Oracle Cloud Infrastructure v3.7.0, Sep 13 25

Oracle Cloud Infrastructure v3.7.0 published on Saturday, Sep 13, 2025 by Pulumi

oci.DataSafe.SecurityAssessmentFinding

Explore with Pulumi AI

Oracle Cloud Infrastructure v3.7.0 published on Saturday, Sep 13, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testSecurityAssessmentFinding = new oci.datasafe.SecurityAssessmentFinding("test_security_assessment_finding", {
    securityAssessmentId: testSecurityAssessment.id,
    patchOperations: [{
        operation: securityAssessmentFindingPatchOperationsOperation,
        selection: securityAssessmentFindingPatchOperationsSelection,
        value: securityAssessmentFindingPatchOperationsValue,
    }],
});

import pulumi
import pulumi_oci as oci

test_security_assessment_finding = oci.datasafe.SecurityAssessmentFinding("test_security_assessment_finding",
    security_assessment_id=test_security_assessment["id"],
    patch_operations=[{
        "operation": security_assessment_finding_patch_operations_operation,
        "selection": security_assessment_finding_patch_operations_selection,
        "value": security_assessment_finding_patch_operations_value,
    }])

package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v3/go/oci/datasafe"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := datasafe.NewSecurityAssessmentFinding(ctx, "test_security_assessment_finding", &datasafe.SecurityAssessmentFindingArgs{
			SecurityAssessmentId: pulumi.Any(testSecurityAssessment.Id),
			PatchOperations: datasafe.SecurityAssessmentFindingPatchOperationArray{
				&datasafe.SecurityAssessmentFindingPatchOperationArgs{
					Operation: pulumi.Any(securityAssessmentFindingPatchOperationsOperation),
					Selection: pulumi.Any(securityAssessmentFindingPatchOperationsSelection),
					Value:     pulumi.Any(securityAssessmentFindingPatchOperationsValue),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testSecurityAssessmentFinding = new Oci.DataSafe.SecurityAssessmentFinding("test_security_assessment_finding", new()
    {
        SecurityAssessmentId = testSecurityAssessment.Id,
        PatchOperations = new[]
        {
            new Oci.DataSafe.Inputs.SecurityAssessmentFindingPatchOperationArgs
            {
                Operation = securityAssessmentFindingPatchOperationsOperation,
                Selection = securityAssessmentFindingPatchOperationsSelection,
                Value = securityAssessmentFindingPatchOperationsValue,
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.DataSafe.SecurityAssessmentFinding;
import com.pulumi.oci.DataSafe.SecurityAssessmentFindingArgs;
import com.pulumi.oci.DataSafe.inputs.SecurityAssessmentFindingPatchOperationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testSecurityAssessmentFinding = new SecurityAssessmentFinding("testSecurityAssessmentFinding", SecurityAssessmentFindingArgs.builder()
            .securityAssessmentId(testSecurityAssessment.id())
            .patchOperations(SecurityAssessmentFindingPatchOperationArgs.builder()
                .operation(securityAssessmentFindingPatchOperationsOperation)
                .selection(securityAssessmentFindingPatchOperationsSelection)
                .value(securityAssessmentFindingPatchOperationsValue)
                .build())
            .build());

    }
}

resources:
  testSecurityAssessmentFinding:
    type: oci:DataSafe:SecurityAssessmentFinding
    name: test_security_assessment_finding
    properties:
      securityAssessmentId: ${testSecurityAssessment.id}
      patchOperations:
        - operation: ${securityAssessmentFindingPatchOperationsOperation}
          selection: ${securityAssessmentFindingPatchOperationsSelection}
          value: ${securityAssessmentFindingPatchOperationsValue}

Create SecurityAssessmentFinding Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SecurityAssessmentFinding(name: string, args: SecurityAssessmentFindingArgs, opts?: CustomResourceOptions);

@overload
def SecurityAssessmentFinding(resource_name: str,
                              args: SecurityAssessmentFindingArgs,
                              opts: Optional[ResourceOptions] = None)

@overload
def SecurityAssessmentFinding(resource_name: str,
                              opts: Optional[ResourceOptions] = None,
                              security_assessment_id: Optional[str] = None,
                              patch_operations: Optional[Sequence[SecurityAssessmentFindingPatchOperationArgs]] = None)

func NewSecurityAssessmentFinding(ctx *Context, name string, args SecurityAssessmentFindingArgs, opts ...ResourceOption) (*SecurityAssessmentFinding, error)

public SecurityAssessmentFinding(string name, SecurityAssessmentFindingArgs args, CustomResourceOptions? opts = null)

public SecurityAssessmentFinding(String name, SecurityAssessmentFindingArgs args)
public SecurityAssessmentFinding(String name, SecurityAssessmentFindingArgs args, CustomResourceOptions options)

type: oci:DataSafe:SecurityAssessmentFinding
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SecurityAssessmentFindingArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SecurityAssessmentFindingArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SecurityAssessmentFindingArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SecurityAssessmentFindingArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SecurityAssessmentFindingArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var securityAssessmentFindingResource = new Oci.DataSafe.SecurityAssessmentFinding("securityAssessmentFindingResource", new()
{
    SecurityAssessmentId = "string",
    PatchOperations = new[]
    {
        new Oci.DataSafe.Inputs.SecurityAssessmentFindingPatchOperationArgs
        {
            Operation = "string",
            Selection = "string",
            Value = 
            {
                { "string", "string" },
            },
        },
    },
});

example, err := datasafe.NewSecurityAssessmentFinding(ctx, "securityAssessmentFindingResource", &datasafe.SecurityAssessmentFindingArgs{
	SecurityAssessmentId: pulumi.String("string"),
	PatchOperations: datasafe.SecurityAssessmentFindingPatchOperationArray{
		&datasafe.SecurityAssessmentFindingPatchOperationArgs{
			Operation: pulumi.String("string"),
			Selection: pulumi.String("string"),
			Value: pulumi.StringMap{
				"string": pulumi.String("string"),
			},
		},
	},
})

var securityAssessmentFindingResource = new SecurityAssessmentFinding("securityAssessmentFindingResource", SecurityAssessmentFindingArgs.builder()
    .securityAssessmentId("string")
    .patchOperations(SecurityAssessmentFindingPatchOperationArgs.builder()
        .operation("string")
        .selection("string")
        .value(Map.of("string", "string"))
        .build())
    .build());

security_assessment_finding_resource = oci.datasafe.SecurityAssessmentFinding("securityAssessmentFindingResource",
    security_assessment_id="string",
    patch_operations=[{
        "operation": "string",
        "selection": "string",
        "value": {
            "string": "string",
        },
    }])

const securityAssessmentFindingResource = new oci.datasafe.SecurityAssessmentFinding("securityAssessmentFindingResource", {
    securityAssessmentId: "string",
    patchOperations: [{
        operation: "string",
        selection: "string",
        value: {
            string: "string",
        },
    }],
});

type: oci:DataSafe:SecurityAssessmentFinding
properties:
    patchOperations:
        - operation: string
          selection: string
          value:
            string: string
    securityAssessmentId: string

SecurityAssessmentFinding Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SecurityAssessmentFinding resource accepts the following input properties:

SecurityAssessmentId string: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
PatchOperations List<SecurityAssessmentFindingPatchOperation>: (Updatable)

SecurityAssessmentId string: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
PatchOperations []SecurityAssessmentFindingPatchOperationArgs: (Updatable)

securityAssessmentId String: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
patchOperations List<SecurityAssessmentFindingPatchOperation>: (Updatable)

securityAssessmentId string: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
patchOperations SecurityAssessmentFindingPatchOperation[]: (Updatable)

security_assessment_id str: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
patch_operations Sequence[SecurityAssessmentFindingPatchOperationArgs]: (Updatable)

securityAssessmentId String: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
patchOperations List<Property Map>: (Updatable)

Outputs

All input properties are implicitly available as output properties. Additionally, the SecurityAssessmentFinding resource produces the following output properties:

AssessmentId string: The OCID of the assessment that generated this finding.
Category string: The category to which the finding belongs to.
Details List<string>: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
HasTargetDbRiskLevelChanged bool: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
Id string: The provider-assigned unique ID for this managed resource.
IsRiskModified bool: Determines if this risk level was modified by user.
IsTopFinding bool: Indicates whether a given finding is marked as topFinding or not.
Justification string: User provided reason for accepting or modifying this finding if they choose to do so.
Key string: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
LifecycleDetails string: Details about the current state of the finding.
Oneline string: Provides a recommended approach to take to remediate the finding reported.
OracleDefinedSeverity string: The severity of the finding as determined by security assessment. This cannot be modified by user.
References List<SecurityAssessmentFindingReference>: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
Remarks string: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
Severity string: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
State string: The current state of the finding.
Summary string: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
TargetId string: The OCID of the target database.
TimeUpdated string: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
TimeValidUntil string: The time until which the change in severity(deferred / modified) of this finding is valid.
Title string: The short title for the finding.

AssessmentId string: The OCID of the assessment that generated this finding.
Category string: The category to which the finding belongs to.
Details []string: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
HasTargetDbRiskLevelChanged bool: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
Id string: The provider-assigned unique ID for this managed resource.
IsRiskModified bool: Determines if this risk level was modified by user.
IsTopFinding bool: Indicates whether a given finding is marked as topFinding or not.
Justification string: User provided reason for accepting or modifying this finding if they choose to do so.
Key string: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
LifecycleDetails string: Details about the current state of the finding.
Oneline string: Provides a recommended approach to take to remediate the finding reported.
OracleDefinedSeverity string: The severity of the finding as determined by security assessment. This cannot be modified by user.
References []SecurityAssessmentFindingReference: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
Remarks string: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
Severity string: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
State string: The current state of the finding.
Summary string: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
TargetId string: The OCID of the target database.
TimeUpdated string: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
TimeValidUntil string: The time until which the change in severity(deferred / modified) of this finding is valid.
Title string: The short title for the finding.

assessmentId String: The OCID of the assessment that generated this finding.
category String: The category to which the finding belongs to.
details List<String>: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
hasTargetDbRiskLevelChanged Boolean: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
id String: The provider-assigned unique ID for this managed resource.
isRiskModified Boolean: Determines if this risk level was modified by user.
isTopFinding Boolean: Indicates whether a given finding is marked as topFinding or not.
justification String: User provided reason for accepting or modifying this finding if they choose to do so.
key String: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
lifecycleDetails String: Details about the current state of the finding.
oneline String: Provides a recommended approach to take to remediate the finding reported.
oracleDefinedSeverity String: The severity of the finding as determined by security assessment. This cannot be modified by user.
references List<SecurityAssessmentFindingReference>: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
remarks String: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
severity String: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
state String: The current state of the finding.
summary String: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
targetId String: The OCID of the target database.
timeUpdated String: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
timeValidUntil String: The time until which the change in severity(deferred / modified) of this finding is valid.
title String: The short title for the finding.

assessmentId string: The OCID of the assessment that generated this finding.
category string: The category to which the finding belongs to.
details string[]: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
hasTargetDbRiskLevelChanged boolean: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
id string: The provider-assigned unique ID for this managed resource.
isRiskModified boolean: Determines if this risk level was modified by user.
isTopFinding boolean: Indicates whether a given finding is marked as topFinding or not.
justification string: User provided reason for accepting or modifying this finding if they choose to do so.
key string: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
lifecycleDetails string: Details about the current state of the finding.
oneline string: Provides a recommended approach to take to remediate the finding reported.
oracleDefinedSeverity string: The severity of the finding as determined by security assessment. This cannot be modified by user.
references SecurityAssessmentFindingReference[]: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
remarks string: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
severity string: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
state string: The current state of the finding.
summary string: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
targetId string: The OCID of the target database.
timeUpdated string: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
timeValidUntil string: The time until which the change in severity(deferred / modified) of this finding is valid.
title string: The short title for the finding.

assessment_id str: The OCID of the assessment that generated this finding.
category str: The category to which the finding belongs to.
details Sequence[str]: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
has_target_db_risk_level_changed bool: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
id str: The provider-assigned unique ID for this managed resource.
is_risk_modified bool: Determines if this risk level was modified by user.
is_top_finding bool: Indicates whether a given finding is marked as topFinding or not.
justification str: User provided reason for accepting or modifying this finding if they choose to do so.
key str: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
lifecycle_details str: Details about the current state of the finding.
oneline str: Provides a recommended approach to take to remediate the finding reported.
oracle_defined_severity str: The severity of the finding as determined by security assessment. This cannot be modified by user.
references Sequence[SecurityAssessmentFindingReference]: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
remarks str: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
severity str: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
state str: The current state of the finding.
summary str: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
target_id str: The OCID of the target database.
time_updated str: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
time_valid_until str: The time until which the change in severity(deferred / modified) of this finding is valid.
title str: The short title for the finding.

assessmentId String: The OCID of the assessment that generated this finding.
category String: The category to which the finding belongs to.
details List<String>: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
hasTargetDbRiskLevelChanged Boolean: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
id String: The provider-assigned unique ID for this managed resource.
isRiskModified Boolean: Determines if this risk level was modified by user.
isTopFinding Boolean: Indicates whether a given finding is marked as topFinding or not.
justification String: User provided reason for accepting or modifying this finding if they choose to do so.
key String: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
lifecycleDetails String: Details about the current state of the finding.
oneline String: Provides a recommended approach to take to remediate the finding reported.
oracleDefinedSeverity String: The severity of the finding as determined by security assessment. This cannot be modified by user.
references List<Property Map>: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
remarks String: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
severity String: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
state String: The current state of the finding.
summary String: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
targetId String: The OCID of the target database.
timeUpdated String: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
timeValidUntil String: The time until which the change in severity(deferred / modified) of this finding is valid.
title String: The short title for the finding.

Look up Existing SecurityAssessmentFinding Resource

Get an existing SecurityAssessmentFinding resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SecurityAssessmentFindingState, opts?: CustomResourceOptions): SecurityAssessmentFinding

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        assessment_id: Optional[str] = None,
        category: Optional[str] = None,
        details: Optional[Sequence[str]] = None,
        has_target_db_risk_level_changed: Optional[bool] = None,
        is_risk_modified: Optional[bool] = None,
        is_top_finding: Optional[bool] = None,
        justification: Optional[str] = None,
        key: Optional[str] = None,
        lifecycle_details: Optional[str] = None,
        oneline: Optional[str] = None,
        oracle_defined_severity: Optional[str] = None,
        patch_operations: Optional[Sequence[SecurityAssessmentFindingPatchOperationArgs]] = None,
        references: Optional[Sequence[SecurityAssessmentFindingReferenceArgs]] = None,
        remarks: Optional[str] = None,
        security_assessment_id: Optional[str] = None,
        severity: Optional[str] = None,
        state: Optional[str] = None,
        summary: Optional[str] = None,
        target_id: Optional[str] = None,
        time_updated: Optional[str] = None,
        time_valid_until: Optional[str] = None,
        title: Optional[str] = None) -> SecurityAssessmentFinding

func GetSecurityAssessmentFinding(ctx *Context, name string, id IDInput, state *SecurityAssessmentFindingState, opts ...ResourceOption) (*SecurityAssessmentFinding, error)

public static SecurityAssessmentFinding Get(string name, Input<string> id, SecurityAssessmentFindingState? state, CustomResourceOptions? opts = null)

public static SecurityAssessmentFinding get(String name, Output<String> id, SecurityAssessmentFindingState state, CustomResourceOptions options)

resources:  _:    type: oci:DataSafe:SecurityAssessmentFinding    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AssessmentId string: The OCID of the assessment that generated this finding.
Category string: The category to which the finding belongs to.
Details List<string>: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
HasTargetDbRiskLevelChanged bool: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
IsRiskModified bool: Determines if this risk level was modified by user.
IsTopFinding bool: Indicates whether a given finding is marked as topFinding or not.
Justification string: User provided reason for accepting or modifying this finding if they choose to do so.
Key string: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
LifecycleDetails string: Details about the current state of the finding.
Oneline string: Provides a recommended approach to take to remediate the finding reported.
OracleDefinedSeverity string: The severity of the finding as determined by security assessment. This cannot be modified by user.
PatchOperations List<SecurityAssessmentFindingPatchOperation>: (Updatable)
References List<SecurityAssessmentFindingReference>: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
Remarks string: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
SecurityAssessmentId string: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Severity string: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
State string: The current state of the finding.
Summary string: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
TargetId string: The OCID of the target database.
TimeUpdated string: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
TimeValidUntil string: The time until which the change in severity(deferred / modified) of this finding is valid.
Title string: The short title for the finding.

AssessmentId string: The OCID of the assessment that generated this finding.
Category string: The category to which the finding belongs to.
Details []string: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
HasTargetDbRiskLevelChanged bool: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
IsRiskModified bool: Determines if this risk level was modified by user.
IsTopFinding bool: Indicates whether a given finding is marked as topFinding or not.
Justification string: User provided reason for accepting or modifying this finding if they choose to do so.
Key string: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
LifecycleDetails string: Details about the current state of the finding.
Oneline string: Provides a recommended approach to take to remediate the finding reported.
OracleDefinedSeverity string: The severity of the finding as determined by security assessment. This cannot be modified by user.
PatchOperations []SecurityAssessmentFindingPatchOperationArgs: (Updatable)
References []SecurityAssessmentFindingReferenceArgs: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
Remarks string: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
SecurityAssessmentId string: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Severity string: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
State string: The current state of the finding.
Summary string: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
TargetId string: The OCID of the target database.
TimeUpdated string: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
TimeValidUntil string: The time until which the change in severity(deferred / modified) of this finding is valid.
Title string: The short title for the finding.

assessmentId String: The OCID of the assessment that generated this finding.
category String: The category to which the finding belongs to.
details List<String>: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
hasTargetDbRiskLevelChanged Boolean: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
isRiskModified Boolean: Determines if this risk level was modified by user.
isTopFinding Boolean: Indicates whether a given finding is marked as topFinding or not.
justification String: User provided reason for accepting or modifying this finding if they choose to do so.
key String: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
lifecycleDetails String: Details about the current state of the finding.
oneline String: Provides a recommended approach to take to remediate the finding reported.
oracleDefinedSeverity String: The severity of the finding as determined by security assessment. This cannot be modified by user.
patchOperations List<SecurityAssessmentFindingPatchOperation>: (Updatable)
references List<SecurityAssessmentFindingReference>: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
remarks String: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
securityAssessmentId String: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
severity String: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
state String: The current state of the finding.
summary String: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
targetId String: The OCID of the target database.
timeUpdated String: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
timeValidUntil String: The time until which the change in severity(deferred / modified) of this finding is valid.
title String: The short title for the finding.

assessmentId string: The OCID of the assessment that generated this finding.
category string: The category to which the finding belongs to.
details string[]: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
hasTargetDbRiskLevelChanged boolean: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
isRiskModified boolean: Determines if this risk level was modified by user.
isTopFinding boolean: Indicates whether a given finding is marked as topFinding or not.
justification string: User provided reason for accepting or modifying this finding if they choose to do so.
key string: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
lifecycleDetails string: Details about the current state of the finding.
oneline string: Provides a recommended approach to take to remediate the finding reported.
oracleDefinedSeverity string: The severity of the finding as determined by security assessment. This cannot be modified by user.
patchOperations SecurityAssessmentFindingPatchOperation[]: (Updatable)
references SecurityAssessmentFindingReference[]: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
remarks string: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
securityAssessmentId string: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
severity string: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
state string: The current state of the finding.
summary string: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
targetId string: The OCID of the target database.
timeUpdated string: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
timeValidUntil string: The time until which the change in severity(deferred / modified) of this finding is valid.
title string: The short title for the finding.

assessment_id str: The OCID of the assessment that generated this finding.
category str: The category to which the finding belongs to.
details Sequence[str]: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
has_target_db_risk_level_changed bool: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
is_risk_modified bool: Determines if this risk level was modified by user.
is_top_finding bool: Indicates whether a given finding is marked as topFinding or not.
justification str: User provided reason for accepting or modifying this finding if they choose to do so.
key str: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
lifecycle_details str: Details about the current state of the finding.
oneline str: Provides a recommended approach to take to remediate the finding reported.
oracle_defined_severity str: The severity of the finding as determined by security assessment. This cannot be modified by user.
patch_operations Sequence[SecurityAssessmentFindingPatchOperationArgs]: (Updatable)
references Sequence[SecurityAssessmentFindingReferenceArgs]: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
remarks str: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
security_assessment_id str: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
severity str: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
state str: The current state of the finding.
summary str: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
target_id str: The OCID of the target database.
time_updated str: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
time_valid_until str: The time until which the change in severity(deferred / modified) of this finding is valid.
title str: The short title for the finding.

assessmentId String: The OCID of the assessment that generated this finding.
category String: The category to which the finding belongs to.
details List<String>: The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
hasTargetDbRiskLevelChanged Boolean: Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
isRiskModified Boolean: Determines if this risk level was modified by user.
isTopFinding Boolean: Indicates whether a given finding is marked as topFinding or not.
justification String: User provided reason for accepting or modifying this finding if they choose to do so.
key String: The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
lifecycleDetails String: Details about the current state of the finding.
oneline String: Provides a recommended approach to take to remediate the finding reported.
oracleDefinedSeverity String: The severity of the finding as determined by security assessment. This cannot be modified by user.
patchOperations List<Property Map>: (Updatable)
references List<Property Map>: Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
remarks String: The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
securityAssessmentId String: ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
severity String: The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
state String: The current state of the finding.
summary String: The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
targetId String: The OCID of the target database.
timeUpdated String: The date and time the risk level of finding was last updated, in the format defined by RFC3339.
timeValidUntil String: The time until which the change in severity(deferred / modified) of this finding is valid.
title String: The short title for the finding.

Supporting Types

SecurityAssessmentFindingPatchOperation, SecurityAssessmentFindingPatchOperationArgs

Operation string: (Updatable) The operation can be one of these values: INSERT, MERGE, REMOVE
Selection string: (Updatable)
Value Dictionary<string, string>: (Updatable)

Operation string: (Updatable) The operation can be one of these values: INSERT, MERGE, REMOVE
Selection string: (Updatable)
Value map[string]string: (Updatable)

operation String: (Updatable) The operation can be one of these values: INSERT, MERGE, REMOVE
selection String: (Updatable)
value Map<String,String>: (Updatable)

operation string: (Updatable) The operation can be one of these values: INSERT, MERGE, REMOVE
selection string: (Updatable)
value {[key: string]: string}: (Updatable)

operation str: (Updatable) The operation can be one of these values: INSERT, MERGE, REMOVE
selection str: (Updatable)
value Mapping[str, str]: (Updatable)

operation String: (Updatable) The operation can be one of these values: INSERT, MERGE, REMOVE
selection String: (Updatable)
value Map<String>: (Updatable)

SecurityAssessmentFindingReference, SecurityAssessmentFindingReferenceArgs

Cis string: Relevant section from CIS.
Gdpr string: Relevant section from GDPR.
Obp string: Relevant section from OBP.
Stig string: Relevant section from STIG.

Cis string: Relevant section from CIS.
Gdpr string: Relevant section from GDPR.
Obp string: Relevant section from OBP.
Stig string: Relevant section from STIG.

cis String: Relevant section from CIS.
gdpr String: Relevant section from GDPR.
obp String: Relevant section from OBP.
stig String: Relevant section from STIG.

cis string: Relevant section from CIS.
gdpr string: Relevant section from GDPR.
obp string: Relevant section from OBP.
stig string: Relevant section from STIG.

cis str: Relevant section from CIS.
gdpr str: Relevant section from GDPR.
obp str: Relevant section from OBP.
stig str: Relevant section from STIG.

cis String: Relevant section from CIS.
gdpr String: Relevant section from GDPR.
obp String: Relevant section from OBP.
stig String: Relevant section from STIG.

Import

SecurityAssessmentFindings can be imported using the id, e.g.

$ pulumi import oci:DataSafe/securityAssessmentFinding:SecurityAssessmentFinding test_security_assessment_finding "securityAssessments/{securityAssessmentId}/findings"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v3.7.0 published on Saturday, Sep 13, 2025 by Pulumi

pulumi/pulumi-oci

oci.DataSafe.SecurityAssessmentFinding

On this page

On this page

Example Usage

Create SecurityAssessmentFinding Resource

Constructor syntax

Parameters

Constructor example

SecurityAssessmentFinding Resource Properties

Inputs

Outputs

Look up Existing SecurityAssessmentFinding Resource

Supporting Types

SecurityAssessmentFindingPatchOperation, SecurityAssessmentFindingPatchOperationArgs

SecurityAssessmentFindingReference, SecurityAssessmentFindingReferenceArgs

Import

Package Details

On this page

On this page