This data source provides details about a specific Host Scan Recipe resource in Oracle Cloud Infrastructure Vulnerability Scanning service.
Retrieves a HostScanRecipe identified by the recipe ID. A recipe determines the types of security issues that you want scanned, and how often to scan.
data "oci_vulnerability_scanning_host_scan_recipe" "test_host_scan_recipe" {
#Required
host_scan_recipe_id = oci_vulnerability_scanning_host_scan_recipe.test_host_scan_recipe.id
}
The following arguments are supported:
host_scan_recipe_id
- (Required) unique HostScanRecipe identifierThe following attributes are exported:
agent_settings
- Agent scan settings for a host scan
agent_configuration
- Agent configuration for host scan agent settings. This model is polymorphic, presenting different configuration options based on selected agent vendor.
cis_benchmark_settings
- CIS (Center for Internet Security) Benchmark scan settings for a host scan
scan_level
- The level of strictness to apply for CIS Benchmarks. Use 'NONE' to disable CIS Benchmark checks entirely.endpoint_protection_settings
- Endpoint Protection scan settings for a host scan
scan_level
- The scan level. Use 'NONE' to disable Endpoint Protection checks entirely.should_un_install
- Boolean flag letting agent know if it should un-install the Qualys agent when it is stopped.vault_secret_id
- Vault secret OCID which stores license information. Content inside this secret in vault would be base64 string containing information about customer's Qualys susbcription license.vendor
- Vendor to use for the host scan agent.vendor_type
- Vendor to use for the host scan agent.scan_level
- The scan levelapplication_settings
- Agent scan settings for an application scan (as a part of a host scan)
application_scan_recurrence
- Scan recurrences in RFC-5545 section 3.3.10 format. Only supported input are weekly, biweekly, monthly listed below FREQ=WEEKLY;WKST=folders_to_scan
- List of folders selected for scanning
folder
- Folder to be scanned in the corresponding operating systemoperatingsystem
- Operating system typeis_enabled
- Enable or disable application scancompartment_id
- Compartment ID of the scan recipedefined_tags
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
display_name
- Recipe identifier, which can be renamedfreeform_tags
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
id
- Unique identifier of the config that is immutable on creationport_settings
- Port scan settings for a host scan
scan_level
- The scan levelschedule
- A scanning schedule
day_of_week
- Day of week the scheduled scan occurs (not applicable for DAILY type)type
- How often the scan occursstate
- The current state of the config.system_tags
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
time_created
- Date and time the recipe was created, format as described in RFC 3339time_updated
- Date and time the recipe was last updated, format as described in RFC 3339