Google Cloud Native v0.32.0, Nov 29 23

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

google-native.containeranalysis/v1beta1.getNote

Explore with Pulumi AI

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

Using getNote

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

TypeScript
Python
Go
C#
Java
YAML

function getNote(args: GetNoteArgs, opts?: InvokeOptions): Promise<GetNoteResult>
function getNoteOutput(args: GetNoteOutputArgs, opts?: InvokeOptions): Output<GetNoteResult>

def get_note(note_id: Optional[str] = None,
             project: Optional[str] = None,
             opts: Optional[InvokeOptions] = None) -> GetNoteResult
def get_note_output(note_id: Optional[pulumi.Input[str]] = None,
             project: Optional[pulumi.Input[str]] = None,
             opts: Optional[InvokeOptions] = None) -> Output[GetNoteResult]

func LookupNote(ctx *Context, args *LookupNoteArgs, opts ...InvokeOption) (*LookupNoteResult, error)
func LookupNoteOutput(ctx *Context, args *LookupNoteOutputArgs, opts ...InvokeOption) LookupNoteResultOutput

> Note: This function is named LookupNote in the Go SDK.

public static class GetNote 
{
    public static Task<GetNoteResult> InvokeAsync(GetNoteArgs args, InvokeOptions? opts = null)
    public static Output<GetNoteResult> Invoke(GetNoteInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetNoteResult> getNote(GetNoteArgs args, InvokeOptions options)
public static Output<GetNoteResult> getNote(GetNoteArgs args, InvokeOptions options)

fn::invoke:
  function: google-native:containeranalysis/v1beta1:getNote
  arguments:
    # arguments dictionary

The following arguments are supported:

NoteId string
Project string

NoteId string
Project string

noteId String
project String

noteId string
project string

note_id str
project str

noteId String
project String

getNote Result

The following output properties are available:

AttestationAuthority Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.AuthorityResponse: A note describing an attestation role.
BaseImage Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.BasisResponse: A note describing a base image.
Build Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.BuildResponse: A note describing build provenance for a verifiable build.
CreateTime string: The time this note was created. This field can be used as a filter in list requests.
Deployable Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.DeployableResponse: A note describing something that can be deployed.
Discovery Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.DiscoveryResponse: A note describing the initial analysis of a resource.
ExpirationTime string: Time of expiration for this note. Empty if note does not expire.
Intoto Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.InTotoResponse: A note describing an in-toto link.
Kind string: The type of analysis. This field can be used as a filter in list requests.
LongDescription string: A detailed description of this note.
Name string: The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
Package Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.PackageResponse: A note describing a package hosted by various package managers.
RelatedNoteNames List<string>: Other notes related to this note.
RelatedUrl List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.RelatedUrlResponse>: URLs associated with this note.
Sbom Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.DocumentNoteResponse: A note describing a software bill of materials.
SbomReference Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.SBOMReferenceNoteResponse: A note describing an SBOM reference.
ShortDescription string: A one sentence description of this note.
SpdxFile Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.FileNoteResponse: A note describing an SPDX File.
SpdxPackage Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.PackageInfoNoteResponse: A note describing an SPDX Package.
SpdxRelationship Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.RelationshipNoteResponse: A note describing an SPDX File.
UpdateTime string: The time this note was last updated. This field can be used as a filter in list requests.
Vulnerability Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.VulnerabilityResponse: A note describing a package vulnerability.
VulnerabilityAssessment Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Outputs.VulnerabilityAssessmentNoteResponse: A note describing a vulnerability assessment.

AttestationAuthority AuthorityResponse: A note describing an attestation role.
BaseImage BasisResponse: A note describing a base image.
Build BuildResponse: A note describing build provenance for a verifiable build.
CreateTime string: The time this note was created. This field can be used as a filter in list requests.
Deployable DeployableResponse: A note describing something that can be deployed.
Discovery DiscoveryResponse: A note describing the initial analysis of a resource.
ExpirationTime string: Time of expiration for this note. Empty if note does not expire.
Intoto InTotoResponse: A note describing an in-toto link.
Kind string: The type of analysis. This field can be used as a filter in list requests.
LongDescription string: A detailed description of this note.
Name string: The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
Package PackageResponse: A note describing a package hosted by various package managers.
RelatedNoteNames []string: Other notes related to this note.
RelatedUrl []RelatedUrlResponse: URLs associated with this note.
Sbom DocumentNoteResponse: A note describing a software bill of materials.
SbomReference SBOMReferenceNoteResponse: A note describing an SBOM reference.
ShortDescription string: A one sentence description of this note.
SpdxFile FileNoteResponse: A note describing an SPDX File.
SpdxPackage PackageInfoNoteResponse: A note describing an SPDX Package.
SpdxRelationship RelationshipNoteResponse: A note describing an SPDX File.
UpdateTime string: The time this note was last updated. This field can be used as a filter in list requests.
Vulnerability VulnerabilityResponse: A note describing a package vulnerability.
VulnerabilityAssessment VulnerabilityAssessmentNoteResponse: A note describing a vulnerability assessment.

attestationAuthority AuthorityResponse: A note describing an attestation role.
baseImage BasisResponse: A note describing a base image.
build BuildResponse: A note describing build provenance for a verifiable build.
createTime String: The time this note was created. This field can be used as a filter in list requests.
deployable DeployableResponse: A note describing something that can be deployed.
discovery DiscoveryResponse: A note describing the initial analysis of a resource.
expirationTime String: Time of expiration for this note. Empty if note does not expire.
intoto InTotoResponse: A note describing an in-toto link.
kind String: The type of analysis. This field can be used as a filter in list requests.
longDescription String: A detailed description of this note.
name String: The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
package_ PackageResponse: A note describing a package hosted by various package managers.
relatedNoteNames List<String>: Other notes related to this note.
relatedUrl List<RelatedUrlResponse>: URLs associated with this note.
sbom DocumentNoteResponse: A note describing a software bill of materials.
sbomReference SBOMReferenceNoteResponse: A note describing an SBOM reference.
shortDescription String: A one sentence description of this note.
spdxFile FileNoteResponse: A note describing an SPDX File.
spdxPackage PackageInfoNoteResponse: A note describing an SPDX Package.
spdxRelationship RelationshipNoteResponse: A note describing an SPDX File.
updateTime String: The time this note was last updated. This field can be used as a filter in list requests.
vulnerability VulnerabilityResponse: A note describing a package vulnerability.
vulnerabilityAssessment VulnerabilityAssessmentNoteResponse: A note describing a vulnerability assessment.

attestationAuthority AuthorityResponse: A note describing an attestation role.
baseImage BasisResponse: A note describing a base image.
build BuildResponse: A note describing build provenance for a verifiable build.
createTime string: The time this note was created. This field can be used as a filter in list requests.
deployable DeployableResponse: A note describing something that can be deployed.
discovery DiscoveryResponse: A note describing the initial analysis of a resource.
expirationTime string: Time of expiration for this note. Empty if note does not expire.
intoto InTotoResponse: A note describing an in-toto link.
kind string: The type of analysis. This field can be used as a filter in list requests.
longDescription string: A detailed description of this note.
name string: The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
package PackageResponse: A note describing a package hosted by various package managers.
relatedNoteNames string[]: Other notes related to this note.
relatedUrl RelatedUrlResponse[]: URLs associated with this note.
sbom DocumentNoteResponse: A note describing a software bill of materials.
sbomReference SBOMReferenceNoteResponse: A note describing an SBOM reference.
shortDescription string: A one sentence description of this note.
spdxFile FileNoteResponse: A note describing an SPDX File.
spdxPackage PackageInfoNoteResponse: A note describing an SPDX Package.
spdxRelationship RelationshipNoteResponse: A note describing an SPDX File.
updateTime string: The time this note was last updated. This field can be used as a filter in list requests.
vulnerability VulnerabilityResponse: A note describing a package vulnerability.
vulnerabilityAssessment VulnerabilityAssessmentNoteResponse: A note describing a vulnerability assessment.

attestation_authority AuthorityResponse: A note describing an attestation role.
base_image BasisResponse: A note describing a base image.
build BuildResponse: A note describing build provenance for a verifiable build.
create_time str: The time this note was created. This field can be used as a filter in list requests.
deployable DeployableResponse: A note describing something that can be deployed.
discovery DiscoveryResponse: A note describing the initial analysis of a resource.
expiration_time str: Time of expiration for this note. Empty if note does not expire.
intoto InTotoResponse: A note describing an in-toto link.
kind str: The type of analysis. This field can be used as a filter in list requests.
long_description str: A detailed description of this note.
name str: The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
package PackageResponse: A note describing a package hosted by various package managers.
related_note_names Sequence[str]: Other notes related to this note.
related_url Sequence[RelatedUrlResponse]: URLs associated with this note.
sbom DocumentNoteResponse: A note describing a software bill of materials.
sbom_reference SBOMReferenceNoteResponse: A note describing an SBOM reference.
short_description str: A one sentence description of this note.
spdx_file FileNoteResponse: A note describing an SPDX File.
spdx_package PackageInfoNoteResponse: A note describing an SPDX Package.
spdx_relationship RelationshipNoteResponse: A note describing an SPDX File.
update_time str: The time this note was last updated. This field can be used as a filter in list requests.
vulnerability VulnerabilityResponse: A note describing a package vulnerability.
vulnerability_assessment VulnerabilityAssessmentNoteResponse: A note describing a vulnerability assessment.

attestationAuthority Property Map: A note describing an attestation role.
baseImage Property Map: A note describing a base image.
build Property Map: A note describing build provenance for a verifiable build.
createTime String: The time this note was created. This field can be used as a filter in list requests.
deployable Property Map: A note describing something that can be deployed.
discovery Property Map: A note describing the initial analysis of a resource.
expirationTime String: Time of expiration for this note. Empty if note does not expire.
intoto Property Map: A note describing an in-toto link.
kind String: The type of analysis. This field can be used as a filter in list requests.
longDescription String: A detailed description of this note.
name String: The name of the note in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID].
package Property Map: A note describing a package hosted by various package managers.
relatedNoteNames List<String>: Other notes related to this note.
relatedUrl List<Property Map>: URLs associated with this note.
sbom Property Map: A note describing a software bill of materials.
sbomReference Property Map: A note describing an SBOM reference.
shortDescription String: A one sentence description of this note.
spdxFile Property Map: A note describing an SPDX File.
spdxPackage Property Map: A note describing an SPDX Package.
spdxRelationship Property Map: A note describing an SPDX File.
updateTime String: The time this note was last updated. This field can be used as a filter in list requests.
vulnerability Property Map: A note describing a package vulnerability.
vulnerabilityAssessment Property Map: A note describing a vulnerability assessment.

Supporting Types

ArtifactRuleResponse

ArtifactRule List<string>

ArtifactRule []string

artifactRule List<String>

artifactRule string[]

artifact_rule Sequence[str]

artifactRule List<String>

AssessmentResponse

Cve string: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
Deprecated: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
Impacts List<string>: Contains information about the impact of this vulnerability, this will change with time.
Justification Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.JustificationResponse: Justification provides the justification when the state of the assessment if NOT_AFFECTED.
LongDescription string: A detailed description of this Vex.
RelatedUris List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.RelatedUrlResponse>: Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
Remediations List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.RemediationResponse>: Specifies details on how to handle (and presumably, fix) a vulnerability.
ShortDescription string: A one sentence description of this Vex.
State string: Provides the state of this Vulnerability assessment.
VulnerabilityId string: The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.

Cve string: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
Deprecated: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
Impacts []string: Contains information about the impact of this vulnerability, this will change with time.
Justification JustificationResponse: Justification provides the justification when the state of the assessment if NOT_AFFECTED.
LongDescription string: A detailed description of this Vex.
RelatedUris []RelatedUrlResponse: Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
Remediations []RemediationResponse: Specifies details on how to handle (and presumably, fix) a vulnerability.
ShortDescription string: A one sentence description of this Vex.
State string: Provides the state of this Vulnerability assessment.
VulnerabilityId string: The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.

cve String: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
Deprecated: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
impacts List<String>: Contains information about the impact of this vulnerability, this will change with time.
justification JustificationResponse: Justification provides the justification when the state of the assessment if NOT_AFFECTED.
longDescription String: A detailed description of this Vex.
relatedUris List<RelatedUrlResponse>: Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
remediations List<RemediationResponse>: Specifies details on how to handle (and presumably, fix) a vulnerability.
shortDescription String: A one sentence description of this Vex.
state String: Provides the state of this Vulnerability assessment.
vulnerabilityId String: The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.

cve string: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
Deprecated: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
impacts string[]: Contains information about the impact of this vulnerability, this will change with time.
justification JustificationResponse: Justification provides the justification when the state of the assessment if NOT_AFFECTED.
longDescription string: A detailed description of this Vex.
relatedUris RelatedUrlResponse[]: Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
remediations RemediationResponse[]: Specifies details on how to handle (and presumably, fix) a vulnerability.
shortDescription string: A one sentence description of this Vex.
state string: Provides the state of this Vulnerability assessment.
vulnerabilityId string: The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.

cve str: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
Deprecated: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
impacts Sequence[str]: Contains information about the impact of this vulnerability, this will change with time.
justification JustificationResponse: Justification provides the justification when the state of the assessment if NOT_AFFECTED.
long_description str: A detailed description of this Vex.
related_uris Sequence[RelatedUrlResponse]: Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
remediations Sequence[RemediationResponse]: Specifies details on how to handle (and presumably, fix) a vulnerability.
short_description str: A one sentence description of this Vex.
state str: Provides the state of this Vulnerability assessment.
vulnerability_id str: The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.

cve String: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
Deprecated: Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
impacts List<String>: Contains information about the impact of this vulnerability, this will change with time.
justification Property Map: Justification provides the justification when the state of the assessment if NOT_AFFECTED.
longDescription String: A detailed description of this Vex.
relatedUris List<Property Map>: Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability.
remediations List<Property Map>: Specifies details on how to handle (and presumably, fix) a vulnerability.
shortDescription String: A one sentence description of this Vex.
state String: Provides the state of this Vulnerability assessment.
vulnerabilityId String: The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.

AuthorityResponse

Hint Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.HintResponse: Hint hints at the purpose of the attestation authority.

Hint HintResponse: Hint hints at the purpose of the attestation authority.

hint HintResponse: Hint hints at the purpose of the attestation authority.

hint HintResponse: Hint hints at the purpose of the attestation authority.

hint HintResponse: Hint hints at the purpose of the attestation authority.

hint Property Map: Hint hints at the purpose of the attestation authority.

BasisResponse

Fingerprint Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.FingerprintResponse: Immutable. The fingerprint of the base image.
ResourceUrl string: Immutable. The resource_url for the resource representing the basis of associated occurrence images.

Fingerprint FingerprintResponse: Immutable. The fingerprint of the base image.
ResourceUrl string: Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint FingerprintResponse: Immutable. The fingerprint of the base image.
resourceUrl String: Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint FingerprintResponse: Immutable. The fingerprint of the base image.
resourceUrl string: Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint FingerprintResponse: Immutable. The fingerprint of the base image.
resource_url str: Immutable. The resource_url for the resource representing the basis of associated occurrence images.

fingerprint Property Map: Immutable. The fingerprint of the base image.
resourceUrl String: Immutable. The resource_url for the resource representing the basis of associated occurrence images.

BuildResponse

BuilderVersion string: Immutable. Version of the builder which produced this build.
Signature Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.BuildSignatureResponse: Signature of the build in occurrences pointing to this build note containing build details.

BuilderVersion string: Immutable. Version of the builder which produced this build.
Signature BuildSignatureResponse: Signature of the build in occurrences pointing to this build note containing build details.

builderVersion String: Immutable. Version of the builder which produced this build.
signature BuildSignatureResponse: Signature of the build in occurrences pointing to this build note containing build details.

builderVersion string: Immutable. Version of the builder which produced this build.
signature BuildSignatureResponse: Signature of the build in occurrences pointing to this build note containing build details.

builder_version str: Immutable. Version of the builder which produced this build.
signature BuildSignatureResponse: Signature of the build in occurrences pointing to this build note containing build details.

builderVersion String: Immutable. Version of the builder which produced this build.
signature Property Map: Signature of the build in occurrences pointing to this build note containing build details.

BuildSignatureResponse

KeyId string: An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
KeyType string: The type of the key, either stored in public_key or referenced in key_id.
PublicKey string: Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
Signature string: Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

KeyId string: An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
KeyType string: The type of the key, either stored in public_key or referenced in key_id.
PublicKey string: Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
Signature string: Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

keyId String: An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
keyType String: The type of the key, either stored in public_key or referenced in key_id.
publicKey String: Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
signature String: Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

keyId string: An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
keyType string: The type of the key, either stored in public_key or referenced in key_id.
publicKey string: Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
signature string: Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

key_id str: An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
key_type str: The type of the key, either stored in public_key or referenced in key_id.
public_key str: Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
signature str: Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

keyId String: An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).
keyType String: The type of the key, either stored in public_key or referenced in key_id.
publicKey String: Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin
signature String: Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

CVSSResponse

AttackComplexity string: Defined in CVSS v3, CVSS v2
AttackVector string: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
Authentication string: Defined in CVSS v2
AvailabilityImpact string: Defined in CVSS v3, CVSS v2
BaseScore double: The base score is a function of the base metric scores.
ConfidentialityImpact string: Defined in CVSS v3, CVSS v2
ExploitabilityScore double
ImpactScore double
IntegrityImpact string: Defined in CVSS v3, CVSS v2
PrivilegesRequired string: Defined in CVSS v3
Scope string: Defined in CVSS v3
UserInteraction string: Defined in CVSS v3

AttackComplexity string: Defined in CVSS v3, CVSS v2
AttackVector string: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
Authentication string: Defined in CVSS v2
AvailabilityImpact string: Defined in CVSS v3, CVSS v2
BaseScore float64: The base score is a function of the base metric scores.
ConfidentialityImpact string: Defined in CVSS v3, CVSS v2
ExploitabilityScore float64
ImpactScore float64
IntegrityImpact string: Defined in CVSS v3, CVSS v2
PrivilegesRequired string: Defined in CVSS v3
Scope string: Defined in CVSS v3
UserInteraction string: Defined in CVSS v3

attackComplexity String: Defined in CVSS v3, CVSS v2
attackVector String: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
authentication String: Defined in CVSS v2
availabilityImpact String: Defined in CVSS v3, CVSS v2
baseScore Double: The base score is a function of the base metric scores.
confidentialityImpact String: Defined in CVSS v3, CVSS v2
exploitabilityScore Double
impactScore Double
integrityImpact String: Defined in CVSS v3, CVSS v2
privilegesRequired String: Defined in CVSS v3
scope String: Defined in CVSS v3
userInteraction String: Defined in CVSS v3

attackComplexity string: Defined in CVSS v3, CVSS v2
attackVector string: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
authentication string: Defined in CVSS v2
availabilityImpact string: Defined in CVSS v3, CVSS v2
baseScore number: The base score is a function of the base metric scores.
confidentialityImpact string: Defined in CVSS v3, CVSS v2
exploitabilityScore number
impactScore number
integrityImpact string: Defined in CVSS v3, CVSS v2
privilegesRequired string: Defined in CVSS v3
scope string: Defined in CVSS v3
userInteraction string: Defined in CVSS v3

attack_complexity str: Defined in CVSS v3, CVSS v2
attack_vector str: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
authentication str: Defined in CVSS v2
availability_impact str: Defined in CVSS v3, CVSS v2
base_score float: The base score is a function of the base metric scores.
confidentiality_impact str: Defined in CVSS v3, CVSS v2
exploitability_score float
impact_score float
integrity_impact str: Defined in CVSS v3, CVSS v2
privileges_required str: Defined in CVSS v3
scope str: Defined in CVSS v3
user_interaction str: Defined in CVSS v3

attackComplexity String: Defined in CVSS v3, CVSS v2
attackVector String: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
authentication String: Defined in CVSS v2
availabilityImpact String: Defined in CVSS v3, CVSS v2
baseScore Number: The base score is a function of the base metric scores.
confidentialityImpact String: Defined in CVSS v3, CVSS v2
exploitabilityScore Number
impactScore Number
integrityImpact String: Defined in CVSS v3, CVSS v2
privilegesRequired String: Defined in CVSS v3
scope String: Defined in CVSS v3
userInteraction String: Defined in CVSS v3

CVSSv3Response

AttackComplexity string
AttackVector string: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
AvailabilityImpact string
BaseScore double: The base score is a function of the base metric scores.
ConfidentialityImpact string
ExploitabilityScore double
ImpactScore double
IntegrityImpact string
PrivilegesRequired string
Scope string
UserInteraction string

AttackComplexity string
AttackVector string: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
AvailabilityImpact string
BaseScore float64: The base score is a function of the base metric scores.
ConfidentialityImpact string
ExploitabilityScore float64
ImpactScore float64
IntegrityImpact string
PrivilegesRequired string
Scope string
UserInteraction string

attackComplexity String
attackVector String: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
availabilityImpact String
baseScore Double: The base score is a function of the base metric scores.
confidentialityImpact String
exploitabilityScore Double
impactScore Double
integrityImpact String
privilegesRequired String
scope String
userInteraction String

attackComplexity string
attackVector string: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
availabilityImpact string
baseScore number: The base score is a function of the base metric scores.
confidentialityImpact string
exploitabilityScore number
impactScore number
integrityImpact string
privilegesRequired string
scope string
userInteraction string

attack_complexity str
attack_vector str: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
availability_impact str
base_score float: The base score is a function of the base metric scores.
confidentiality_impact str
exploitability_score float
impact_score float
integrity_impact str
privileges_required str
scope str
user_interaction str

attackComplexity String
attackVector String: Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
availabilityImpact String
baseScore Number: The base score is a function of the base metric scores.
confidentialityImpact String
exploitabilityScore Number
impactScore Number
integrityImpact String
privilegesRequired String
scope String
userInteraction String

DeployableResponse

ResourceUri List<string>: Resource URI for the artifact being deployed.

ResourceUri []string: Resource URI for the artifact being deployed.

resourceUri List<String>: Resource URI for the artifact being deployed.

resourceUri string[]: Resource URI for the artifact being deployed.

resource_uri Sequence[str]: Resource URI for the artifact being deployed.

resourceUri List<String>: Resource URI for the artifact being deployed.

DetailResponse

CpeUri string: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
Description string: A vendor-specific description of this note.
FixedLocation Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VulnerabilityLocationResponse: The fix for this specific package version.
IsObsolete bool: Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
MaxAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse: The max version of the package in which the vulnerability exists.
MinAffectedVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse: The min version of the package in which the vulnerability exists.
Package string: The name of the package where the vulnerability was found.
PackageType string: The type of package; whether native or non native(ruby gems, node.js packages etc).
SeverityName string: The severity (eg: distro assigned severity) for this vulnerability.
Source string: The source from which the information in this Detail was obtained.
SourceUpdateTime string: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
Vendor string: The name of the vendor of the product.

CpeUri string: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
Description string: A vendor-specific description of this note.
FixedLocation VulnerabilityLocationResponse: The fix for this specific package version.
IsObsolete bool: Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
MaxAffectedVersion VersionResponse: The max version of the package in which the vulnerability exists.
MinAffectedVersion VersionResponse: The min version of the package in which the vulnerability exists.
Package string: The name of the package where the vulnerability was found.
PackageType string: The type of package; whether native or non native(ruby gems, node.js packages etc).
SeverityName string: The severity (eg: distro assigned severity) for this vulnerability.
Source string: The source from which the information in this Detail was obtained.
SourceUpdateTime string: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
Vendor string: The name of the vendor of the product.

cpeUri String: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
description String: A vendor-specific description of this note.
fixedLocation VulnerabilityLocationResponse: The fix for this specific package version.
isObsolete Boolean: Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
maxAffectedVersion VersionResponse: The max version of the package in which the vulnerability exists.
minAffectedVersion VersionResponse: The min version of the package in which the vulnerability exists.
packageType String: The type of package; whether native or non native(ruby gems, node.js packages etc).
package_ String: The name of the package where the vulnerability was found.
severityName String: The severity (eg: distro assigned severity) for this vulnerability.
source String: The source from which the information in this Detail was obtained.
sourceUpdateTime String: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
vendor String: The name of the vendor of the product.

cpeUri string: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
description string: A vendor-specific description of this note.
fixedLocation VulnerabilityLocationResponse: The fix for this specific package version.
isObsolete boolean: Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
maxAffectedVersion VersionResponse: The max version of the package in which the vulnerability exists.
minAffectedVersion VersionResponse: The min version of the package in which the vulnerability exists.
package string: The name of the package where the vulnerability was found.
packageType string: The type of package; whether native or non native(ruby gems, node.js packages etc).
severityName string: The severity (eg: distro assigned severity) for this vulnerability.
source string: The source from which the information in this Detail was obtained.
sourceUpdateTime string: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
vendor string: The name of the vendor of the product.

cpe_uri str: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
description str: A vendor-specific description of this note.
fixed_location VulnerabilityLocationResponse: The fix for this specific package version.
is_obsolete bool: Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
max_affected_version VersionResponse: The max version of the package in which the vulnerability exists.
min_affected_version VersionResponse: The min version of the package in which the vulnerability exists.
package str: The name of the package where the vulnerability was found.
package_type str: The type of package; whether native or non native(ruby gems, node.js packages etc).
severity_name str: The severity (eg: distro assigned severity) for this vulnerability.
source str: The source from which the information in this Detail was obtained.
source_update_time str: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
vendor str: The name of the vendor of the product.

cpeUri String: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
description String: A vendor-specific description of this note.
fixedLocation Property Map: The fix for this specific package version.
isObsolete Boolean: Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
maxAffectedVersion Property Map: The max version of the package in which the vulnerability exists.
minAffectedVersion Property Map: The min version of the package in which the vulnerability exists.
package String: The name of the package where the vulnerability was found.
packageType String: The type of package; whether native or non native(ruby gems, node.js packages etc).
severityName String: The severity (eg: distro assigned severity) for this vulnerability.
source String: The source from which the information in this Detail was obtained.
sourceUpdateTime String: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
vendor String: The name of the vendor of the product.

DigestResponse

Algo string: SHA1, SHA512 etc.
DigestBytes string: Value of the digest.

Algo string: SHA1, SHA512 etc.
DigestBytes string: Value of the digest.

algo String: SHA1, SHA512 etc.
digestBytes String: Value of the digest.

algo string: SHA1, SHA512 etc.
digestBytes string: Value of the digest.

algo str: SHA1, SHA512 etc.
digest_bytes str: Value of the digest.

algo String: SHA1, SHA512 etc.
digestBytes String: Value of the digest.

DiscoveryResponse

AnalysisKind string: Immutable. The kind of analysis that is handled by this discovery.

AnalysisKind string: Immutable. The kind of analysis that is handled by this discovery.

analysisKind String: Immutable. The kind of analysis that is handled by this discovery.

analysisKind string: Immutable. The kind of analysis that is handled by this discovery.

analysis_kind str: Immutable. The kind of analysis that is handled by this discovery.

analysisKind String: Immutable. The kind of analysis that is handled by this discovery.

DistributionResponse

Architecture string: The CPU architecture for which packages in this distribution channel were built.
CpeUri string: The cpe_uri in CPE format denoting the package manager version distributing a package.
Description string: The distribution channel-specific description of this package.
LatestVersion Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse: The latest available version of this package in this distribution channel.
Maintainer string: A freeform string denoting the maintainer of this package.
Url string: The distribution channel-specific homepage for this package.

Architecture string: The CPU architecture for which packages in this distribution channel were built.
CpeUri string: The cpe_uri in CPE format denoting the package manager version distributing a package.
Description string: The distribution channel-specific description of this package.
LatestVersion VersionResponse: The latest available version of this package in this distribution channel.
Maintainer string: A freeform string denoting the maintainer of this package.
Url string: The distribution channel-specific homepage for this package.

architecture String: The CPU architecture for which packages in this distribution channel were built.
cpeUri String: The cpe_uri in CPE format denoting the package manager version distributing a package.
description String: The distribution channel-specific description of this package.
latestVersion VersionResponse: The latest available version of this package in this distribution channel.
maintainer String: A freeform string denoting the maintainer of this package.
url String: The distribution channel-specific homepage for this package.

architecture string: The CPU architecture for which packages in this distribution channel were built.
cpeUri string: The cpe_uri in CPE format denoting the package manager version distributing a package.
description string: The distribution channel-specific description of this package.
latestVersion VersionResponse: The latest available version of this package in this distribution channel.
maintainer string: A freeform string denoting the maintainer of this package.
url string: The distribution channel-specific homepage for this package.

architecture str: The CPU architecture for which packages in this distribution channel were built.
cpe_uri str: The cpe_uri in CPE format denoting the package manager version distributing a package.
description str: The distribution channel-specific description of this package.
latest_version VersionResponse: The latest available version of this package in this distribution channel.
maintainer str: A freeform string denoting the maintainer of this package.
url str: The distribution channel-specific homepage for this package.

architecture String: The CPU architecture for which packages in this distribution channel were built.
cpeUri String: The cpe_uri in CPE format denoting the package manager version distributing a package.
description String: The distribution channel-specific description of this package.
latestVersion Property Map: The latest available version of this package in this distribution channel.
maintainer String: A freeform string denoting the maintainer of this package.
url String: The distribution channel-specific homepage for this package.

DocumentNoteResponse

DataLicence string: Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
SpdxVersion string: Provide a reference number that can be used to understand how to parse and interpret the rest of the file

DataLicence string: Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
SpdxVersion string: Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence String: Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
spdxVersion String: Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence string: Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
spdxVersion string: Provide a reference number that can be used to understand how to parse and interpret the rest of the file

data_licence str: Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
spdx_version str: Provide a reference number that can be used to understand how to parse and interpret the rest of the file

dataLicence String: Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
spdxVersion String: Provide a reference number that can be used to understand how to parse and interpret the rest of the file

ExternalRefResponse

Category string: An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
Comment string: Human-readable information about the purpose and target of the reference
Locator string: The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
Type string: Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

Category string: An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
Comment string: Human-readable information about the purpose and target of the reference
Locator string: The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
Type string: Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category String: An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
comment String: Human-readable information about the purpose and target of the reference
locator String: The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
type String: Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category string: An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
comment string: Human-readable information about the purpose and target of the reference
locator string: The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
type string: Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category str: An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
comment str: Human-readable information about the purpose and target of the reference
locator str: The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
type str: Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

category String: An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
comment String: Human-readable information about the purpose and target of the reference
locator String: The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location
type String: Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)

FileNoteResponse

Checksum List<string>: Provide a unique identifier to match analysis information on each specific file in a package
FileType string: This field provides information about the type of file identified
Title string: Identify the full path and filename that corresponds to the file information in this section

Checksum []string: Provide a unique identifier to match analysis information on each specific file in a package
FileType string: This field provides information about the type of file identified
Title string: Identify the full path and filename that corresponds to the file information in this section

checksum List<String>: Provide a unique identifier to match analysis information on each specific file in a package
fileType String: This field provides information about the type of file identified
title String: Identify the full path and filename that corresponds to the file information in this section

checksum string[]: Provide a unique identifier to match analysis information on each specific file in a package
fileType string: This field provides information about the type of file identified
title string: Identify the full path and filename that corresponds to the file information in this section

checksum Sequence[str]: Provide a unique identifier to match analysis information on each specific file in a package
file_type str: This field provides information about the type of file identified
title str: Identify the full path and filename that corresponds to the file information in this section

checksum List<String>: Provide a unique identifier to match analysis information on each specific file in a package
fileType String: This field provides information about the type of file identified
title String: Identify the full path and filename that corresponds to the file information in this section

FingerprintResponse

V1Name string: The layer ID of the final layer in the Docker image's v1 representation.
V2Blob List<string>: The ordered list of v2 blobs that represent a given image.
V2Name string: The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

V1Name string: The layer ID of the final layer in the Docker image's v1 representation.
V2Blob []string: The ordered list of v2 blobs that represent a given image.
V2Name string: The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

v1Name String: The layer ID of the final layer in the Docker image's v1 representation.
v2Blob List<String>: The ordered list of v2 blobs that represent a given image.
v2Name String: The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

v1Name string: The layer ID of the final layer in the Docker image's v1 representation.
v2Blob string[]: The ordered list of v2 blobs that represent a given image.
v2Name string: The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

v1_name str: The layer ID of the final layer in the Docker image's v1 representation.
v2_blob Sequence[str]: The ordered list of v2 blobs that represent a given image.
v2_name str: The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

v1Name String: The layer ID of the final layer in the Docker image's v1 representation.
v2Blob List<String>: The ordered list of v2 blobs that represent a given image.
v2Name String: The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.

HintResponse

HumanReadableName string: The human readable name of this attestation authority, for example "qa".

HumanReadableName string: The human readable name of this attestation authority, for example "qa".

humanReadableName String: The human readable name of this attestation authority, for example "qa".

humanReadableName string: The human readable name of this attestation authority, for example "qa".

human_readable_name str: The human readable name of this attestation authority, for example "qa".

humanReadableName String: The human readable name of this attestation authority, for example "qa".

InTotoResponse

ExpectedCommand List<string>: This field contains the expected command used to perform the step.
ExpectedMaterials List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ArtifactRuleResponse>: The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
ExpectedProducts List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ArtifactRuleResponse>
SigningKeys List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.SigningKeyResponse>: This field contains the public keys that can be used to verify the signatures on the step metadata.
StepName string: This field identifies the name of the step in the supply chain.
Threshold string: This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

ExpectedCommand []string: This field contains the expected command used to perform the step.
ExpectedMaterials []ArtifactRuleResponse: The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
ExpectedProducts []ArtifactRuleResponse
SigningKeys []SigningKeyResponse: This field contains the public keys that can be used to verify the signatures on the step metadata.
StepName string: This field identifies the name of the step in the supply chain.
Threshold string: This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expectedCommand List<String>: This field contains the expected command used to perform the step.
expectedMaterials List<ArtifactRuleResponse>: The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
expectedProducts List<ArtifactRuleResponse>
signingKeys List<SigningKeyResponse>: This field contains the public keys that can be used to verify the signatures on the step metadata.
stepName String: This field identifies the name of the step in the supply chain.
threshold String: This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expectedCommand string[]: This field contains the expected command used to perform the step.
expectedMaterials ArtifactRuleResponse[]: The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
expectedProducts ArtifactRuleResponse[]
signingKeys SigningKeyResponse[]: This field contains the public keys that can be used to verify the signatures on the step metadata.
stepName string: This field identifies the name of the step in the supply chain.
threshold string: This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expected_command Sequence[str]: This field contains the expected command used to perform the step.
expected_materials Sequence[ArtifactRuleResponse]: The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
expected_products Sequence[ArtifactRuleResponse]
signing_keys Sequence[SigningKeyResponse]: This field contains the public keys that can be used to verify the signatures on the step metadata.
step_name str: This field identifies the name of the step in the supply chain.
threshold str: This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

expectedCommand List<String>: This field contains the expected command used to perform the step.
expectedMaterials List<Property Map>: The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step.
expectedProducts List<Property Map>
signingKeys List<Property Map>: This field contains the public keys that can be used to verify the signatures on the step metadata.
stepName String: This field identifies the name of the step in the supply chain.
threshold String: This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link.

JustificationResponse

Details string: Additional details on why this justification was chosen.
JustificationType string: The justification type for this vulnerability.

Details string: Additional details on why this justification was chosen.
JustificationType string: The justification type for this vulnerability.

details String: Additional details on why this justification was chosen.
justificationType String: The justification type for this vulnerability.

details string: Additional details on why this justification was chosen.
justificationType string: The justification type for this vulnerability.

details str: Additional details on why this justification was chosen.
justification_type str: The justification type for this vulnerability.

details String: Additional details on why this justification was chosen.
justificationType String: The justification type for this vulnerability.

KnowledgeBaseResponse

Name string: The KB name (generally of the form KB[0-9]+ i.e. KB123456).
Url string: A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

Name string: The KB name (generally of the form KB[0-9]+ i.e. KB123456).
Url string: A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name String: The KB name (generally of the form KB[0-9]+ i.e. KB123456).
url String: A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name string: The KB name (generally of the form KB[0-9]+ i.e. KB123456).
url string: A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name str: The KB name (generally of the form KB[0-9]+ i.e. KB123456).
url str: A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

name String: The KB name (generally of the form KB[0-9]+ i.e. KB123456).
url String: A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/

LicenseResponse

Comments string: Comments
Expression string: Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

Comments string: Comments
Expression string: Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments String: Comments
expression String: Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments string: Comments
expression string: Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments str: Comments
expression str: Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

comments String: Comments
expression String: Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".

PackageInfoNoteResponse

Analyzed bool: Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
Attribution string: A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
Checksum string: Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
Copyright string: Identify the copyright holders of the package, as well as any dates present
DetailedDescription string: A more detailed description of the package
DownloadLocation string: This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
ExternalRefs List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ExternalRefResponse>: ExternalRef
FilesLicenseInfo List<string>: Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
HomePage string: Provide a place for the SPDX file creator to record a web site that serves as the package's home page
LicenseDeclared Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.LicenseResponse: List the licenses that have been declared by the authors of the package
Originator string: If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
PackageType string: The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
SummaryDescription string: A short description of the package
Supplier string: Identify the actual distribution source for the package/directory identified in the SPDX file
Title string: Identify the full name of the package as given by the Package Originator
VerificationCode string: This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
Version string: Identify the version of the package

Analyzed bool: Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
Attribution string: A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
Checksum string: Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
Copyright string: Identify the copyright holders of the package, as well as any dates present
DetailedDescription string: A more detailed description of the package
DownloadLocation string: This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
ExternalRefs []ExternalRefResponse: ExternalRef
FilesLicenseInfo []string: Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
HomePage string: Provide a place for the SPDX file creator to record a web site that serves as the package's home page
LicenseDeclared LicenseResponse: List the licenses that have been declared by the authors of the package
Originator string: If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
PackageType string: The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
SummaryDescription string: A short description of the package
Supplier string: Identify the actual distribution source for the package/directory identified in the SPDX file
Title string: Identify the full name of the package as given by the Package Originator
VerificationCode string: This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
Version string: Identify the version of the package

analyzed Boolean: Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
attribution String: A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
checksum String: Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
copyright String: Identify the copyright holders of the package, as well as any dates present
detailedDescription String: A more detailed description of the package
downloadLocation String: This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
externalRefs List<ExternalRefResponse>: ExternalRef
filesLicenseInfo List<String>: Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
homePage String: Provide a place for the SPDX file creator to record a web site that serves as the package's home page
licenseDeclared LicenseResponse: List the licenses that have been declared by the authors of the package
originator String: If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
packageType String: The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
summaryDescription String: A short description of the package
supplier String: Identify the actual distribution source for the package/directory identified in the SPDX file
title String: Identify the full name of the package as given by the Package Originator
verificationCode String: This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
version String: Identify the version of the package

analyzed boolean: Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
attribution string: A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
checksum string: Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
copyright string: Identify the copyright holders of the package, as well as any dates present
detailedDescription string: A more detailed description of the package
downloadLocation string: This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
externalRefs ExternalRefResponse[]: ExternalRef
filesLicenseInfo string[]: Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
homePage string: Provide a place for the SPDX file creator to record a web site that serves as the package's home page
licenseDeclared LicenseResponse: List the licenses that have been declared by the authors of the package
originator string: If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
packageType string: The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
summaryDescription string: A short description of the package
supplier string: Identify the actual distribution source for the package/directory identified in the SPDX file
title string: Identify the full name of the package as given by the Package Originator
verificationCode string: This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
version string: Identify the version of the package

analyzed bool: Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
attribution str: A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
checksum str: Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
copyright str: Identify the copyright holders of the package, as well as any dates present
detailed_description str: A more detailed description of the package
download_location str: This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
external_refs Sequence[ExternalRefResponse]: ExternalRef
files_license_info Sequence[str]: Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
home_page str: Provide a place for the SPDX file creator to record a web site that serves as the package's home page
license_declared LicenseResponse: List the licenses that have been declared by the authors of the package
originator str: If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
package_type str: The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
summary_description str: A short description of the package
supplier str: Identify the actual distribution source for the package/directory identified in the SPDX file
title str: Identify the full name of the package as given by the Package Originator
verification_code str: This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
version str: Identify the version of the package

analyzed Boolean: Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document
attribution String: A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts
checksum String: Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file
copyright String: Identify the copyright holders of the package, as well as any dates present
detailedDescription String: A more detailed description of the package
downloadLocation String: This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created
externalRefs List<Property Map>: ExternalRef
filesLicenseInfo List<String>: Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found
homePage String: Provide a place for the SPDX file creator to record a web site that serves as the package's home page
licenseDeclared Property Map: List the licenses that have been declared by the authors of the package
originator String: If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came
packageType String: The type of package: OS, MAVEN, GO, GO_STDLIB, etc.
summaryDescription String: A short description of the package
supplier String: Identify the actual distribution source for the package/directory identified in the SPDX file
title String: Identify the full name of the package as given by the Package Originator
verificationCode String: This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file
version String: Identify the version of the package

PackageResponse

Architecture string: The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
CpeUri string: The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
Description string: The description of this package.
Digest List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DigestResponse>: Hash value, typically a file digest, that allows unique identification a specific package.
Distribution List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DistributionResponse>: The various channels by which a package is distributed.
License Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.LicenseResponse: Licenses that have been declared by the authors of the package.
Maintainer string: A freeform text denoting the maintainer of this package.
Name string: Immutable. The name of the package.
PackageType string: The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
Url string: The homepage for this package.
Version Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse: The version of the package.

Architecture string: The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
CpeUri string: The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
Description string: The description of this package.
Digest []DigestResponse: Hash value, typically a file digest, that allows unique identification a specific package.
Distribution []DistributionResponse: The various channels by which a package is distributed.
License LicenseResponse: Licenses that have been declared by the authors of the package.
Maintainer string: A freeform text denoting the maintainer of this package.
Name string: Immutable. The name of the package.
PackageType string: The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
Url string: The homepage for this package.
Version VersionResponse: The version of the package.

architecture String: The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
cpeUri String: The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
description String: The description of this package.
digest List<DigestResponse>: Hash value, typically a file digest, that allows unique identification a specific package.
distribution List<DistributionResponse>: The various channels by which a package is distributed.
license LicenseResponse: Licenses that have been declared by the authors of the package.
maintainer String: A freeform text denoting the maintainer of this package.
name String: Immutable. The name of the package.
packageType String: The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
url String: The homepage for this package.
version VersionResponse: The version of the package.

architecture string: The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
cpeUri string: The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
description string: The description of this package.
digest DigestResponse[]: Hash value, typically a file digest, that allows unique identification a specific package.
distribution DistributionResponse[]: The various channels by which a package is distributed.
license LicenseResponse: Licenses that have been declared by the authors of the package.
maintainer string: A freeform text denoting the maintainer of this package.
name string: Immutable. The name of the package.
packageType string: The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
url string: The homepage for this package.
version VersionResponse: The version of the package.

architecture str: The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
cpe_uri str: The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
description str: The description of this package.
digest Sequence[DigestResponse]: Hash value, typically a file digest, that allows unique identification a specific package.
distribution Sequence[DistributionResponse]: The various channels by which a package is distributed.
license LicenseResponse: Licenses that have been declared by the authors of the package.
maintainer str: A freeform text denoting the maintainer of this package.
name str: Immutable. The name of the package.
package_type str: The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
url str: The homepage for this package.
version VersionResponse: The version of the package.

architecture String: The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
cpeUri String: The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
description String: The description of this package.
digest List<Property Map>: Hash value, typically a file digest, that allows unique identification a specific package.
distribution List<Property Map>: The various channels by which a package is distributed.
license Property Map: Licenses that have been declared by the authors of the package.
maintainer String: A freeform text denoting the maintainer of this package.
name String: Immutable. The name of the package.
packageType String: The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
url String: The homepage for this package.
version Property Map: The version of the package.

ProductResponse

GenericUri string: Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
Name string: Name of the product.

GenericUri string: Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
Name string: Name of the product.

genericUri String: Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
name String: Name of the product.

genericUri string: Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
name string: Name of the product.

generic_uri str: Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
name str: Name of the product.

genericUri String: Contains a URI which is vendor-specific. Example: The artifact repository URL of an image.
name String: Name of the product.

PublisherResponse

IssuingAuthority string: Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
Name string: Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
PublisherNamespace string: The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io

IssuingAuthority string: Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
Name string: Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
PublisherNamespace string: The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io

issuingAuthority String: Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
name String: Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
publisherNamespace String: The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io

issuingAuthority string: Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
name string: Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
publisherNamespace string: The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io

issuing_authority str: Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
name str: Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
publisher_namespace str: The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io

issuingAuthority String: Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations.
name String: Name of the publisher. Examples: 'Google', 'Google Cloud Platform'.
publisherNamespace String: The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io

RelatedUrlResponse

Label string: Label to describe usage of the URL.
Url string: Specific URL associated with the resource.

Label string: Label to describe usage of the URL.
Url string: Specific URL associated with the resource.

label String: Label to describe usage of the URL.
url String: Specific URL associated with the resource.

label string: Label to describe usage of the URL.
url string: Specific URL associated with the resource.

label str: Label to describe usage of the URL.
url str: Specific URL associated with the resource.

label String: Label to describe usage of the URL.
url String: Specific URL associated with the resource.

RelationshipNoteResponse

Type string: The type of relationship between the source and target SPDX elements

Type string: The type of relationship between the source and target SPDX elements

type String: The type of relationship between the source and target SPDX elements

type string: The type of relationship between the source and target SPDX elements

type str: The type of relationship between the source and target SPDX elements

type String: The type of relationship between the source and target SPDX elements

RemediationResponse

Details string: Contains a comprehensive human-readable discussion of the remediation.
RemediationType string: The type of remediation that can be applied.
RemediationUri Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.RelatedUrlResponse: Contains the URL where to obtain the remediation.

Details string: Contains a comprehensive human-readable discussion of the remediation.
RemediationType string: The type of remediation that can be applied.
RemediationUri RelatedUrlResponse: Contains the URL where to obtain the remediation.

details String: Contains a comprehensive human-readable discussion of the remediation.
remediationType String: The type of remediation that can be applied.
remediationUri RelatedUrlResponse: Contains the URL where to obtain the remediation.

details string: Contains a comprehensive human-readable discussion of the remediation.
remediationType string: The type of remediation that can be applied.
remediationUri RelatedUrlResponse: Contains the URL where to obtain the remediation.

details str: Contains a comprehensive human-readable discussion of the remediation.
remediation_type str: The type of remediation that can be applied.
remediation_uri RelatedUrlResponse: Contains the URL where to obtain the remediation.

details String: Contains a comprehensive human-readable discussion of the remediation.
remediationType String: The type of remediation that can be applied.
remediationUri Property Map: Contains the URL where to obtain the remediation.

SBOMReferenceNoteResponse

Format string: The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
Version string: The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.

Format string: The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
Version string: The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.

format String: The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
version String: The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.

format string: The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
version string: The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.

format str: The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
version str: The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.

format String: The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
version String: The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.

SigningKeyResponse

KeyId string: key_id is an identifier for the signing key.
KeyScheme string: This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
KeyType string: This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
PublicKeyValue string: This field contains the actual public key.

KeyId string: key_id is an identifier for the signing key.
KeyScheme string: This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
KeyType string: This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
PublicKeyValue string: This field contains the actual public key.

keyId String: key_id is an identifier for the signing key.
keyScheme String: This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
keyType String: This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
publicKeyValue String: This field contains the actual public key.

keyId string: key_id is an identifier for the signing key.
keyScheme string: This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
keyType string: This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
publicKeyValue string: This field contains the actual public key.

key_id str: key_id is an identifier for the signing key.
key_scheme str: This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
key_type str: This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
public_key_value str: This field contains the actual public key.

keyId String: key_id is an identifier for the signing key.
keyScheme String: This field contains the corresponding signature scheme. Eg: "rsassa-pss-sha256".
keyType String: This field identifies the specific signing method. Eg: "rsa", "ed25519", and "ecdsa".
publicKeyValue String: This field contains the actual public key.

VersionResponse

Epoch int: Used to correct mistakes in the version numbering scheme.
Inclusive bool: Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
Kind string: Distinguishes between sentinel MIN/MAX versions and normal versions.
Name string: Required only when version kind is NORMAL. The main part of the version name.
Revision string: The iteration of the package build from the above version.

Epoch int: Used to correct mistakes in the version numbering scheme.
Inclusive bool: Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
Kind string: Distinguishes between sentinel MIN/MAX versions and normal versions.
Name string: Required only when version kind is NORMAL. The main part of the version name.
Revision string: The iteration of the package build from the above version.

epoch Integer: Used to correct mistakes in the version numbering scheme.
inclusive Boolean: Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
kind String: Distinguishes between sentinel MIN/MAX versions and normal versions.
name String: Required only when version kind is NORMAL. The main part of the version name.
revision String: The iteration of the package build from the above version.

epoch number: Used to correct mistakes in the version numbering scheme.
inclusive boolean: Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
kind string: Distinguishes between sentinel MIN/MAX versions and normal versions.
name string: Required only when version kind is NORMAL. The main part of the version name.
revision string: The iteration of the package build from the above version.

epoch int: Used to correct mistakes in the version numbering scheme.
inclusive bool: Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
kind str: Distinguishes between sentinel MIN/MAX versions and normal versions.
name str: Required only when version kind is NORMAL. The main part of the version name.
revision str: The iteration of the package build from the above version.

epoch Number: Used to correct mistakes in the version numbering scheme.
inclusive Boolean: Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
kind String: Distinguishes between sentinel MIN/MAX versions and normal versions.
name String: Required only when version kind is NORMAL. The main part of the version name.
revision String: The iteration of the package build from the above version.

VulnerabilityAssessmentNoteResponse

Assessment Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.AssessmentResponse: Represents a vulnerability assessment for the product.
LanguageCode string: Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
LongDescription string: A detailed description of this Vex.
Product Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.ProductResponse: The product affected by this vex.
Publisher Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.PublisherResponse: Publisher details of this Note.
ShortDescription string: A one sentence description of this Vex.
Title string: The title of the note. E.g. Vex-Debian-11.4

Assessment AssessmentResponse: Represents a vulnerability assessment for the product.
LanguageCode string: Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
LongDescription string: A detailed description of this Vex.
Product ProductResponse: The product affected by this vex.
Publisher PublisherResponse: Publisher details of this Note.
ShortDescription string: A one sentence description of this Vex.
Title string: The title of the note. E.g. Vex-Debian-11.4

assessment AssessmentResponse: Represents a vulnerability assessment for the product.
languageCode String: Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
longDescription String: A detailed description of this Vex.
product ProductResponse: The product affected by this vex.
publisher PublisherResponse: Publisher details of this Note.
shortDescription String: A one sentence description of this Vex.
title String: The title of the note. E.g. Vex-Debian-11.4

assessment AssessmentResponse: Represents a vulnerability assessment for the product.
languageCode string: Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
longDescription string: A detailed description of this Vex.
product ProductResponse: The product affected by this vex.
publisher PublisherResponse: Publisher details of this Note.
shortDescription string: A one sentence description of this Vex.
title string: The title of the note. E.g. Vex-Debian-11.4

assessment AssessmentResponse: Represents a vulnerability assessment for the product.
language_code str: Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
long_description str: A detailed description of this Vex.
product ProductResponse: The product affected by this vex.
publisher PublisherResponse: Publisher details of this Note.
short_description str: A one sentence description of this Vex.
title str: The title of the note. E.g. Vex-Debian-11.4

assessment Property Map: Represents a vulnerability assessment for the product.
languageCode String: Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646.
longDescription String: A detailed description of this Vex.
product Property Map: The product affected by this vex.
publisher Property Map: Publisher details of this Note.
shortDescription String: A one sentence description of this Vex.
title String: The title of the note. E.g. Vex-Debian-11.4

VulnerabilityLocationResponse

CpeUri string: The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
Package string: The package being described.
Version Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.VersionResponse: The version of the package being described.

CpeUri string: The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
Package string: The package being described.
Version VersionResponse: The version of the package being described.

cpeUri String: The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
package_ String: The package being described.
version VersionResponse: The version of the package being described.

cpeUri string: The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
package string: The package being described.
version VersionResponse: The version of the package being described.

cpe_uri str: The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
package str: The package being described.
version VersionResponse: The version of the package being described.

cpeUri String: The CPE URI in cpe format format. Examples include distro or storage location for vulnerable jar.
package String: The package being described.
version Property Map: The version of the package being described.

VulnerabilityResponse

CvssScore double: The CVSS score for this vulnerability.
CvssV2 Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.CVSSResponse: The full description of the CVSS for version 2.
CvssV3 Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.CVSSv3Response: The full description of the CVSS for version 3.
CvssVersion string: CVSS version used to populate cvss_score and severity.
Cwe List<string>: A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
Details List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.DetailResponse>: All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
Severity string: Note provider assigned impact of the vulnerability.
SourceUpdateTime string: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
WindowsDetails List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.WindowsDetailResponse>: Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

CvssScore float64: The CVSS score for this vulnerability.
CvssV2 CVSSResponse: The full description of the CVSS for version 2.
CvssV3 CVSSv3Response: The full description of the CVSS for version 3.
CvssVersion string: CVSS version used to populate cvss_score and severity.
Cwe []string: A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
Details []DetailResponse: All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
Severity string: Note provider assigned impact of the vulnerability.
SourceUpdateTime string: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
WindowsDetails []WindowsDetailResponse: Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvssScore Double: The CVSS score for this vulnerability.
cvssV2 CVSSResponse: The full description of the CVSS for version 2.
cvssV3 CVSSv3Response: The full description of the CVSS for version 3.
cvssVersion String: CVSS version used to populate cvss_score and severity.
cwe List<String>: A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
details List<DetailResponse>: All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
severity String: Note provider assigned impact of the vulnerability.
sourceUpdateTime String: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
windowsDetails List<WindowsDetailResponse>: Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvssScore number: The CVSS score for this vulnerability.
cvssV2 CVSSResponse: The full description of the CVSS for version 2.
cvssV3 CVSSv3Response: The full description of the CVSS for version 3.
cvssVersion string: CVSS version used to populate cvss_score and severity.
cwe string[]: A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
details DetailResponse[]: All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
severity string: Note provider assigned impact of the vulnerability.
sourceUpdateTime string: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
windowsDetails WindowsDetailResponse[]: Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvss_score float: The CVSS score for this vulnerability.
cvss_v2 CVSSResponse: The full description of the CVSS for version 2.
cvss_v3 CVSSv3Response: The full description of the CVSS for version 3.
cvss_version str: CVSS version used to populate cvss_score and severity.
cwe Sequence[str]: A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
details Sequence[DetailResponse]: All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
severity str: Note provider assigned impact of the vulnerability.
source_update_time str: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
windows_details Sequence[WindowsDetailResponse]: Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

cvssScore Number: The CVSS score for this vulnerability.
cvssV2 Property Map: The full description of the CVSS for version 2.
cvssV3 Property Map: The full description of the CVSS for version 3.
cvssVersion String: CVSS version used to populate cvss_score and severity.
cwe List<String>: A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html
details List<Property Map>: All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in.
severity String: Note provider assigned impact of the vulnerability.
sourceUpdateTime String: The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
windowsDetails List<Property Map>: Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

WindowsDetailResponse

CpeUri string: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
Description string: The description of the vulnerability.
FixingKbs List<Pulumi.GoogleNative.ContainerAnalysis.V1Beta1.Inputs.KnowledgeBaseResponse>: The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
Name string: The name of the vulnerability.

CpeUri string: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
Description string: The description of the vulnerability.
FixingKbs []KnowledgeBaseResponse: The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
Name string: The name of the vulnerability.

cpeUri String: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
description String: The description of the vulnerability.
fixingKbs List<KnowledgeBaseResponse>: The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
name String: The name of the vulnerability.

cpeUri string: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
description string: The description of the vulnerability.
fixingKbs KnowledgeBaseResponse[]: The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
name string: The name of the vulnerability.

cpe_uri str: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
description str: The description of the vulnerability.
fixing_kbs Sequence[KnowledgeBaseResponse]: The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
name str: The name of the vulnerability.

cpeUri String: The CPE URI in cpe format in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar.
description String: The description of the vulnerability.
fixingKbs List<Property Map>: The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix.
name String: The name of the vulnerability.

Package Details

Repository: Google Cloud Native pulumi/pulumi-google-native
License: Apache-2.0

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

google-native.containeranalysis/v1beta1.getNote

On this page

On this page

Using getNote

getNote Result

Supporting Types

ArtifactRuleResponse

AssessmentResponse

AuthorityResponse

BasisResponse

BuildResponse

BuildSignatureResponse

CVSSResponse

CVSSv3Response

DeployableResponse

DetailResponse

DigestResponse

DiscoveryResponse

DistributionResponse

DocumentNoteResponse

ExternalRefResponse

FileNoteResponse

FingerprintResponse

HintResponse

InTotoResponse

JustificationResponse

KnowledgeBaseResponse

LicenseResponse

PackageInfoNoteResponse

PackageResponse

ProductResponse

PublisherResponse

RelatedUrlResponse

RelationshipNoteResponse

RemediationResponse

SBOMReferenceNoteResponse

SigningKeyResponse

VersionResponse

VulnerabilityAssessmentNoteResponse

VulnerabilityLocationResponse

VulnerabilityResponse

WindowsDetailResponse

Package Details

On this page

On this page