VulnerabilityScanningClient

class oci.vulnerability_scanning.VulnerabilityScanningClient(config, **kwargs)

Use the Vulnerability Scanning Service (VSS) API to manage scan recipes, targets, and reports. For more information, see [the Vulnerability Scanning documentation](/iaas/scanning/home.htm).

Methods

__init__(config, **kwargs) Creates a new service client
change_container_scan_recipe_compartment(…) Moves a ContainerScanRecipe into a different compartment.
change_container_scan_result_compartment(…) Moves a ContainerScanResult into a different compartment.
change_container_scan_target_compartment(…) Moves a ContainerScanTarget into a different compartment.
change_host_agent_scan_result_compartment(…) Moves a HostAgentScanResult into a different compartment.
change_host_cis_benchmark_scan_result_compartment(…) Moves a HostCisBenchmarkScanResult into a different compartment.
change_host_endpoint_protection_scan_result_compartment(…) Moves a HostEndpointProtectionScanResult into a different compartment.
change_host_port_scan_result_compartment(…) Moves a HostPortScanResult into a different compartment.
change_host_scan_recipe_compartment(…) Moves a HostScanRecipe into a different compartment.
change_host_scan_target_compartment(…) Moves a HostScanTarget into a different compartment.
create_container_scan_recipe(…) Creates a new ContainerScanRecipe.
create_container_scan_target(…) Creates a new ContainerScanTarget.
create_host_scan_recipe(…) Creates a new HostScanRecipe.
create_host_scan_target(…) Creates a new HostScanTarget.
delete_container_scan_recipe(…) Deletes the ContainerScanRecipe identified by the recipe ID.
delete_container_scan_result(…) Deletes the ContainerScanResult identified by the container scan ID.
delete_container_scan_target(…) Deletes the ContainerScanTarget identified by the target ID.
delete_host_agent_scan_result(…) Deletes the HostAgentScanResult identified by the host agent scan ID.
delete_host_cis_benchmark_scan_result(…) Deletes the HostCisBenchmarkScanResult identified by the benchmark scan result ID.
delete_host_endpoint_protection_scan_result(…) Deletes the HostEndpointProtectionScanResult identified by the id
delete_host_port_scan_result(…) Deletes the HostPortScanResult identified by the host port scan ID.
delete_host_scan_recipe(host_scan_recipe_id, …) Deletes the HostScanRecipe identified by the recipe ID.
delete_host_scan_target(host_scan_target_id, …) Deletes the HostScanTarget identified by the target ID.
export_host_agent_scan_result_csv(…) Exports a list of HostAgentScanResultSummary objects within a compartment and during a specified time range in CSV format.
export_host_vulnerability_csv(…) Exports a list of HostVulnerabilitySummary objects in a compartment in CSV format.
get_container_scan_recipe(…) Retrieves a ContainerScanRecipe identified by the recipe ID.
get_container_scan_result(…) Retrieves a ContainerScanResult identified by the container scan ID.
get_container_scan_target(…) Gets a ContainerScanTarget identified by the target ID.
get_host_agent_scan_result(…) Retrieves a HostAgentScanResult identified by the host agent scan ID.
get_host_cis_benchmark_scan_result(…) Retrieves a HostCisBenchmarkScanResult identified by the benchmark scan result ID.
get_host_endpoint_protection_scan_result(…) Returns HostEndpointProtectionScanResults for the given host endpoint protection scan result ID.
get_host_port_scan_result(…) Retrieves a HostPortScanResult identified by the host port scan ID.
get_host_scan_recipe(host_scan_recipe_id, …) Retrieves a HostScanRecipe identified by the recipe ID.
get_host_scan_target(host_scan_target_id, …) Retrieves a HostScanTarget identified by the target ID.
get_host_vulnerability(…) Retrieves a HostVulnerability identified by the host vulnerability ID.
get_vulnerability(vulnerability_id, **kwargs) Retrieves a Vulnerability identified by the vulnerability ID.
get_work_request(work_request_id, **kwargs) Gets the status of the work request with the given ID.
list_container_scan_recipes(compartment_id, …) Retrieves a list of ContainerScanRecipeSummary objects in a compartment.
list_container_scan_results(compartment_id, …) Retrieves a list of ContainerScanResultSummary objects in a compartment.
list_container_scan_targets(compartment_id, …) Retrieves a list of ContainerScanTargetSummary objects in a compartment.
list_host_agent_scan_results(compartment_id, …) Retrieves a list of HostAgentScanResultSummary objects in a compartment.
list_host_cis_benchmark_scan_results(…) Retrieves a list of HostCisBenchmarkScanResultSummary objects in a compartment.
list_host_endpoint_protection_scan_results(…) Returns a collection of HostEndpointProtectionScanResultSummary objects
list_host_port_scan_results(compartment_id, …) Retrieves a list of HostPortScanResultSummary objects in a compartment.
list_host_scan_recipes(compartment_id, **kwargs) Retrieves a list of HostScanRecipeSummary objects in a compartment.
list_host_scan_targets(compartment_id, **kwargs) Retrieves a list of HostScanTargetSummary objects in a compartment.
list_host_vulnerabilities(compartment_id, …) Retrieves a list of HostVulnerabilitySummary objects in a compartment.
list_host_vulnerability_impacted_hosts(…) Retrieves a list of HostVulnerabilityImpactedHostSummary objects for a specific host vulnerability ID.
list_vulnerabilities(compartment_id, **kwargs) Retrieves a list of VulnerabilitySummary objects in a compartment.
list_vulnerability_impacted_containers(…) Retrieves a list of VulnerabilityImpactedContainerSummary objects for a specific vulnerability ID.
list_vulnerability_impacted_hosts(…) Retrieves a list of VulnerabilityImpactedHostSummary objects for a specific host vulnerability ID.
list_work_request_errors(work_request_id, …) Return a (paginated) list of errors for a given work request.
list_work_request_logs(work_request_id, **kwargs) Return a (paginated) list of logs for a given work request.
list_work_requests(compartment_id, **kwargs) Lists the work requests in a compartment.
update_container_scan_recipe(…) Updates the ContainerScanRecipe identified by the recipe ID.
update_container_scan_target(…) Updates the ContainerScanTarget identified by the target ID.
update_host_scan_recipe(host_scan_recipe_id, …) Updates the HostScanRecipe identified by the recipe ID.
update_host_scan_target(host_scan_target_id, …) Updates the HostScanTarget identified by the target ID.
__init__(config, **kwargs)

Creates a new service client

Parameters:
  • config (dict) – Configuration keys and values as per SDK and Tool Configuration. The from_file() method can be used to load configuration from a file. Alternatively, a dict can be passed. You can validate_config the dict using validate_config()
  • service_endpoint (str) – (optional) The endpoint of the service to call using this client. For example https://iaas.us-ashburn-1.oraclecloud.com. If this keyword argument is not provided then it will be derived using the region in the config parameter. You should only provide this keyword argument if you have an explicit need to specify a service endpoint.
  • timeout (float or tuple(float, float)) – (optional) The connection and read timeouts for the client. The default values are connection timeout 10 seconds and read timeout 60 seconds. This keyword argument can be provided as a single float, in which case the value provided is used for both the read and connection timeouts, or as a tuple of two floats. If a tuple is provided then the first value is used as the connection timeout and the second value as the read timeout.
  • signer (AbstractBaseSigner) –

    (optional) The signer to use when signing requests made by the service client. The default is to use a Signer based on the values provided in the config parameter.

    One use case for this parameter is for Instance Principals authentication by passing an instance of InstancePrincipalsSecurityTokenSigner as the value for this keyword argument

  • retry_strategy (obj) –

    (optional) A retry strategy to apply to all calls made by this service client (i.e. at the client level). There is no retry strategy applied by default. Retry strategies can also be applied at the operation level by passing a retry_strategy keyword argument as part of calling the operation. Any value provided at the operation level will override whatever is specified at the client level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

  • circuit_breaker_strategy (obj) – (optional) A circuit breaker strategy to apply to all calls made by this service client (i.e. at the client level). This client uses DEFAULT_CIRCUIT_BREAKER_STRATEGY as default if no circuit breaker strategy is provided. The specifics of circuit breaker strategy are described here.
  • circuit_breaker_callback (function) – (optional) Callback function to receive any exceptions triggerred by the circuit breaker.
  • allow_control_chars – (optional) allow_control_chars is a boolean to indicate whether or not this client should allow control characters in the response object. By default, the client will not allow control characters to be in the response object.
change_container_scan_recipe_compartment(container_scan_recipe_id, change_container_scan_recipe_compartment_details, **kwargs)

Moves a ContainerScanRecipe into a different compartment. When provided, If-Match is checked against ETag values of the resource.

Parameters:
  • container_scan_recipe_id (str) – (required) unique ContainerScanRecipe identifier
  • change_container_scan_recipe_compartment_details (oci.vulnerability_scanning.models.ChangeContainerScanRecipeCompartmentDetails) – (required) The compartment information to update.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use change_container_scan_recipe_compartment API.

change_container_scan_result_compartment(container_scan_result_id, change_container_scan_result_compartment_details, **kwargs)

Moves a ContainerScanResult into a different compartment. When provided, If-Match is checked against ETag values of the resource.

Parameters:
  • container_scan_result_id (str) – (required) unique container scan identifier
  • change_container_scan_result_compartment_details (oci.vulnerability_scanning.models.ChangeContainerScanResultCompartmentDetails) – (required) The compartment information to update.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use change_container_scan_result_compartment API.

change_container_scan_target_compartment(container_scan_target_id, change_container_scan_target_compartment_details, **kwargs)

Moves a ContainerScanTarget into a different compartment. When provided, If-Match is checked against ETag values of the resource.

Parameters:
  • container_scan_target_id (str) – (required) unique ContainerScanTarget identifier
  • change_container_scan_target_compartment_details (oci.vulnerability_scanning.models.ChangeContainerScanTargetCompartmentDetails) – (required) The compartment information to update.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use change_container_scan_target_compartment API.

change_host_agent_scan_result_compartment(host_agent_scan_result_id, change_host_agent_scan_result_compartment_details, **kwargs)

Moves a HostAgentScanResult into a different compartment. When provided, If-Match is checked against ETag values of the resource.

Parameters:
  • host_agent_scan_result_id (str) – (required) unique host agent scan identifier
  • change_host_agent_scan_result_compartment_details (oci.vulnerability_scanning.models.ChangeHostAgentScanResultCompartmentDetails) – (required) The compartment information to update.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use change_host_agent_scan_result_compartment API.

change_host_cis_benchmark_scan_result_compartment(host_cis_benchmark_scan_result_id, change_host_cis_benchmark_scan_result_compartment_details, **kwargs)

Moves a HostCisBenchmarkScanResult into a different compartment. When provided, If-Match is checked against ETag values of the resource.

Parameters:
  • host_cis_benchmark_scan_result_id (str) – (required) unique host Cis benchmark scan identifier
  • change_host_cis_benchmark_scan_result_compartment_details (oci.vulnerability_scanning.models.ChangeHostCisBenchmarkScanResultCompartmentDetails) – (required) The compartment information to update.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use change_host_cis_benchmark_scan_result_compartment API.

change_host_endpoint_protection_scan_result_compartment(host_endpoint_protection_scan_result_id, change_host_endpoint_protection_scan_result_compartment_details, **kwargs)

Moves a HostEndpointProtectionScanResult into a different compartment. When provided, If-Match is checked against ETag values of the resource.

Parameters:
  • host_endpoint_protection_scan_result_id (str) – (required) unique host endpoint protection scan identifier
  • change_host_endpoint_protection_scan_result_compartment_details (oci.vulnerability_scanning.models.ChangeHostEndpointProtectionScanResultCompartmentDetails) – (required) The compartment information to update.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use change_host_endpoint_protection_scan_result_compartment API.

change_host_port_scan_result_compartment(host_port_scan_result_id, change_host_port_scan_result_compartment_details, **kwargs)

Moves a HostPortScanResult into a different compartment. When provided, If-Match is checked against ETag values of the resource.

Parameters:
  • host_port_scan_result_id (str) – (required) unique host port scan identifier
  • change_host_port_scan_result_compartment_details (oci.vulnerability_scanning.models.ChangeHostPortScanResultCompartmentDetails) – (required) The compartment information to update.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use change_host_port_scan_result_compartment API.

change_host_scan_recipe_compartment(host_scan_recipe_id, change_host_scan_recipe_compartment_details, **kwargs)

Moves a HostScanRecipe into a different compartment. When provided, If-Match is checked against ETag values of the resource.

Parameters:
  • host_scan_recipe_id (str) – (required) unique HostScanRecipe identifier
  • change_host_scan_recipe_compartment_details (oci.vulnerability_scanning.models.ChangeHostScanRecipeCompartmentDetails) – (required) The compartment information to update.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use change_host_scan_recipe_compartment API.

change_host_scan_target_compartment(host_scan_target_id, change_host_scan_target_compartment_details, **kwargs)

Moves a HostScanTarget into a different compartment. When provided, If-Match is checked against ETag values of the resource.

Parameters:
  • host_scan_target_id (str) – (required) unique HostScanTarget identifier
  • change_host_scan_target_compartment_details (oci.vulnerability_scanning.models.ChangeHostScanTargetCompartmentDetails) – (required) The compartment information to update.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use change_host_scan_target_compartment API.

create_container_scan_recipe(create_container_scan_recipe_details, **kwargs)

Creates a new ContainerScanRecipe. A recipe determines the types of security issues that you want scanned.

Parameters:
  • create_container_scan_recipe_details (oci.vulnerability_scanning.models.CreateContainerScanRecipeDetails) – (required) Details for the new ContainerScanRecipe
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type ContainerScanRecipe
Return type:

Response
Example:

Click here to see an example of how to use create_container_scan_recipe API.

create_container_scan_target(create_container_scan_target_details, **kwargs)

Creates a new ContainerScanTarget. A container scan target specifies a group of one or more Docker image repositories in Oracle Cloud Infrastructure Registry (OCIR) that you want routinely scanned for security vulnerabilities.

Parameters:
  • create_container_scan_target_details (oci.vulnerability_scanning.models.CreateContainerScanTargetDetails) – (required) Details for the new ContainerScanTarget
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type ContainerScanTarget
Return type:

Response
Example:

Click here to see an example of how to use create_container_scan_target API.

create_host_scan_recipe(create_host_scan_recipe_details, **kwargs)

Creates a new HostScanRecipe. A recipe determines the types of security issues that you want scanned, and how often to scan.

Parameters:
  • create_host_scan_recipe_details (oci.vulnerability_scanning.models.CreateHostScanRecipeDetails) – (required) Details for the new HostScanRecipe
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostScanRecipe
Return type:

Response
Example:

Click here to see an example of how to use create_host_scan_recipe API.

create_host_scan_target(create_host_scan_target_details, **kwargs)

Creates a new HostScanTarget. A host scan target is a collection of compute instances that you want routinely scanned for security vulnerabilities.

Parameters:
  • create_host_scan_target_details (oci.vulnerability_scanning.models.CreateHostScanTargetDetails) – (required) Details for the new HostScanTarget
  • opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostScanTarget
Return type:

Response
Example:

Click here to see an example of how to use create_host_scan_target API.

delete_container_scan_recipe(container_scan_recipe_id, **kwargs)

Deletes the ContainerScanRecipe identified by the recipe ID.

Parameters:
  • container_scan_recipe_id (str) – (required) unique ContainerScanRecipe identifier
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use delete_container_scan_recipe API.

delete_container_scan_result(container_scan_result_id, **kwargs)

Deletes the ContainerScanResult identified by the container scan ID.

Parameters:
  • container_scan_result_id (str) – (required) unique container scan identifier
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use delete_container_scan_result API.

delete_container_scan_target(container_scan_target_id, **kwargs)

Deletes the ContainerScanTarget identified by the target ID.

Parameters:
  • container_scan_target_id (str) – (required) unique ContainerScanTarget identifier
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use delete_container_scan_target API.

delete_host_agent_scan_result(host_agent_scan_result_id, **kwargs)

Deletes the HostAgentScanResult identified by the host agent scan ID.

Parameters:
  • host_agent_scan_result_id (str) – (required) unique host agent scan identifier
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use delete_host_agent_scan_result API.

delete_host_cis_benchmark_scan_result(host_cis_benchmark_scan_result_id, **kwargs)

Deletes the HostCisBenchmarkScanResult identified by the benchmark scan result ID.

Parameters:
  • host_cis_benchmark_scan_result_id (str) – (required) unique host Cis benchmark scan identifier
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use delete_host_cis_benchmark_scan_result API.

delete_host_endpoint_protection_scan_result(host_endpoint_protection_scan_result_id, **kwargs)

Deletes the HostEndpointProtectionScanResult identified by the id

Parameters:
  • host_endpoint_protection_scan_result_id (str) – (required) unique host endpoint protection scan identifier
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use delete_host_endpoint_protection_scan_result API.

delete_host_port_scan_result(host_port_scan_result_id, **kwargs)

Deletes the HostPortScanResult identified by the host port scan ID.

Parameters:
  • host_port_scan_result_id (str) – (required) unique host port scan identifier
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use delete_host_port_scan_result API.

delete_host_scan_recipe(host_scan_recipe_id, **kwargs)

Deletes the HostScanRecipe identified by the recipe ID.

Parameters:
  • host_scan_recipe_id (str) – (required) unique HostScanRecipe identifier
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use delete_host_scan_recipe API.

delete_host_scan_target(host_scan_target_id, **kwargs)

Deletes the HostScanTarget identified by the target ID.

Parameters:
  • host_scan_target_id (str) – (required) unique HostScanTarget identifier
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use delete_host_scan_target API.

export_host_agent_scan_result_csv(export_host_agent_scan_result_csv_details, **kwargs)

Exports a list of HostAgentScanResultSummary objects within a compartment and during a specified time range in CSV format. You can filter the results by problem severity.

Parameters:
  • export_host_agent_scan_result_csv_details (oci.vulnerability_scanning.models.ExportHostAgentScanResultCsvDetails) – (required) Information on which scan results to export to CSV
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type stream
Return type:

Response
Example:

Click here to see an example of how to use export_host_agent_scan_result_csv API.

export_host_vulnerability_csv(export_host_vulnerability_csv_details, **kwargs)

Exports a list of HostVulnerabilitySummary objects in a compartment in CSV format.

Parameters:
  • export_host_vulnerability_csv_details (oci.vulnerability_scanning.models.ExportHostVulnerabilityCsvDetails) – (required) Information on which scan results to export to CSV
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type stream
Return type:

Response
Example:

Click here to see an example of how to use export_host_vulnerability_csv API.

get_container_scan_recipe(container_scan_recipe_id, **kwargs)

Retrieves a ContainerScanRecipe identified by the recipe ID. A recipe determines the types of security issues that you want scanned.

Parameters:
  • container_scan_recipe_id (str) – (required) unique ContainerScanRecipe identifier
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type ContainerScanRecipe
Return type:

Response
Example:

Click here to see an example of how to use get_container_scan_recipe API.

get_container_scan_result(container_scan_result_id, **kwargs)

Retrieves a ContainerScanResult identified by the container scan ID. The result includes a list of problems found in a specific image in a Docker repository.

Parameters:
  • container_scan_result_id (str) – (required) unique container scan identifier
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type ContainerScanResult
Return type:

Response
Example:

Click here to see an example of how to use get_container_scan_result API.

get_container_scan_target(container_scan_target_id, **kwargs)

Gets a ContainerScanTarget identified by the target ID. A container scan target specifies a group of one or more Docker image repositories in Oracle Cloud Infrastructure Registry (OCIR) that you want routinely scanned for security vulnerabilities.

Parameters:
  • container_scan_target_id (str) – (required) unique ContainerScanTarget identifier
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type ContainerScanTarget
Return type:

Response
Example:

Click here to see an example of how to use get_container_scan_target API.

get_host_agent_scan_result(host_agent_scan_result_id, **kwargs)

Retrieves a HostAgentScanResult identified by the host agent scan ID. The result includes a list of CVEs detected in a specific compute instance.

Parameters:
  • host_agent_scan_result_id (str) – (required) unique host agent scan identifier
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostAgentScanResult
Return type:

Response
Example:

Click here to see an example of how to use get_host_agent_scan_result API.

get_host_cis_benchmark_scan_result(host_cis_benchmark_scan_result_id, **kwargs)

Retrieves a HostCisBenchmarkScanResult identified by the benchmark scan result ID. A CIS (Center for Internet Security) benchmark scan result includes a list of benchmarks that were tested on a specific compute instance, and whether each test passed or failed.

Parameters:
  • host_cis_benchmark_scan_result_id (str) – (required) unique host Cis benchmark scan identifier
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostCisBenchmarkScanResult
Return type:

Response
Example:

Click here to see an example of how to use get_host_cis_benchmark_scan_result API.

get_host_endpoint_protection_scan_result(host_endpoint_protection_scan_result_id, **kwargs)

Returns HostEndpointProtectionScanResults for the given host endpoint protection scan result ID.

Parameters:
  • host_endpoint_protection_scan_result_id (str) – (required) unique host endpoint protection scan identifier
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostEndpointProtectionScanResult
Return type:

Response
Example:

Click here to see an example of how to use get_host_endpoint_protection_scan_result API.

get_host_port_scan_result(host_port_scan_result_id, **kwargs)

Retrieves a HostPortScanResult identified by the host port scan ID. The result includes a list of open ports that were detected in a specific compute instance.

Parameters:
  • host_port_scan_result_id (str) – (required) unique host port scan identifier
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostPortScanResult
Return type:

Response
Example:

Click here to see an example of how to use get_host_port_scan_result API.

get_host_scan_recipe(host_scan_recipe_id, **kwargs)

Retrieves a HostScanRecipe identified by the recipe ID. A recipe determines the types of security issues that you want scanned, and how often to scan.

Parameters:
  • host_scan_recipe_id (str) – (required) unique HostScanRecipe identifier
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostScanRecipe
Return type:

Response
Example:

Click here to see an example of how to use get_host_scan_recipe API.

get_host_scan_target(host_scan_target_id, **kwargs)

Retrieves a HostScanTarget identified by the target ID. A host scan target is a collection of compute instances that you want routinely scanned for security vulnerabilities.

Parameters:
  • host_scan_target_id (str) – (required) unique HostScanTarget identifier
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostScanTarget
Return type:

Response
Example:

Click here to see an example of how to use get_host_scan_target API.

get_host_vulnerability(host_vulnerability_id, **kwargs)

Retrieves a HostVulnerability identified by the host vulnerability ID. A host vulnerability describes a security issue that was detected in scans of one or more compute instances. Common Vulnerabilities and Exposures (CVE) numbers identify security vulnerabilities for operating systems and other software, including Critical Patch Updates and Security Alert advisories.

Parameters:
  • host_vulnerability_id (str) – (required) unique host scan vulnerability identifier
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostVulnerability
Return type:

Response
Example:

Click here to see an example of how to use get_host_vulnerability API.

get_vulnerability(vulnerability_id, **kwargs)

Retrieves a Vulnerability identified by the vulnerability ID. A vulnerability describes a security issue that was detected in scans of one or more compute instances, container scan repositories. Common Vulnerabilities and Exposures (CVE) numbers identify security vulnerabilities for operating systems and other software, including Critical Patch Updates and Security Alert advisories.

Parameters:
  • vulnerability_id (str) – (required) unique vulnerability identifier
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type Vulnerability
Return type:

Response
Example:

Click here to see an example of how to use get_vulnerability API.

get_work_request(work_request_id, **kwargs)

Gets the status of the work request with the given ID.

Parameters:
  • work_request_id (str) – (required) The ID of the asynchronous request.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type WorkRequest
Return type:

Response
Example:

Click here to see an example of how to use get_work_request API.

list_container_scan_recipes(compartment_id, **kwargs)

Retrieves a list of ContainerScanRecipeSummary objects in a compartment. A recipe determines the types of security issues that you want scanned.

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • lifecycle_state (str) –

    (optional) A filter to return only resources whose lifecycleState matches the given lifecycleState.

    Allowed values are: “CREATING”, “UPDATING”, “ACTIVE”, “DELETING”, “DELETED”, “FAILED”

  • display_name (str) – (optional) A filter to return only resources that match the entire display name given.
  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

    Allowed values are: “timeCreated”, “displayName”

  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type ContainerScanRecipeSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_container_scan_recipes API.

list_container_scan_results(compartment_id, **kwargs)

Retrieves a list of ContainerScanResultSummary objects in a compartment. You can filter and sort the results by problem severity and time. A container scan result includes a list of problems detected in a specific image in a Docker repository.

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • repository (str) – (optional) Repository name
  • image (str) – (optional) Image name
  • are_subcompartments_included (bool) – (optional) When listing with one or more filters, whether to include subcompartments for the compartmentId being listed for. Does nothing if no filters are present in the query.
  • highest_problem_severity (str) –

    (optional) Parameter to filter by highestProblemSeverity for scan results

    Allowed values are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”

  • time_started_greater_than_or_equal_to (datetime) –

    (optional) Date and time on or after which scans were started, as described in RFC 3339

  • time_started_less_than_or_equal_to (datetime) –

    (optional) Date and time on or before which scans were started, as described in RFC 3339

  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order is descending. If no value is specified timeStarted is default.

    Allowed values are: “timeStarted”, “problemCount”, “highestProblemSeverity”

  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type ContainerScanResultSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_container_scan_results API.

list_container_scan_targets(compartment_id, **kwargs)

Retrieves a list of ContainerScanTargetSummary objects in a compartment. A container scan target specifies a group of one or more Docker image repositories in Oracle Cloud Infrastructure Registry (OCIR) that you want routinely scanned for security vulnerabilities.

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • lifecycle_state (str) –

    (optional) A filter to return only resources whose lifecycleState matches the given lifecycleState.

    Allowed values are: “CREATING”, “UPDATING”, “ACTIVE”, “DELETING”, “DELETED”, “FAILED”

  • display_name (str) – (optional) A filter to return only resources that match the entire display name given.
  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

    Allowed values are: “timeCreated”, “displayName”

  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type ContainerScanTargetSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_container_scan_targets API.

list_host_agent_scan_results(compartment_id, **kwargs)

Retrieves a list of HostAgentScanResultSummary objects in a compartment. You can filter and sort the results by problem severity and time. An agent scan result includes a list of CVEs detected in a specific compute instance.

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • instance_id (str) – (optional) The ID of a compute instance
  • highest_problem_severity (str) –

    (optional) Parameter to filter by highestProblemSeverity for scan results

    Allowed values are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”

  • operating_system (str) – (optional) Parameter to filter by operating system for scan results
  • time_started_greater_than_or_equal_to (datetime) –

    (optional) Date and time on or after which scans were started, as described in RFC 3339

  • time_started_less_than_or_equal_to (datetime) –

    (optional) Date and time on or before which scans were started, as described in RFC 3339

  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order is descending. If no value is specified timeStarted is default.

    Allowed values are: “timeStarted”, “timeFinished”, “problemCount”, “highestProblemSeverity”, “timeCompleted”

  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • display_name (str) – (optional) A filter to return only resources that match the entire display name given.
  • is_latest_only (bool) – (optional) A flag to return only the latest scan result of an instance.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostAgentScanResultSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_host_agent_scan_results API.

list_host_cis_benchmark_scan_results(compartment_id, **kwargs)

Retrieves a list of HostCisBenchmarkScanResultSummary objects in a compartment. You can filter and sort the results by problem severity and time. A CIS (Center for Internet Security) benchmark scan result includes the number of failed benchmark tests on a specific compute instance.

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • instance_id (str) – (optional) The ID of a compute instance
  • highest_problem_severity (str) –

    (optional) Parameter to filter by highestProblemSeverity for scan results

    Allowed values are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”

  • time_started_greater_than_or_equal_to (datetime) –

    (optional) Date and time on or after which scans were started, as described in RFC 3339

  • time_started_less_than_or_equal_to (datetime) –

    (optional) Date and time on or before which scans were started, as described in RFC 3339

  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order is descending. If no value is specified timeFinished is default.

    Allowed values are: “timeStarted”, “timeFinished”, “cisBenchmarkScanIssuesCount”

  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • display_name (str) – (optional) A filter to return only resources that match the entire display name given.
  • is_latest_only (bool) – (optional) A flag to return only the latest scan result of an instance.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostCisBenchmarkScanResultSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_host_cis_benchmark_scan_results API.

list_host_endpoint_protection_scan_results(compartment_id, **kwargs)

Returns a collection of HostEndpointProtectionScanResultSummary objects

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • instance_id (str) – (optional) The ID of a compute instance
  • highest_problem_severity (str) –

    (optional) Parameter to filter by highestProblemSeverity for scan results

    Allowed values are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”

  • time_started_greater_than_or_equal_to (datetime) –

    (optional) Date and time on or after which scans were started, as described in RFC 3339

  • time_started_less_than_or_equal_to (datetime) –

    (optional) Date and time on or before which scans were started, as described in RFC 3339

  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order is descending. If no value is specified timeFinished is default.

    Allowed values are: “timeStarted”, “timeFinished”, “problemSeverity”

  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • display_name (str) – (optional) A filter to return only resources that match the entire display name given.
  • is_latest_only (bool) – (optional) A flag to return only the latest scan result of an instance.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostEndpointProtectionScanResultSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_host_endpoint_protection_scan_results API.

list_host_port_scan_results(compartment_id, **kwargs)

Retrieves a list of HostPortScanResultSummary objects in a compartment. You can filter and sort the results by problem severity and time. A port scan result includes a list of open ports that were detected in a specific compute instance.

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • instance_id (str) – (optional) The ID of a compute instance
  • highest_problem_severity (str) –

    (optional) Parameter to filter by highestProblemSeverity for scan results

    Allowed values are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”

  • time_started_greater_than_or_equal_to (datetime) –

    (optional) Date and time on or after which scans were started, as described in RFC 3339

  • time_started_less_than_or_equal_to (datetime) –

    (optional) Date and time on or before which scans were started, as described in RFC 3339

  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order is descending. If no value is specified timeFinished is default.

    Allowed values are: “timeStarted”, “timeFinished”, “openPortCount”, “highestProblemSeverity”, “timeCompleted”

  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • display_name (str) – (optional) A filter to return only resources that match the entire display name given.
  • is_latest_only (bool) – (optional) A flag to return only the latest scan result of an instance.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostPortScanResultSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_host_port_scan_results API.

list_host_scan_recipes(compartment_id, **kwargs)

Retrieves a list of HostScanRecipeSummary objects in a compartment. A recipe determines the types of security issues that you want scanned, and how often to scan.

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • lifecycle_state (str) –

    (optional) A filter to return only resources whose lifecycleState matches the given lifecycleState.

    Allowed values are: “CREATING”, “UPDATING”, “ACTIVE”, “DELETING”, “DELETED”, “FAILED”

  • display_name (str) – (optional) A filter to return only resources that match the entire display name given.
  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

    Allowed values are: “timeCreated”, “displayName”

  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostScanRecipeSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_host_scan_recipes API.

list_host_scan_targets(compartment_id, **kwargs)

Retrieves a list of HostScanTargetSummary objects in a compartment. A host scan target is a collection of compute instances that you want routinely scanned for security vulnerabilities.

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • lifecycle_state (str) –

    (optional) A filter to return only resources whose lifecycleState matches the given lifecycleState.

    Allowed values are: “CREATING”, “UPDATING”, “ACTIVE”, “DELETING”, “DELETED”, “FAILED”

  • display_name (str) – (optional) A filter to return only resources that match the entire display name given.
  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

    Allowed values are: “timeCreated”, “displayName”

  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostScanTargetSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_host_scan_targets API.

list_host_vulnerabilities(compartment_id, **kwargs)

Retrieves a list of HostVulnerabilitySummary objects in a compartment. You can filter and sort the vulnerabilities by problem severity and time. A host vulnerability describes a security issue that was detected in scans of one or more compute instances.

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • severity (str) –

    (optional) A filter to return only resources that have a severity that matches the given severity

    Allowed values are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”

  • name (str) – (optional) A filter to return only resources that match the entire name given.
  • cve_reference (str) – (optional) Parameter to filter by CVE reference number for vulnerabilities
  • vulnerability_type (str) –

    (optional) The field to filter vulnerabilities based on its type. Only one value can be provided.

    Allowed values are: “CVE”, “PROBLEM”

  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order for ‘name’ is Ascending. Default order for other values is descending. If no value is specified name is default.

    Allowed values are: “name”, “severity”, “impactedHosts”, “firstDetected”, “lastDetected”

  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostVulnerabilitySummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_host_vulnerabilities API.

list_host_vulnerability_impacted_hosts(host_vulnerability_id, **kwargs)

Retrieves a list of HostVulnerabilityImpactedHostSummary objects for a specific host vulnerability ID. An impacted host summary identifies a compute instance on which the specified vulnerability was detected.

Parameters:
  • host_vulnerability_id (str) – (required) unique host scan vulnerability identifier
  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order is Ascending. If no value is specified instanceId is default.

    Allowed values are: “instanceId”

  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type HostVulnerabilityImpactedHostSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_host_vulnerability_impacted_hosts API.

list_vulnerabilities(compartment_id, **kwargs)

Retrieves a list of VulnerabilitySummary objects in a compartment. You can filter and sort the vulnerabilities by problem severity and time and type. A vulnerability describes a security issue that was detected in scans of one or more compute instances, container images.

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • severity (str) –

    (optional) A filter to return only resources that have a severity that matches the given severity

    Allowed values are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”

  • name (str) – (optional) A filter to return only resources that match the entire name given.
  • vulnerability_reference (str) – (optional) Parameter to filter the vulnerability type’s unique identifier. For CVE, this is the MITRE CVE ID
  • vulnerability_type (str) –

    (optional) The field to filter vulnerabilities based on its type. Only one value can be provided.

    Allowed values are: “CVE”, “PROBLEM”

  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order for ‘name’ is Ascending. Default order for other values is descending. If no value is specified name is default.

    Allowed values are: “name”, “severity”, “firstDetected”, “lastDetected”, “impactedHosts”, “impactedContainers”, “impactedResources”

  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type VulnerabilitySummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_vulnerabilities API.

list_vulnerability_impacted_containers(vulnerability_id, **kwargs)

Retrieves a list of VulnerabilityImpactedContainerSummary objects for a specific vulnerability ID. An impacted container image summary identifies container images on which the specified vulnerability was detected.

Parameters:
  • vulnerability_id (str) – (required) unique vulnerability identifier
  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order is Ascending. If no value is specified image name is default.

    Allowed values are: “image”, “repository”, “registry”

  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type VulnerabilityImpactedContainerSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_vulnerability_impacted_containers API.

list_vulnerability_impacted_hosts(vulnerability_id, **kwargs)

Retrieves a list of VulnerabilityImpactedHostSummary objects for a specific host vulnerability ID. An impacted host summary identifies a compute instance on which the specified vulnerability was detected.

Parameters:
  • vulnerability_id (str) – (required) unique vulnerability identifier
  • sort_order (str) –

    (optional) The sort order to use, either ‘ASC’ or ‘DESC’.

    Allowed values are: “ASC”, “DESC”

  • sort_by (str) –

    (optional) The field to sort by. Only one sort order may be provided. Default order is Ascending. If no value is specified instanceId is default.

    Allowed values are: “instanceId”

  • limit (int) – (optional) The maximum number of items to return.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type VulnerabilityImpactedHostSummaryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_vulnerability_impacted_hosts API.

list_work_request_errors(work_request_id, **kwargs)

Return a (paginated) list of errors for a given work request.

Parameters:
  • work_request_id (str) – (required) The ID of the asynchronous request.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • limit (int) – (optional) The maximum number of items to return.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type WorkRequestErrorCollection
Return type:

Response
Example:

Click here to see an example of how to use list_work_request_errors API.

list_work_request_logs(work_request_id, **kwargs)

Return a (paginated) list of logs for a given work request.

Parameters:
  • work_request_id (str) – (required) The ID of the asynchronous request.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • limit (int) – (optional) The maximum number of items to return.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type WorkRequestLogEntryCollection
Return type:

Response
Example:

Click here to see an example of how to use list_work_request_logs API.

list_work_requests(compartment_id, **kwargs)

Lists the work requests in a compartment.

Parameters:
  • compartment_id (str) – (required) The ID of the compartment in which to list resources.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • page (str) – (optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.
  • limit (int) – (optional) The maximum number of items to return.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type WorkRequestCollection
Return type:

Response
Example:

Click here to see an example of how to use list_work_requests API.

update_container_scan_recipe(container_scan_recipe_id, update_container_scan_recipe_details, **kwargs)

Updates the ContainerScanRecipe identified by the recipe ID. A recipe determines the types of security issues that you want scanned.

Parameters:
  • container_scan_recipe_id (str) – (required) unique ContainerScanRecipe identifier
  • update_container_scan_recipe_details (oci.vulnerability_scanning.models.UpdateContainerScanRecipeDetails) – (required) The information to be updated.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use update_container_scan_recipe API.

update_container_scan_target(container_scan_target_id, update_container_scan_target_details, **kwargs)

Updates the ContainerScanTarget identified by the target ID. A container scan target specifies a group of one or more Docker image repositories in Oracle Cloud Infrastructure Registry (OCIR) that you want routinely scanned for security vulnerabilities.

Parameters:
  • container_scan_target_id (str) – (required) unique ContainerScanTarget identifier
  • update_container_scan_target_details (oci.vulnerability_scanning.models.UpdateContainerScanTargetDetails) – (required) The information to be updated.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use update_container_scan_target API.

update_host_scan_recipe(host_scan_recipe_id, update_host_scan_recipe_details, **kwargs)

Updates the HostScanRecipe identified by the recipe ID. A recipe determines the types of security issues that you want scanned, and how often to scan.

Parameters:
  • host_scan_recipe_id (str) – (required) unique HostScanRecipe identifier
  • update_host_scan_recipe_details (oci.vulnerability_scanning.models.UpdateHostScanRecipeDetails) – (required) The information to be updated.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use update_host_scan_recipe API.

update_host_scan_target(host_scan_target_id, update_host_scan_target_details, **kwargs)

Updates the HostScanTarget identified by the target ID. A host scan target is a collection of compute instances that you want routinely scanned for security vulnerabilities.

Parameters:
  • host_scan_target_id (str) – (required) unique HostScanTarget identifier
  • update_host_scan_target_details (oci.vulnerability_scanning.models.UpdateHostScanTargetDetails) – (required) The information to be updated.
  • if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
  • opc_request_id (str) – (optional) The client request ID for tracing.
  • retry_strategy (obj) –

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

  • allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings
Returns:

A Response object with data of type None
Return type:

Response
Example:

Click here to see an example of how to use update_host_scan_target API.