Data Source: oci_vulnerability_scanning_host_scan_recipes
This data source provides the list of Host Scan Recipes in Oracle Cloud Infrastructure Vulnerability Scanning service.
Retrieves a list of HostScanRecipeSummary objects in a compartment. A recipe determines the types of security issues that you want scanned, and how often to scan.
Example Usage
data "oci_vulnerability_scanning_host_scan_recipes" "test_host_scan_recipes" {
#Required
compartment_id = var.compartment_id
#Optional
display_name = var.host_scan_recipe_display_name
state = var.host_scan_recipe_state
}
Argument Reference
The following arguments are supported:
compartment_id- (Required) The ID of the compartment in which to list resources.display_name- (Optional) A filter to return only resources that match the entire display name given.state- (Optional) A filter to return only resources whose lifecycleState matches the given lifecycleState.
Attributes Reference
The following attributes are exported:
host_scan_recipe_summary_collection- The list of host_scan_recipe_summary_collection.
HostScanRecipe Reference
The following attributes are exported:
agent_settings- Agent scan settings for a host scanagent_configuration- Agent configuration for host scan agent settings. This model is polymorphic, presenting different configuration options based on selected agent vendor.cis_benchmark_settings- CIS (Center for Internet Security) Benchmark scan settings for a host scanscan_level- The level of strictness to apply for CIS Benchmarks. Use ‘NONE’ to disable CIS Benchmark checks entirely.
endpoint_protection_settings- Endpoint Protection scan settings for a host scanscan_level- The scan level. Use ‘NONE’ to disable Endpoint Protection checks entirely.
should_un_install- Boolean flag letting agent know if it should un-install the Qualys agent when it is stopped.vault_secret_id- Vault secret OCID which stores license information. Content inside this secret in vault would be base64 string containing information about customer’s Qualys susbcription license.vendor- Vendor to use for the host scan agent.vendor_type- Vendor to use for the host scan agent.
scan_level- The scan level
application_settings- Agent scan settings for an application scan (as a part of a host scan)application_scan_recurrence- Scan recurrences in RFC-5545 section 3.3.10 format. Only supported input are weekly, biweekly, monthly listed below FREQ=WEEKLY;WKST=;INTERVAL=1 - This weekly scan on the specified weekday (e.g. SU for Sunday) FREQ=WEEKLY;WKST= ;INTERVAL=2 - This bi-weekly scan on the specified weekday (e.g. SU for Sunday) FREQ=MONTHLY;WKST= ;INTERVAL=1 - This monthly scan on the specified weekday (e.g. SU for Sunday, starting from the next such weekday based on the time of setting creation) folders_to_scan- List of folders selected for scanningfolder- Folder to be scanned in the corresponding operating systemoperatingsystem- Operating system type
is_enabled- Enable or disable application scan
compartment_id- Compartment ID of the scan recipedefined_tags- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:{"foo-namespace.bar-key": "value"}display_name- Recipe identifier, which can be renamedfreeform_tags- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:{"bar-key": "value"}id- Unique identifier of the config that is immutable on creationport_settings- Port scan settings for a host scanscan_level- The scan level
schedule- A scanning scheduleday_of_week- Day of week the scheduled scan occurs (not applicable for DAILY type)type- How often the scan occurs
state- The current state of the config.system_tags- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:{"orcl-cloud.free-tier-retained": "true"}time_created- Date and time the recipe was created, format as described in RFC 3339time_updated- Date and time the recipe was last updated, format as described in RFC 3339