inclusive Boolean

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

name String

Required only when version kind is NORMAL. The main part of the version name.

revision String

The iteration of the package build from the above version.

kind VersionKind

Distinguishes between sentinel MIN/MAX versions and normal versions.

epoch number

Used to correct mistakes in the version numbering scheme.

inclusive boolean

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

name string

Required only when version kind is NORMAL. The main part of the version name.

revision string

The iteration of the package build from the above version.

kind VersionKind

Distinguishes between sentinel MIN/MAX versions and normal versions.

epoch int

Used to correct mistakes in the version numbering scheme.

inclusive bool

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

name str

Required only when version kind is NORMAL. The main part of the version name.

revision str

The iteration of the package build from the above version.

kind "VERSION_KIND_UNSPECIFIED" | "NORMAL" | "MINIMUM" | "MAXIMUM"

Distinguishes between sentinel MIN/MAX versions and normal versions.

epoch Number

Used to correct mistakes in the version numbering scheme.

inclusive Boolean

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

name String

Required only when version kind is NORMAL. The main part of the version name.

revision String

The iteration of the package build from the above version.

VersionKind

VersionKindUnspecified
VERSION_KIND_UNSPECIFIED

Unknown.

Normal
NORMAL

A standard package version.

Minimum
MINIMUM

A special version representing negative infinity.

Maximum
MAXIMUM

A special version representing positive infinity.

VersionKindVersionKindUnspecified
VERSION_KIND_UNSPECIFIED

Unknown.

VersionKindNormal
NORMAL

A standard package version.

VersionKindMinimum
MINIMUM

A special version representing negative infinity.

VersionKindMaximum
MAXIMUM

A special version representing positive infinity.

VersionKindUnspecified
VERSION_KIND_UNSPECIFIED

Unknown.

Normal
NORMAL

A standard package version.

Minimum
MINIMUM

A special version representing negative infinity.

Maximum
MAXIMUM

A special version representing positive infinity.

VersionKindUnspecified
VERSION_KIND_UNSPECIFIED

Unknown.

Normal
NORMAL

A standard package version.

Minimum
MINIMUM

A special version representing negative infinity.

Maximum
MAXIMUM

A special version representing positive infinity.

VERSION_KIND_UNSPECIFIED
VERSION_KIND_UNSPECIFIED

Unknown.

NORMAL
NORMAL

A standard package version.

MINIMUM
MINIMUM

A special version representing negative infinity.

MAXIMUM
MAXIMUM

A special version representing positive infinity.

"VERSION_KIND_UNSPECIFIED"
VERSION_KIND_UNSPECIFIED

Unknown.

"NORMAL"
NORMAL

A standard package version.

"MINIMUM"
MINIMUM

A special version representing negative infinity.

"MAXIMUM"
MAXIMUM

A special version representing positive infinity.

VersionResponse

Epoch int

Used to correct mistakes in the version numbering scheme.

Inclusive bool

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

Kind string

Distinguishes between sentinel MIN/MAX versions and normal versions.

Name string

Required only when version kind is NORMAL. The main part of the version name.

Revision string

The iteration of the package build from the above version.

Epoch int

Used to correct mistakes in the version numbering scheme.

Inclusive bool

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

Kind string

Distinguishes between sentinel MIN/MAX versions and normal versions.

Name string

Required only when version kind is NORMAL. The main part of the version name.

Revision string

The iteration of the package build from the above version.

epoch Integer

Used to correct mistakes in the version numbering scheme.

inclusive Boolean

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

kind String

Distinguishes between sentinel MIN/MAX versions and normal versions.

name String

Required only when version kind is NORMAL. The main part of the version name.

revision String

The iteration of the package build from the above version.

epoch number

Used to correct mistakes in the version numbering scheme.

inclusive boolean

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

kind string

Distinguishes between sentinel MIN/MAX versions and normal versions.

name string

Required only when version kind is NORMAL. The main part of the version name.

revision string

The iteration of the package build from the above version.

epoch int

Used to correct mistakes in the version numbering scheme.

inclusive bool

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

kind str

Distinguishes between sentinel MIN/MAX versions and normal versions.

name str

Required only when version kind is NORMAL. The main part of the version name.

revision str

The iteration of the package build from the above version.

epoch Number

Used to correct mistakes in the version numbering scheme.

inclusive Boolean

Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.

kind String

Distinguishes between sentinel MIN/MAX versions and normal versions.

name String

Required only when version kind is NORMAL. The main part of the version name.

revision String

The iteration of the package build from the above version.

Vulnerability

CvssScore double

The CVSS score for this vulnerability.

CvssV2 Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.CVSS

The full description of the CVSS for version 2.

CvssV3 Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.CVSSv3

The full description of the CVSS for version 3.

Cwe List<string>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

Details List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.Detail>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

Severity Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.VulnerabilitySeverity

Note provider assigned impact of the vulnerability.

SourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

WindowsDetails List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.WindowsDetail>

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

CvssScore float64

The CVSS score for this vulnerability.

CvssV2 CVSS

The full description of the CVSS for version 2.

CvssV3 CVSSv3

The full description of the CVSS for version 3.

Cwe []string

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

Details []Detail

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

Severity VulnerabilitySeverity

Note provider assigned impact of the vulnerability.

SourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

WindowsDetails []WindowsDetail

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvssScore Double

The CVSS score for this vulnerability.

cvssV2 CVSS

The full description of the CVSS for version 2.

cvssV3 CVSSv3

The full description of the CVSS for version 3.

cwe List<String>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details List<Detail>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity VulnerabilitySeverity

Note provider assigned impact of the vulnerability.

sourceUpdateTime String

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

windowsDetails List<WindowsDetail>

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvssScore number

The CVSS score for this vulnerability.

cvssV2 CVSS

The full description of the CVSS for version 2.

cvssV3 CVSSv3

The full description of the CVSS for version 3.

cwe string[]

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details Detail[]

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity VulnerabilitySeverity

Note provider assigned impact of the vulnerability.

sourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

windowsDetails WindowsDetail[]

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvss_score float

The CVSS score for this vulnerability.

cvss_v2 CVSS

The full description of the CVSS for version 2.

cvss_v3 CVSSv3

The full description of the CVSS for version 3.

cwe Sequence[str]

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details Sequence[Detail]

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity VulnerabilitySeverity

Note provider assigned impact of the vulnerability.

source_update_time str

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

windows_details Sequence[WindowsDetail]

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvssScore Number

The CVSS score for this vulnerability.

cvssV2 Property Map

The full description of the CVSS for version 2.

cvssV3 Property Map

The full description of the CVSS for version 3.

cwe List<String>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details List<Property Map>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity "SEVERITY_UNSPECIFIED" | "MINIMAL" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL"

Note provider assigned impact of the vulnerability.

sourceUpdateTime String

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

windowsDetails List<Property Map>

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

VulnerabilityLocation

CpeUri string

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

Package string

The package being described.

Version Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.Version

The version of the package being described.

CpeUri string

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

Package string

The package being described.

Version Version

The version of the package being described.

cpeUri String

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

package_ String

The package being described.

version Version

The version of the package being described.

cpeUri string

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

package string

The package being described.

version Version

The version of the package being described.

cpe_uri str

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

package str

The package being described.

version Version

The version of the package being described.

cpeUri String

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

package String

The package being described.

version Property Map

The version of the package being described.

VulnerabilityLocationResponse

CpeUri string

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

Package string

The package being described.

Version Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse

The version of the package being described.

CpeUri string

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

Package string

The package being described.

Version VersionResponse

The version of the package being described.

cpeUri String

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

package_ String

The package being described.

version VersionResponse

The version of the package being described.

cpeUri string

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

package string

The package being described.

version VersionResponse

The version of the package being described.

cpe_uri str

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

package str

The package being described.

version VersionResponse

The version of the package being described.

cpeUri String

The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.

package String

The package being described.

version Property Map

The version of the package being described.

VulnerabilityResponse

CvssScore double

The CVSS score for this vulnerability.

CvssV2 Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.CVSSResponse

The full description of the CVSS for version 2.

CvssV3 Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.CVSSv3Response

The full description of the CVSS for version 3.

Cwe List<string>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

Details List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DetailResponse>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

Severity string

Note provider assigned impact of the vulnerability.

SourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

WindowsDetails List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.WindowsDetailResponse>

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

CvssScore float64

The CVSS score for this vulnerability.

CvssV2 CVSSResponse

The full description of the CVSS for version 2.

CvssV3 CVSSv3Response

The full description of the CVSS for version 3.

Cwe []string

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

Details []DetailResponse

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

Severity string

Note provider assigned impact of the vulnerability.

SourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

WindowsDetails []WindowsDetailResponse

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvssScore Double

The CVSS score for this vulnerability.

cvssV2 CVSSResponse

The full description of the CVSS for version 2.

cvssV3 CVSSv3Response

The full description of the CVSS for version 3.

cwe List<String>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details List<DetailResponse>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity String

Note provider assigned impact of the vulnerability.

sourceUpdateTime String

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

windowsDetails List<WindowsDetailResponse>

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvssScore number

The CVSS score for this vulnerability.

cvssV2 CVSSResponse

The full description of the CVSS for version 2.

cvssV3 CVSSv3Response

The full description of the CVSS for version 3.

cwe string[]

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details DetailResponse[]

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity string

Note provider assigned impact of the vulnerability.

sourceUpdateTime string

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

windowsDetails WindowsDetailResponse[]

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvss_score float

The CVSS score for this vulnerability.

cvss_v2 CVSSResponse

The full description of the CVSS for version 2.

cvss_v3 CVSSv3Response

The full description of the CVSS for version 3.

cwe Sequence[str]

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details Sequence[DetailResponse]

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity str

Note provider assigned impact of the vulnerability.

source_update_time str

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

windows_details Sequence[WindowsDetailResponse]

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvssScore Number

The CVSS score for this vulnerability.

cvssV2 Property Map

The full description of the CVSS for version 2.

cvssV3 Property Map

The full description of the CVSS for version 3.

cwe List<String>

A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html

details List<Property Map>

All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.

severity String

Note provider assigned impact of the vulnerability.

sourceUpdateTime String

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

windowsDetails List<Property Map>

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

VulnerabilitySeverity

SeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown.

Minimal
MINIMAL

Minimal severity.

Low
LOW

Low severity.

Medium
MEDIUM

Medium severity.

High
HIGH

High severity.

Critical
CRITICAL

Critical severity.

VulnerabilitySeveritySeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown.

VulnerabilitySeverityMinimal
MINIMAL

Minimal severity.

VulnerabilitySeverityLow
LOW

Low severity.

VulnerabilitySeverityMedium
MEDIUM

Medium severity.

VulnerabilitySeverityHigh
HIGH

High severity.

VulnerabilitySeverityCritical
CRITICAL

Critical severity.

SeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown.

Minimal
MINIMAL

Minimal severity.

Low
LOW

Low severity.

Medium
MEDIUM

Medium severity.

High
HIGH

High severity.

Critical
CRITICAL

Critical severity.

SeverityUnspecified
SEVERITY_UNSPECIFIED

Unknown.

Minimal
MINIMAL

Minimal severity.

Low
LOW

Low severity.

Medium
MEDIUM

Medium severity.

High
HIGH

High severity.

Critical
CRITICAL

Critical severity.

SEVERITY_UNSPECIFIED
SEVERITY_UNSPECIFIED

Unknown.

MINIMAL
MINIMAL

Minimal severity.

LOW
LOW

Low severity.

MEDIUM
MEDIUM

Medium severity.

HIGH
HIGH

High severity.

CRITICAL
CRITICAL

Critical severity.

"SEVERITY_UNSPECIFIED"
SEVERITY_UNSPECIFIED

Unknown.

"MINIMAL"
MINIMAL

Minimal severity.

"LOW"
LOW

Low severity.

"MEDIUM"
MEDIUM

Medium severity.

"HIGH"
HIGH

High severity.

"CRITICAL"
CRITICAL

Critical severity.

WindowsDetail

CpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

FixingKbs List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.KnowledgeBase>

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

Name string

The name of the vulnerability.

Description string

The description of the vulnerability.

CpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

FixingKbs []KnowledgeBase

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

Name string

The name of the vulnerability.

Description string

The description of the vulnerability.

cpeUri String

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

fixingKbs List<KnowledgeBase>

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

name String

The name of the vulnerability.

description String

The description of the vulnerability.

cpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

fixingKbs KnowledgeBase[]

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

name string

The name of the vulnerability.

description string

The description of the vulnerability.

cpe_uri str

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

fixing_kbs Sequence[KnowledgeBase]

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

name str

The name of the vulnerability.

description str

The description of the vulnerability.

cpeUri String

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

fixingKbs List<Property Map>

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

name String

The name of the vulnerability.

description String

The description of the vulnerability.

WindowsDetailResponse

CpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

Description string

The description of the vulnerability.

FixingKbs List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.KnowledgeBaseResponse>

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

Name string

The name of the vulnerability.

CpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

Description string

The description of the vulnerability.

FixingKbs []KnowledgeBaseResponse

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

Name string

The name of the vulnerability.

cpeUri String

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

description String

The description of the vulnerability.

fixingKbs List<KnowledgeBaseResponse>

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

name String

The name of the vulnerability.

cpeUri string

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

description string

The description of the vulnerability.

fixingKbs KnowledgeBaseResponse[]

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

name string

The name of the vulnerability.

cpe_uri str

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

description str

The description of the vulnerability.

fixing_kbs Sequence[KnowledgeBaseResponse]

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

name str

The name of the vulnerability.

cpeUri String

The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.

description String

The description of the vulnerability.

fixingKbs List<Property Map>

The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.

name String

The name of the vulnerability.

Package Details

Repository
https://github.com/pulumi/pulumi-google-native
License
Apache-2.0