Oracle Cloud Infrastructure v2.11.0 published on Thursday, Sep 19, 2024 by Pulumi
oci.DataSafe.getSecurityAssessmentFindings
Explore with Pulumi AI
This data source provides the list of Security Assessment Findings in Oracle Cloud Infrastructure Data Safe service.
List all the findings from all the targets in the specified compartment.
Using getSecurityAssessmentFindings
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecurityAssessmentFindings(args: GetSecurityAssessmentFindingsArgs, opts?: InvokeOptions): Promise<GetSecurityAssessmentFindingsResult>
function getSecurityAssessmentFindingsOutput(args: GetSecurityAssessmentFindingsOutputArgs, opts?: InvokeOptions): Output<GetSecurityAssessmentFindingsResult>
def get_security_assessment_findings(access_level: Optional[str] = None,
compartment_id_in_subtree: Optional[bool] = None,
filters: Optional[Sequence[_datasafe.GetSecurityAssessmentFindingsFilter]] = None,
finding_key: Optional[str] = None,
is_top_finding: Optional[bool] = None,
references: Optional[str] = None,
security_assessment_id: Optional[str] = None,
severity: Optional[str] = None,
state: Optional[str] = None,
target_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetSecurityAssessmentFindingsResult
def get_security_assessment_findings_output(access_level: Optional[pulumi.Input[str]] = None,
compartment_id_in_subtree: Optional[pulumi.Input[bool]] = None,
filters: Optional[pulumi.Input[Sequence[pulumi.Input[_datasafe.GetSecurityAssessmentFindingsFilterArgs]]]] = None,
finding_key: Optional[pulumi.Input[str]] = None,
is_top_finding: Optional[pulumi.Input[bool]] = None,
references: Optional[pulumi.Input[str]] = None,
security_assessment_id: Optional[pulumi.Input[str]] = None,
severity: Optional[pulumi.Input[str]] = None,
state: Optional[pulumi.Input[str]] = None,
target_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecurityAssessmentFindingsResult]
func GetSecurityAssessmentFindings(ctx *Context, args *GetSecurityAssessmentFindingsArgs, opts ...InvokeOption) (*GetSecurityAssessmentFindingsResult, error)
func GetSecurityAssessmentFindingsOutput(ctx *Context, args *GetSecurityAssessmentFindingsOutputArgs, opts ...InvokeOption) GetSecurityAssessmentFindingsResultOutput
> Note: This function is named GetSecurityAssessmentFindings
in the Go SDK.
public static class GetSecurityAssessmentFindings
{
public static Task<GetSecurityAssessmentFindingsResult> InvokeAsync(GetSecurityAssessmentFindingsArgs args, InvokeOptions? opts = null)
public static Output<GetSecurityAssessmentFindingsResult> Invoke(GetSecurityAssessmentFindingsInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetSecurityAssessmentFindingsResult> getSecurityAssessmentFindings(GetSecurityAssessmentFindingsArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: oci:DataSafe/getSecurityAssessmentFindings:getSecurityAssessmentFindings
arguments:
# arguments dictionary
The following arguments are supported:
- Security
Assessment stringId - The OCID of the security assessment.
- Access
Level string - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- Compartment
Id boolIn Subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- Filters
List<Get
Security Assessment Findings Filter> - Finding
Key string - Each finding in security assessment has an associated key (think of key as a finding's name). For a given finding, the key will be the same across targets. The user can use these keys to filter the findings.
- Is
Top boolFinding - A filter to return only the findings that are marked as top findings.
- References string
- An optional filter to return only findings containing the specified reference.
- Severity string
- A filter to return only findings of a particular risk level.
- State string
- A filter to return only the findings that match the specified lifecycle states.
- Target
Id string - A filter to return only items related to a specific target OCID.
- Security
Assessment stringId - The OCID of the security assessment.
- Access
Level string - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- Compartment
Id boolIn Subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- Filters
[]Get
Security Assessment Findings Filter - Finding
Key string - Each finding in security assessment has an associated key (think of key as a finding's name). For a given finding, the key will be the same across targets. The user can use these keys to filter the findings.
- Is
Top boolFinding - A filter to return only the findings that are marked as top findings.
- References string
- An optional filter to return only findings containing the specified reference.
- Severity string
- A filter to return only findings of a particular risk level.
- State string
- A filter to return only the findings that match the specified lifecycle states.
- Target
Id string - A filter to return only items related to a specific target OCID.
- security
Assessment StringId - The OCID of the security assessment.
- access
Level String - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment
Id BooleanIn Subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- filters
List<Get
Security Assessment Findings Filter> - finding
Key String - Each finding in security assessment has an associated key (think of key as a finding's name). For a given finding, the key will be the same across targets. The user can use these keys to filter the findings.
- is
Top BooleanFinding - A filter to return only the findings that are marked as top findings.
- references String
- An optional filter to return only findings containing the specified reference.
- severity String
- A filter to return only findings of a particular risk level.
- state String
- A filter to return only the findings that match the specified lifecycle states.
- target
Id String - A filter to return only items related to a specific target OCID.
- security
Assessment stringId - The OCID of the security assessment.
- access
Level string - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment
Id booleanIn Subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- filters
Get
Security Assessment Findings Filter[] - finding
Key string - Each finding in security assessment has an associated key (think of key as a finding's name). For a given finding, the key will be the same across targets. The user can use these keys to filter the findings.
- is
Top booleanFinding - A filter to return only the findings that are marked as top findings.
- references string
- An optional filter to return only findings containing the specified reference.
- severity string
- A filter to return only findings of a particular risk level.
- state string
- A filter to return only the findings that match the specified lifecycle states.
- target
Id string - A filter to return only items related to a specific target OCID.
- security_
assessment_ strid - The OCID of the security assessment.
- access_
level str - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment_
id_ boolin_ subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- filters
Sequence[datasafe.
Get Security Assessment Findings Filter] - finding_
key str - Each finding in security assessment has an associated key (think of key as a finding's name). For a given finding, the key will be the same across targets. The user can use these keys to filter the findings.
- is_
top_ boolfinding - A filter to return only the findings that are marked as top findings.
- references str
- An optional filter to return only findings containing the specified reference.
- severity str
- A filter to return only findings of a particular risk level.
- state str
- A filter to return only the findings that match the specified lifecycle states.
- target_
id str - A filter to return only items related to a specific target OCID.
- security
Assessment StringId - The OCID of the security assessment.
- access
Level String - Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment
Id BooleanIn Subtree - Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- filters List<Property Map>
- finding
Key String - Each finding in security assessment has an associated key (think of key as a finding's name). For a given finding, the key will be the same across targets. The user can use these keys to filter the findings.
- is
Top BooleanFinding - A filter to return only the findings that are marked as top findings.
- references String
- An optional filter to return only findings containing the specified reference.
- severity String
- A filter to return only findings of a particular risk level.
- state String
- A filter to return only the findings that match the specified lifecycle states.
- target
Id String - A filter to return only items related to a specific target OCID.
getSecurityAssessmentFindings Result
The following output properties are available:
- Findings
List<Get
Security Assessment Findings Finding> - The list of findings.
- Id string
- The provider-assigned unique ID for this managed resource.
- Security
Assessment stringId - Access
Level string - Compartment
Id boolIn Subtree - Filters
List<Get
Security Assessment Findings Filter> - Finding
Key string - Is
Top boolFinding - Indicates whether a given finding is marked as topFinding or not.
- References string
- Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
- Severity string
- The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
- State string
- The current state of the finding.
- Target
Id string - The OCID of the target database.
- Findings
[]Get
Security Assessment Findings Finding - The list of findings.
- Id string
- The provider-assigned unique ID for this managed resource.
- Security
Assessment stringId - Access
Level string - Compartment
Id boolIn Subtree - Filters
[]Get
Security Assessment Findings Filter - Finding
Key string - Is
Top boolFinding - Indicates whether a given finding is marked as topFinding or not.
- References string
- Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
- Severity string
- The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
- State string
- The current state of the finding.
- Target
Id string - The OCID of the target database.
- findings
List<Get
Security Assessment Findings Finding> - The list of findings.
- id String
- The provider-assigned unique ID for this managed resource.
- security
Assessment StringId - access
Level String - compartment
Id BooleanIn Subtree - filters
List<Get
Security Assessment Findings Filter> - finding
Key String - is
Top BooleanFinding - Indicates whether a given finding is marked as topFinding or not.
- references String
- Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
- severity String
- The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
- state String
- The current state of the finding.
- target
Id String - The OCID of the target database.
- findings
Get
Security Assessment Findings Finding[] - The list of findings.
- id string
- The provider-assigned unique ID for this managed resource.
- security
Assessment stringId - access
Level string - compartment
Id booleanIn Subtree - filters
Get
Security Assessment Findings Filter[] - finding
Key string - is
Top booleanFinding - Indicates whether a given finding is marked as topFinding or not.
- references string
- Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
- severity string
- The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
- state string
- The current state of the finding.
- target
Id string - The OCID of the target database.
- findings
Sequence[datasafe.
Get Security Assessment Findings Finding] - The list of findings.
- id str
- The provider-assigned unique ID for this managed resource.
- security_
assessment_ strid - access_
level str - compartment_
id_ boolin_ subtree - filters
Sequence[datasafe.
Get Security Assessment Findings Filter] - finding_
key str - is_
top_ boolfinding - Indicates whether a given finding is marked as topFinding or not.
- references str
- Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
- severity str
- The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
- state str
- The current state of the finding.
- target_
id str - The OCID of the target database.
- findings List<Property Map>
- The list of findings.
- id String
- The provider-assigned unique ID for this managed resource.
- security
Assessment StringId - access
Level String - compartment
Id BooleanIn Subtree - filters List<Property Map>
- finding
Key String - is
Top BooleanFinding - Indicates whether a given finding is marked as topFinding or not.
- references String
- Provides information on whether the finding is related to a CIS Oracle Database Benchmark recommendation, a STIG rule, or a GDPR Article/Recital.
- severity String
- The severity of the finding as determined by security assessment and is same as oracleDefinedSeverity, unless modified by user.
- state String
- The current state of the finding.
- target
Id String - The OCID of the target database.
Supporting Types
GetSecurityAssessmentFindingsFilter
GetSecurityAssessmentFindingsFinding
- Assessment
Id string - The OCID of the assessment that generated this finding.
- Details List<string>
- The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
- Has
Target boolDb Risk Level Changed - Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
- Is
Risk boolModified - Determines if this risk level was modified by user.
- Is
Top boolFinding - A filter to return only the findings that are marked as top findings.
- Justification string
- User provided reason for accepting or modifying this finding if they choose to do so.
- Key string
- The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
- Lifecycle
Details string - Details about the current state of the finding.
- Oneline string
- Provides a recommended approach to take to remediate the finding reported.
- Oracle
Defined stringSeverity - The severity of the finding as determined by security assessment. This cannot be modified by user.
- References
List<Get
Security Assessment Findings Finding Reference> - An optional filter to return only findings containing the specified reference.
- Remarks string
- The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- Severity string
- A filter to return only findings of a particular risk level.
- State string
- A filter to return only the findings that match the specified lifecycle states.
- Summary string
- The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
- Target
Id string - A filter to return only items related to a specific target OCID.
- Time
Updated string - The date and time the risk level of finding was last updated, in the format defined by RFC3339.
- Time
Valid stringUntil - The time until which the change in severity(deferred / modified) of this finding is valid.
- Title string
- The short title for the finding.
- Assessment
Id string - The OCID of the assessment that generated this finding.
- Details []string
- The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
- Has
Target boolDb Risk Level Changed - Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
- Is
Risk boolModified - Determines if this risk level was modified by user.
- Is
Top boolFinding - A filter to return only the findings that are marked as top findings.
- Justification string
- User provided reason for accepting or modifying this finding if they choose to do so.
- Key string
- The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
- Lifecycle
Details string - Details about the current state of the finding.
- Oneline string
- Provides a recommended approach to take to remediate the finding reported.
- Oracle
Defined stringSeverity - The severity of the finding as determined by security assessment. This cannot be modified by user.
- References
[]Get
Security Assessment Findings Finding Reference - An optional filter to return only findings containing the specified reference.
- Remarks string
- The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- Severity string
- A filter to return only findings of a particular risk level.
- State string
- A filter to return only the findings that match the specified lifecycle states.
- Summary string
- The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
- Target
Id string - A filter to return only items related to a specific target OCID.
- Time
Updated string - The date and time the risk level of finding was last updated, in the format defined by RFC3339.
- Time
Valid stringUntil - The time until which the change in severity(deferred / modified) of this finding is valid.
- Title string
- The short title for the finding.
- assessment
Id String - The OCID of the assessment that generated this finding.
- details List<String>
- The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
- has
Target BooleanDb Risk Level Changed - Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
- is
Risk BooleanModified - Determines if this risk level was modified by user.
- is
Top BooleanFinding - A filter to return only the findings that are marked as top findings.
- justification String
- User provided reason for accepting or modifying this finding if they choose to do so.
- key String
- The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
- lifecycle
Details String - Details about the current state of the finding.
- oneline String
- Provides a recommended approach to take to remediate the finding reported.
- oracle
Defined StringSeverity - The severity of the finding as determined by security assessment. This cannot be modified by user.
- references
List<Get
Security Assessment Findings Finding Reference> - An optional filter to return only findings containing the specified reference.
- remarks String
- The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- severity String
- A filter to return only findings of a particular risk level.
- state String
- A filter to return only the findings that match the specified lifecycle states.
- summary String
- The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
- target
Id String - A filter to return only items related to a specific target OCID.
- time
Updated String - The date and time the risk level of finding was last updated, in the format defined by RFC3339.
- time
Valid StringUntil - The time until which the change in severity(deferred / modified) of this finding is valid.
- title String
- The short title for the finding.
- assessment
Id string - The OCID of the assessment that generated this finding.
- details string[]
- The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
- has
Target booleanDb Risk Level Changed - Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
- is
Risk booleanModified - Determines if this risk level was modified by user.
- is
Top booleanFinding - A filter to return only the findings that are marked as top findings.
- justification string
- User provided reason for accepting or modifying this finding if they choose to do so.
- key string
- The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
- lifecycle
Details string - Details about the current state of the finding.
- oneline string
- Provides a recommended approach to take to remediate the finding reported.
- oracle
Defined stringSeverity - The severity of the finding as determined by security assessment. This cannot be modified by user.
- references
Get
Security Assessment Findings Finding Reference[] - An optional filter to return only findings containing the specified reference.
- remarks string
- The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- severity string
- A filter to return only findings of a particular risk level.
- state string
- A filter to return only the findings that match the specified lifecycle states.
- summary string
- The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
- target
Id string - A filter to return only items related to a specific target OCID.
- time
Updated string - The date and time the risk level of finding was last updated, in the format defined by RFC3339.
- time
Valid stringUntil - The time until which the change in severity(deferred / modified) of this finding is valid.
- title string
- The short title for the finding.
- assessment_
id str - The OCID of the assessment that generated this finding.
- details Sequence[str]
- The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
- has_
target_ booldb_ risk_ level_ changed - Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
- is_
risk_ boolmodified - Determines if this risk level was modified by user.
- is_
top_ boolfinding - A filter to return only the findings that are marked as top findings.
- justification str
- User provided reason for accepting or modifying this finding if they choose to do so.
- key str
- The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
- lifecycle_
details str - Details about the current state of the finding.
- oneline str
- Provides a recommended approach to take to remediate the finding reported.
- oracle_
defined_ strseverity - The severity of the finding as determined by security assessment. This cannot be modified by user.
- references
Sequence[datasafe.
Get Security Assessment Findings Finding Reference] - An optional filter to return only findings containing the specified reference.
- remarks str
- The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- severity str
- A filter to return only findings of a particular risk level.
- state str
- A filter to return only the findings that match the specified lifecycle states.
- summary str
- The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
- target_
id str - A filter to return only items related to a specific target OCID.
- time_
updated str - The date and time the risk level of finding was last updated, in the format defined by RFC3339.
- time_
valid_ struntil - The time until which the change in severity(deferred / modified) of this finding is valid.
- title str
- The short title for the finding.
- assessment
Id String - The OCID of the assessment that generated this finding.
- details List<String>
- The details of the finding. Provides detailed information to explain the finding summary, typically results from the assessed database, followed by any recommendations for changes.
- has
Target BooleanDb Risk Level Changed - Determines if this risk level has changed on the target database since the last time 'severity' was modified by user.
- is
Risk BooleanModified - Determines if this risk level was modified by user.
- is
Top BooleanFinding - A filter to return only the findings that are marked as top findings.
- justification String
- User provided reason for accepting or modifying this finding if they choose to do so.
- key String
- The unique finding key. This is a system-generated identifier. To get the finding key for a finding, use ListFindings.
- lifecycle
Details String - Details about the current state of the finding.
- oneline String
- Provides a recommended approach to take to remediate the finding reported.
- oracle
Defined StringSeverity - The severity of the finding as determined by security assessment. This cannot be modified by user.
- references List<Property Map>
- An optional filter to return only findings containing the specified reference.
- remarks String
- The explanation of the issue in this finding. It explains the reason for the rule and, if a risk is reported, it may also explain the recommended actions for remediation.
- severity String
- A filter to return only findings of a particular risk level.
- state String
- A filter to return only the findings that match the specified lifecycle states.
- summary String
- The brief summary of the finding. When the finding is informational, the summary typically reports only the number of data elements that were examined.
- target
Id String - A filter to return only items related to a specific target OCID.
- time
Updated String - The date and time the risk level of finding was last updated, in the format defined by RFC3339.
- time
Valid StringUntil - The time until which the change in severity(deferred / modified) of this finding is valid.
- title String
- The short title for the finding.
GetSecurityAssessmentFindingsFindingReference
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oci
Terraform Provider.