Docs Home
Oracle Cloud Infrastructure v3.7.0 published on Saturday, Sep 13, 2025 by Pulumi
oci.DataSafe.getSecurityAssessmentChecks
Explore with Pulumi AI
This data source provides the list of Security Assessment Checks in Oracle Cloud Infrastructure Data Safe service.
Lists all the security checks in the specified compartment for security assessment of type TEMPLATE.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testSecurityAssessmentChecks = oci.DataSafe.getSecurityAssessmentChecks({
securityAssessmentId: testSecurityAssessment.id,
accessLevel: securityAssessmentCheckAccessLevel,
compartmentIdInSubtree: securityAssessmentCheckCompartmentIdInSubtree,
containsReferences: securityAssessmentCheckContainsReferences,
containsSeverities: securityAssessmentCheckContainsSeverity,
key: securityAssessmentCheckKey,
suggestedSeverity: securityAssessmentCheckSuggestedSeverity,
});
import pulumi
import pulumi_oci as oci
test_security_assessment_checks = oci.DataSafe.get_security_assessment_checks(security_assessment_id=test_security_assessment["id"],
access_level=security_assessment_check_access_level,
compartment_id_in_subtree=security_assessment_check_compartment_id_in_subtree,
contains_references=security_assessment_check_contains_references,
contains_severities=security_assessment_check_contains_severity,
key=security_assessment_check_key,
suggested_severity=security_assessment_check_suggested_severity)
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v3/go/oci/datasafe"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := datasafe.GetSecurityAssessmentChecks(ctx, &datasafe.GetSecurityAssessmentChecksArgs{
SecurityAssessmentId: testSecurityAssessment.Id,
AccessLevel: pulumi.StringRef(securityAssessmentCheckAccessLevel),
CompartmentIdInSubtree: pulumi.BoolRef(securityAssessmentCheckCompartmentIdInSubtree),
ContainsReferences: securityAssessmentCheckContainsReferences,
ContainsSeverities: securityAssessmentCheckContainsSeverity,
Key: pulumi.StringRef(securityAssessmentCheckKey),
SuggestedSeverity: pulumi.StringRef(securityAssessmentCheckSuggestedSeverity),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testSecurityAssessmentChecks = Oci.DataSafe.GetSecurityAssessmentChecks.Invoke(new()
{
SecurityAssessmentId = testSecurityAssessment.Id,
AccessLevel = securityAssessmentCheckAccessLevel,
CompartmentIdInSubtree = securityAssessmentCheckCompartmentIdInSubtree,
ContainsReferences = securityAssessmentCheckContainsReferences,
ContainsSeverities = securityAssessmentCheckContainsSeverity,
Key = securityAssessmentCheckKey,
SuggestedSeverity = securityAssessmentCheckSuggestedSeverity,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.DataSafe.DataSafeFunctions;
import com.pulumi.oci.DataSafe.inputs.GetSecurityAssessmentChecksArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var testSecurityAssessmentChecks = DataSafeFunctions.getSecurityAssessmentChecks(GetSecurityAssessmentChecksArgs.builder()
.securityAssessmentId(testSecurityAssessment.id())
.accessLevel(securityAssessmentCheckAccessLevel)
.compartmentIdInSubtree(securityAssessmentCheckCompartmentIdInSubtree)
.containsReferences(securityAssessmentCheckContainsReferences)
.containsSeverities(securityAssessmentCheckContainsSeverity)
.key(securityAssessmentCheckKey)
.suggestedSeverity(securityAssessmentCheckSuggestedSeverity)
.build());
}
}
variables:
testSecurityAssessmentChecks:
fn::invoke:
function: oci:DataSafe:getSecurityAssessmentChecks
arguments:
securityAssessmentId: ${testSecurityAssessment.id}
accessLevel: ${securityAssessmentCheckAccessLevel}
compartmentIdInSubtree: ${securityAssessmentCheckCompartmentIdInSubtree}
containsReferences: ${securityAssessmentCheckContainsReferences}
containsSeverities: ${securityAssessmentCheckContainsSeverity}
key: ${securityAssessmentCheckKey}
suggestedSeverity: ${securityAssessmentCheckSuggestedSeverity}
Using getSecurityAssessmentChecks
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecurityAssessmentChecks(args: GetSecurityAssessmentChecksArgs, opts?: InvokeOptions): Promise<GetSecurityAssessmentChecksResult>
function getSecurityAssessmentChecksOutput(args: GetSecurityAssessmentChecksOutputArgs, opts?: InvokeOptions): Output<GetSecurityAssessmentChecksResult>def get_security_assessment_checks(access_level: Optional[str] = None,
compartment_id_in_subtree: Optional[bool] = None,
contains_references: Optional[Sequence[str]] = None,
contains_severities: Optional[Sequence[str]] = None,
filters: Optional[Sequence[GetSecurityAssessmentChecksFilter]] = None,
key: Optional[str] = None,
security_assessment_id: Optional[str] = None,
suggested_severity: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetSecurityAssessmentChecksResult
def get_security_assessment_checks_output(access_level: Optional[pulumi.Input[str]] = None,
compartment_id_in_subtree: Optional[pulumi.Input[bool]] = None,
contains_references: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
contains_severities: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
filters: Optional[pulumi.Input[Sequence[pulumi.Input[GetSecurityAssessmentChecksFilterArgs]]]] = None,
key: Optional[pulumi.Input[str]] = None,
security_assessment_id: Optional[pulumi.Input[str]] = None,
suggested_severity: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecurityAssessmentChecksResult]func GetSecurityAssessmentChecks(ctx *Context, args *GetSecurityAssessmentChecksArgs, opts ...InvokeOption) (*GetSecurityAssessmentChecksResult, error)
func GetSecurityAssessmentChecksOutput(ctx *Context, args *GetSecurityAssessmentChecksOutputArgs, opts ...InvokeOption) GetSecurityAssessmentChecksResultOutput> Note: This function is named GetSecurityAssessmentChecks in the Go SDK.
public static class GetSecurityAssessmentChecks
{
public static Task<GetSecurityAssessmentChecksResult> InvokeAsync(GetSecurityAssessmentChecksArgs args, InvokeOptions? opts = null)
public static Output<GetSecurityAssessmentChecksResult> Invoke(GetSecurityAssessmentChecksInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetSecurityAssessmentChecksResult> getSecurityAssessmentChecks(GetSecurityAssessmentChecksArgs args, InvokeOptions options)
public static Output<GetSecurityAssessmentChecksResult> getSecurityAssessmentChecks(GetSecurityAssessmentChecksArgs args, InvokeOptions options)
fn::invoke:
function: oci:DataSafe/getSecurityAssessmentChecks:getSecurityAssessmentChecks
arguments:
# arguments dictionaryThe following arguments are supported:
- Security
Assessment stringId - The OCID of the security assessment.
- Access
Level string - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- Compartment
Id boolIn Subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- Contains
References List<string> - An optional filter to return only findings that match the specified references. Use containsReferences param if need to filter by multiple references.
- Contains
Severities List<string> - A filter to return only findings that match the specified risk level(s). Use containsSeverity parameter if need to filter by multiple risk levels.
- Filters
List<Get
Security Assessment Checks Filter> - Key string
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- Suggested
Severity string - A filter to return only checks of a particular risk level.
- Security
Assessment stringId - The OCID of the security assessment.
- Access
Level string - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- Compartment
Id boolIn Subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- Contains
References []string - An optional filter to return only findings that match the specified references. Use containsReferences param if need to filter by multiple references.
- Contains
Severities []string - A filter to return only findings that match the specified risk level(s). Use containsSeverity parameter if need to filter by multiple risk levels.
- Filters
[]Get
Security Assessment Checks Filter - Key string
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- Suggested
Severity string - A filter to return only checks of a particular risk level.
- security
Assessment StringId - The OCID of the security assessment.
- access
Level String - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment
Id BooleanIn Subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- contains
References List<String> - An optional filter to return only findings that match the specified references. Use containsReferences param if need to filter by multiple references.
- contains
Severities List<String> - A filter to return only findings that match the specified risk level(s). Use containsSeverity parameter if need to filter by multiple risk levels.
- filters
List<Get
Security Assessment Checks Filter> - key String
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- suggested
Severity String - A filter to return only checks of a particular risk level.
- security
Assessment stringId - The OCID of the security assessment.
- access
Level string - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment
Id booleanIn Subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- contains
References string[] - An optional filter to return only findings that match the specified references. Use containsReferences param if need to filter by multiple references.
- contains
Severities string[] - A filter to return only findings that match the specified risk level(s). Use containsSeverity parameter if need to filter by multiple risk levels.
- filters
Get
Security Assessment Checks Filter[] - key string
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- suggested
Severity string - A filter to return only checks of a particular risk level.
- security_
assessment_ strid - The OCID of the security assessment.
- access_
level str - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment_
id_ boolin_ subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- contains_
references Sequence[str] - An optional filter to return only findings that match the specified references. Use containsReferences param if need to filter by multiple references.
- contains_
severities Sequence[str] - A filter to return only findings that match the specified risk level(s). Use containsSeverity parameter if need to filter by multiple risk levels.
- filters
Sequence[Get
Security Assessment Checks Filter] - key str
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- suggested_
severity str - A filter to return only checks of a particular risk level.
- security
Assessment StringId - The OCID of the security assessment.
- access
Level String - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment
Id BooleanIn Subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- contains
References List<String> - An optional filter to return only findings that match the specified references. Use containsReferences param if need to filter by multiple references.
- contains
Severities List<String> - A filter to return only findings that match the specified risk level(s). Use containsSeverity parameter if need to filter by multiple risk levels.
- filters List<Property Map>
- key String
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- suggested
Severity String - A filter to return only checks of a particular risk level.
getSecurityAssessmentChecks Result
The following output properties are available:
- Checks
List<Get
Security Assessment Checks Check> - The list of checks.
- Id string
- The provider-assigned unique ID for this managed resource.
- Security
Assessment stringId - Access
Level string - Compartment
Id boolIn Subtree - Contains
References List<string> - Contains
Severities List<string> - Filters
List<Get
Security Assessment Checks Filter> - Key string
- A unique identifier for the check.
- Suggested
Severity string - The severity of the check as suggested by Data Safe security assessment. This will be the default severity in the template baseline security assessment.
- Checks
[]Get
Security Assessment Checks Check - The list of checks.
- Id string
- The provider-assigned unique ID for this managed resource.
- Security
Assessment stringId - Access
Level string - Compartment
Id boolIn Subtree - Contains
References []string - Contains
Severities []string - Filters
[]Get
Security Assessment Checks Filter - Key string
- A unique identifier for the check.
- Suggested
Severity string - The severity of the check as suggested by Data Safe security assessment. This will be the default severity in the template baseline security assessment.
- checks
List<Get
Security Assessment Checks Check> - The list of checks.
- id String
- The provider-assigned unique ID for this managed resource.
- security
Assessment StringId - access
Level String - compartment
Id BooleanIn Subtree - contains
References List<String> - contains
Severities List<String> - filters
List<Get
Security Assessment Checks Filter> - key String
- A unique identifier for the check.
- suggested
Severity String - The severity of the check as suggested by Data Safe security assessment. This will be the default severity in the template baseline security assessment.
- checks
Get
Security Assessment Checks Check[] - The list of checks.
- id string
- The provider-assigned unique ID for this managed resource.
- security
Assessment stringId - access
Level string - compartment
Id booleanIn Subtree - contains
References string[] - contains
Severities string[] - filters
Get
Security Assessment Checks Filter[] - key string
- A unique identifier for the check.
- suggested
Severity string - The severity of the check as suggested by Data Safe security assessment. This will be the default severity in the template baseline security assessment.
- checks
Sequence[Get
Security Assessment Checks Check] - The list of checks.
- id str
- The provider-assigned unique ID for this managed resource.
- security_
assessment_ strid - access_
level str - compartment_
id_ boolin_ subtree - contains_
references Sequence[str] - contains_
severities Sequence[str] - filters
Sequence[Get
Security Assessment Checks Filter] - key str
- A unique identifier for the check.
- suggested_
severity str - The severity of the check as suggested by Data Safe security assessment. This will be the default severity in the template baseline security assessment.
- checks List<Property Map>
- The list of checks.
- id String
- The provider-assigned unique ID for this managed resource.
- security
Assessment StringId - access
Level String - compartment
Id BooleanIn Subtree - contains
References List<String> - contains
Severities List<String> - filters List<Property Map>
- key String
- A unique identifier for the check.
- suggested
Severity String - The severity of the check as suggested by Data Safe security assessment. This will be the default severity in the template baseline security assessment.
Supporting Types
GetSecurityAssessmentChecksCheck
- Category string
- The category to which the check belongs to.
- Key string
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- Oneline string
- Provides a recommended approach to take to remediate the check reported.
- References
List<Get
Security Assessment Checks Check Reference> - Provides information on whether the check is related to a CIS Oracle Database Benchmark recommendation, STIG rule, GDPR Article/Recital or related to the Oracle Best Practice.
- Remarks string
- The explanation of the issue in this check. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- Security
Assessment stringId - The OCID of the security assessment.
- Suggested
Severity string - A filter to return only checks of a particular risk level.
- Title string
- The short title for the check.
- Patch
Operations List<GetSecurity Assessment Checks Check Patch Operation>
- Category string
- The category to which the check belongs to.
- Key string
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- Oneline string
- Provides a recommended approach to take to remediate the check reported.
- References
[]Get
Security Assessment Checks Check Reference - Provides information on whether the check is related to a CIS Oracle Database Benchmark recommendation, STIG rule, GDPR Article/Recital or related to the Oracle Best Practice.
- Remarks string
- The explanation of the issue in this check. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- Security
Assessment stringId - The OCID of the security assessment.
- Suggested
Severity string - A filter to return only checks of a particular risk level.
- Title string
- The short title for the check.
- Patch
Operations []GetSecurity Assessment Checks Check Patch Operation
- category String
- The category to which the check belongs to.
- key String
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- oneline String
- Provides a recommended approach to take to remediate the check reported.
- references
List<Get
Security Assessment Checks Check Reference> - Provides information on whether the check is related to a CIS Oracle Database Benchmark recommendation, STIG rule, GDPR Article/Recital or related to the Oracle Best Practice.
- remarks String
- The explanation of the issue in this check. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- security
Assessment StringId - The OCID of the security assessment.
- suggested
Severity String - A filter to return only checks of a particular risk level.
- title String
- The short title for the check.
- patch
Operations List<GetSecurity Assessment Checks Check Patch Operation>
- category string
- The category to which the check belongs to.
- key string
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- oneline string
- Provides a recommended approach to take to remediate the check reported.
- references
Get
Security Assessment Checks Check Reference[] - Provides information on whether the check is related to a CIS Oracle Database Benchmark recommendation, STIG rule, GDPR Article/Recital or related to the Oracle Best Practice.
- remarks string
- The explanation of the issue in this check. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- security
Assessment stringId - The OCID of the security assessment.
- suggested
Severity string - A filter to return only checks of a particular risk level.
- title string
- The short title for the check.
- patch
Operations GetSecurity Assessment Checks Check Patch Operation[]
- category str
- The category to which the check belongs to.
- key str
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- oneline str
- Provides a recommended approach to take to remediate the check reported.
- references
Sequence[Get
Security Assessment Checks Check Reference] - Provides information on whether the check is related to a CIS Oracle Database Benchmark recommendation, STIG rule, GDPR Article/Recital or related to the Oracle Best Practice.
- remarks str
- The explanation of the issue in this check. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- security_
assessment_ strid - The OCID of the security assessment.
- suggested_
severity str - A filter to return only checks of a particular risk level.
- title str
- The short title for the check.
- patch_
operations Sequence[GetSecurity Assessment Checks Check Patch Operation]
- category String
- The category to which the check belongs to.
- key String
- Each check in security assessment has an associated key (think of key as a check's name). For a given check, the key will be the same across targets. The user can use these keys to filter the checks.
- oneline String
- Provides a recommended approach to take to remediate the check reported.
- references List<Property Map>
- Provides information on whether the check is related to a CIS Oracle Database Benchmark recommendation, STIG rule, GDPR Article/Recital or related to the Oracle Best Practice.
- remarks String
- The explanation of the issue in this check. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- security
Assessment StringId - The OCID of the security assessment.
- suggested
Severity String - A filter to return only checks of a particular risk level.
- title String
- The short title for the check.
- patch
Operations List<Property Map>
GetSecurityAssessmentChecksCheckPatchOperation
GetSecurityAssessmentChecksCheckReference
GetSecurityAssessmentChecksFilter
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
ociTerraform Provider.