pulumi-oci 1.19.0a1705693078__py3-none-any.whl → 1.20.0__py3-none-any.whl

pulumi_oci/adm/remediation_recipe.py

@@ -472,6 +472,7 @@ class RemediationRecipe(pulumi.CustomResource):
                 exclusions=var["remediation_recipe_detect_configuration_exclusions"],
                 max_permissible_cvss_v2score=var["remediation_recipe_detect_configuration_max_permissible_cvss_v2score"],
                 max_permissible_cvss_v3score=var["remediation_recipe_detect_configuration_max_permissible_cvss_v3score"],
+                max_permissible_severity=var["remediation_recipe_detect_configuration_max_permissible_severity"],
                 upgrade_policy=var["remediation_recipe_detect_configuration_upgrade_policy"],
             ),
             is_run_triggered_on_kb_change=var["remediation_recipe_is_run_triggered_on_kb_change"],
@@ -561,6 +562,7 @@ class RemediationRecipe(pulumi.CustomResource):
                 exclusions=var["remediation_recipe_detect_configuration_exclusions"],
                 max_permissible_cvss_v2score=var["remediation_recipe_detect_configuration_max_permissible_cvss_v2score"],
                 max_permissible_cvss_v3score=var["remediation_recipe_detect_configuration_max_permissible_cvss_v3score"],
+                max_permissible_severity=var["remediation_recipe_detect_configuration_max_permissible_severity"],
                 upgrade_policy=var["remediation_recipe_detect_configuration_upgrade_policy"],
             ),
             is_run_triggered_on_kb_change=var["remediation_recipe_is_run_triggered_on_kb_change"],

pulumi_oci/adm/vulnerability_audit.py

@@ -16,9 +16,9 @@ __all__ = ['VulnerabilityAuditArgs', 'VulnerabilityAudit']
 @pulumi.input_type
 class VulnerabilityAuditArgs:
     def __init__(__self__, *,
-                 build_type: pulumi.Input[str],
                  knowledge_base_id: pulumi.Input[str],
                  application_dependencies: Optional[pulumi.Input[Sequence[pulumi.Input['VulnerabilityAuditApplicationDependencyArgs']]]] = None,
+                 build_type: Optional[pulumi.Input[str]] = None,
                  compartment_id: Optional[pulumi.Input[str]] = None,
                  configuration: Optional[pulumi.Input['VulnerabilityAuditConfigurationArgs']] = None,
                  defined_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
@@ -28,21 +28,22 @@ class VulnerabilityAuditArgs:
                  usage_data: Optional[pulumi.Input['VulnerabilityAuditUsageDataArgs']] = None):
         """
         The set of arguments for constructing a VulnerabilityAudit resource.
-        :param pulumi.Input[str] build_type: The type of the build tool.
         :param pulumi.Input[str] knowledge_base_id: The Oracle Cloud identifier ([OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm)) of the knowledge base.
         :param pulumi.Input[Sequence[pulumi.Input['VulnerabilityAuditApplicationDependencyArgs']]] application_dependencies: List of application dependencies (without vulnerabilities).
+        :param pulumi.Input[str] build_type: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
         :param pulumi.Input[str] compartment_id: (Updatable) The compartment Oracle Cloud identifier ([OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm)) of the vulnerability audit.  If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
         :param pulumi.Input['VulnerabilityAuditConfigurationArgs'] configuration: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in `exclusions`, or all of the associated Vulnerabilies have a CVSS v2 score below `maxPermissibleCvssV2Score` and a CVSS v3 score below `maxPermissibleCvssV3Score`. type: object
         :param pulumi.Input[Mapping[str, Any]] defined_tags: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}`
         :param pulumi.Input[str] display_name: (Updatable) The name of the vulnerability audit.
         :param pulumi.Input[Mapping[str, Any]] freeform_tags: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: `{"bar-key": "value"}`
         :param pulumi.Input['VulnerabilityAuditSourceArgs'] source: vulnerability audit source.
-        :param pulumi.Input['VulnerabilityAuditUsageDataArgs'] usage_data: The source details of the usage data on Object Storage. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
+        :param pulumi.Input['VulnerabilityAuditUsageDataArgs'] usage_data: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
         """
-        pulumi.set(__self__, "build_type", build_type)
         pulumi.set(__self__, "knowledge_base_id", knowledge_base_id)
         if application_dependencies is not None:
             pulumi.set(__self__, "application_dependencies", application_dependencies)
+        if build_type is not None:
+            pulumi.set(__self__, "build_type", build_type)
         if compartment_id is not None:
             pulumi.set(__self__, "compartment_id", compartment_id)
         if configuration is not None:
@@ -58,18 +59,6 @@ class VulnerabilityAuditArgs:
         if usage_data is not None:
             pulumi.set(__self__, "usage_data", usage_data)
 
-    @property
-    @pulumi.getter(name="buildType")
-    def build_type(self) -> pulumi.Input[str]:
-        """
-        The type of the build tool.
-        """
-        return pulumi.get(self, "build_type")
-
-    @build_type.setter
-    def build_type(self, value: pulumi.Input[str]):
-        pulumi.set(self, "build_type", value)
-
     @property
     @pulumi.getter(name="knowledgeBaseId")
     def knowledge_base_id(self) -> pulumi.Input[str]:
@@ -94,6 +83,18 @@ class VulnerabilityAuditArgs:
     def application_dependencies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['VulnerabilityAuditApplicationDependencyArgs']]]]):
         pulumi.set(self, "application_dependencies", value)
 
+    @property
+    @pulumi.getter(name="buildType")
+    def build_type(self) -> Optional[pulumi.Input[str]]:
+        """
+        The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
+        """
+        return pulumi.get(self, "build_type")
+
+    @build_type.setter
+    def build_type(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "build_type", value)
+
     @property
     @pulumi.getter(name="compartmentId")
     def compartment_id(self) -> Optional[pulumi.Input[str]]:
@@ -170,7 +171,7 @@ class VulnerabilityAuditArgs:
     @pulumi.getter(name="usageData")
     def usage_data(self) -> Optional[pulumi.Input['VulnerabilityAuditUsageDataArgs']]:
         """
-        The source details of the usage data on Object Storage. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
+        The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
         """
         return pulumi.get(self, "usage_data")
 
@@ -196,6 +197,8 @@ class _VulnerabilityAuditState:
                  max_observed_cvss_v2score_with_ignored: Optional[pulumi.Input[float]] = None,
                  max_observed_cvss_v3score: Optional[pulumi.Input[float]] = None,
                  max_observed_cvss_v3score_with_ignored: Optional[pulumi.Input[float]] = None,
+                 max_observed_severity: Optional[pulumi.Input[str]] = None,
+                 max_observed_severity_with_ignored: Optional[pulumi.Input[str]] = None,
                  source: Optional[pulumi.Input['VulnerabilityAuditSourceArgs']] = None,
                  state: Optional[pulumi.Input[str]] = None,
                  system_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
@@ -208,7 +211,7 @@ class _VulnerabilityAuditState:
         """
         Input properties used for looking up and filtering VulnerabilityAudit resources.
         :param pulumi.Input[Sequence[pulumi.Input['VulnerabilityAuditApplicationDependencyArgs']]] application_dependencies: List of application dependencies (without vulnerabilities).
-        :param pulumi.Input[str] build_type: The type of the build tool.
+        :param pulumi.Input[str] build_type: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
         :param pulumi.Input[str] compartment_id: (Updatable) The compartment Oracle Cloud identifier ([OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm)) of the vulnerability audit.  If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
         :param pulumi.Input['VulnerabilityAuditConfigurationArgs'] configuration: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in `exclusions`, or all of the associated Vulnerabilies have a CVSS v2 score below `maxPermissibleCvssV2Score` and a CVSS v3 score below `maxPermissibleCvssV3Score`. type: object
         :param pulumi.Input[Mapping[str, Any]] defined_tags: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}`
@@ -221,13 +224,15 @@ class _VulnerabilityAuditState:
         :param pulumi.Input[float] max_observed_cvss_v2score_with_ignored: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
         :param pulumi.Input[float] max_observed_cvss_v3score: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
         :param pulumi.Input[float] max_observed_cvss_v3score_with_ignored: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
+        :param pulumi.Input[str] max_observed_severity: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
+        :param pulumi.Input[str] max_observed_severity_with_ignored: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
         :param pulumi.Input['VulnerabilityAuditSourceArgs'] source: vulnerability audit source.
         :param pulumi.Input[str] state: The current lifecycle state of the vulnerability audit.
         :param pulumi.Input[Mapping[str, Any]] system_tags: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: `{"orcl-cloud.free-tier-retained": "true"}`
         :param pulumi.Input[str] time_created: The creation date and time of the vulnerability audit (formatted according to [RFC3339](https://datatracker.ietf.org/doc/html/rfc3339)).
         :param pulumi.Input[str] time_updated: The update date and time of the vulnerability audit (formatted according to [RFC3339](https://datatracker.ietf.org/doc/html/rfc3339)).
-        :param pulumi.Input['VulnerabilityAuditUsageDataArgs'] usage_data: The source details of the usage data on Object Storage. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
-        :param pulumi.Input[Sequence[pulumi.Input['VulnerabilityAuditVulnerabilityArgs']]] vulnerabilities: List of vulnerabilities found in the vulnerability audit.
+        :param pulumi.Input['VulnerabilityAuditUsageDataArgs'] usage_data: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
+        :param pulumi.Input[Sequence[pulumi.Input['VulnerabilityAuditVulnerabilityArgs']]] vulnerabilities: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
         :param pulumi.Input[int] vulnerable_artifacts_count: Count of non-ignored vulnerable application dependencies.
         :param pulumi.Input[int] vulnerable_artifacts_count_with_ignored: Count of all vulnerable application dependencies.
         """
@@ -259,6 +264,10 @@ class _VulnerabilityAuditState:
             pulumi.set(__self__, "max_observed_cvss_v3score", max_observed_cvss_v3score)
         if max_observed_cvss_v3score_with_ignored is not None:
             pulumi.set(__self__, "max_observed_cvss_v3score_with_ignored", max_observed_cvss_v3score_with_ignored)
+        if max_observed_severity is not None:
+            pulumi.set(__self__, "max_observed_severity", max_observed_severity)
+        if max_observed_severity_with_ignored is not None:
+            pulumi.set(__self__, "max_observed_severity_with_ignored", max_observed_severity_with_ignored)
         if source is not None:
             pulumi.set(__self__, "source", source)
         if state is not None:
@@ -294,7 +303,7 @@ class _VulnerabilityAuditState:
     @pulumi.getter(name="buildType")
     def build_type(self) -> Optional[pulumi.Input[str]]:
         """
-        The type of the build tool.
+        The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
         """
         return pulumi.get(self, "build_type")
 
@@ -446,6 +455,30 @@ class _VulnerabilityAuditState:
     def max_observed_cvss_v3score_with_ignored(self, value: Optional[pulumi.Input[float]]):
         pulumi.set(self, "max_observed_cvss_v3score_with_ignored", value)
 
+    @property
+    @pulumi.getter(name="maxObservedSeverity")
+    def max_observed_severity(self) -> Optional[pulumi.Input[str]]:
+        """
+        Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
+        """
+        return pulumi.get(self, "max_observed_severity")
+
+    @max_observed_severity.setter
+    def max_observed_severity(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "max_observed_severity", value)
+
+    @property
+    @pulumi.getter(name="maxObservedSeverityWithIgnored")
+    def max_observed_severity_with_ignored(self) -> Optional[pulumi.Input[str]]:
+        """
+        Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
+        """
+        return pulumi.get(self, "max_observed_severity_with_ignored")
+
+    @max_observed_severity_with_ignored.setter
+    def max_observed_severity_with_ignored(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "max_observed_severity_with_ignored", value)
+
     @property
     @pulumi.getter
     def source(self) -> Optional[pulumi.Input['VulnerabilityAuditSourceArgs']]:
@@ -510,7 +543,7 @@ class _VulnerabilityAuditState:
     @pulumi.getter(name="usageData")
     def usage_data(self) -> Optional[pulumi.Input['VulnerabilityAuditUsageDataArgs']]:
         """
-        The source details of the usage data on Object Storage. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
+        The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
         """
         return pulumi.get(self, "usage_data")
 
@@ -522,7 +555,7 @@ class _VulnerabilityAuditState:
     @pulumi.getter
     def vulnerabilities(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['VulnerabilityAuditVulnerabilityArgs']]]]:
         """
-        List of vulnerabilities found in the vulnerability audit.
+        List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
         """
         return pulumi.get(self, "vulnerabilities")
 
@@ -583,18 +616,20 @@ class VulnerabilityAudit(pulumi.CustomResource):
         import pulumi_oci as oci
 
         test_vulnerability_audit = oci.adm.VulnerabilityAudit("testVulnerabilityAudit",
-            build_type=var["vulnerability_audit_build_type"],
             knowledge_base_id=oci_adm_knowledge_base["test_knowledge_base"]["id"],
             application_dependencies=[oci.adm.VulnerabilityAuditApplicationDependencyArgs(
-                gav=var["vulnerability_audit_application_dependencies_gav"],
                 node_id=oci_adm_node["test_node"]["id"],
                 application_dependency_node_ids=var["vulnerability_audit_application_dependencies_application_dependency_node_ids"],
+                gav=var["vulnerability_audit_application_dependencies_gav"],
+                purl=var["vulnerability_audit_application_dependencies_purl"],
             )],
+            build_type=var["vulnerability_audit_build_type"],
             compartment_id=var["compartment_id"],
             configuration=oci.adm.VulnerabilityAuditConfigurationArgs(
                 exclusions=var["vulnerability_audit_configuration_exclusions"],
                 max_permissible_cvss_v2score=var["vulnerability_audit_configuration_max_permissible_cvss_v2score"],
                 max_permissible_cvss_v3score=var["vulnerability_audit_configuration_max_permissible_cvss_v3score"],
+                max_permissible_severity=var["vulnerability_audit_configuration_max_permissible_severity"],
             ),
             defined_tags={
                 "foo-namespace.bar-key": "value",
@@ -627,7 +662,7 @@ class VulnerabilityAudit(pulumi.CustomResource):
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['VulnerabilityAuditApplicationDependencyArgs']]]] application_dependencies: List of application dependencies (without vulnerabilities).
-        :param pulumi.Input[str] build_type: The type of the build tool.
+        :param pulumi.Input[str] build_type: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
         :param pulumi.Input[str] compartment_id: (Updatable) The compartment Oracle Cloud identifier ([OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm)) of the vulnerability audit.  If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
         :param pulumi.Input[pulumi.InputType['VulnerabilityAuditConfigurationArgs']] configuration: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in `exclusions`, or all of the associated Vulnerabilies have a CVSS v2 score below `maxPermissibleCvssV2Score` and a CVSS v3 score below `maxPermissibleCvssV3Score`. type: object
         :param pulumi.Input[Mapping[str, Any]] defined_tags: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}`
@@ -635,7 +670,7 @@ class VulnerabilityAudit(pulumi.CustomResource):
         :param pulumi.Input[Mapping[str, Any]] freeform_tags: (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: `{"bar-key": "value"}`
         :param pulumi.Input[str] knowledge_base_id: The Oracle Cloud identifier ([OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm)) of the knowledge base.
         :param pulumi.Input[pulumi.InputType['VulnerabilityAuditSourceArgs']] source: vulnerability audit source.
-        :param pulumi.Input[pulumi.InputType['VulnerabilityAuditUsageDataArgs']] usage_data: The source details of the usage data on Object Storage. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
+        :param pulumi.Input[pulumi.InputType['VulnerabilityAuditUsageDataArgs']] usage_data: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
         """
         ...
     @overload
@@ -655,18 +690,20 @@ class VulnerabilityAudit(pulumi.CustomResource):
         import pulumi_oci as oci
 
         test_vulnerability_audit = oci.adm.VulnerabilityAudit("testVulnerabilityAudit",
-            build_type=var["vulnerability_audit_build_type"],
             knowledge_base_id=oci_adm_knowledge_base["test_knowledge_base"]["id"],
             application_dependencies=[oci.adm.VulnerabilityAuditApplicationDependencyArgs(
-                gav=var["vulnerability_audit_application_dependencies_gav"],
                 node_id=oci_adm_node["test_node"]["id"],
                 application_dependency_node_ids=var["vulnerability_audit_application_dependencies_application_dependency_node_ids"],
+                gav=var["vulnerability_audit_application_dependencies_gav"],
+                purl=var["vulnerability_audit_application_dependencies_purl"],
             )],
+            build_type=var["vulnerability_audit_build_type"],
             compartment_id=var["compartment_id"],
             configuration=oci.adm.VulnerabilityAuditConfigurationArgs(
                 exclusions=var["vulnerability_audit_configuration_exclusions"],
                 max_permissible_cvss_v2score=var["vulnerability_audit_configuration_max_permissible_cvss_v2score"],
                 max_permissible_cvss_v3score=var["vulnerability_audit_configuration_max_permissible_cvss_v3score"],
+                max_permissible_severity=var["vulnerability_audit_configuration_max_permissible_severity"],
             ),
             defined_tags={
                 "foo-namespace.bar-key": "value",
@@ -731,8 +768,6 @@ class VulnerabilityAudit(pulumi.CustomResource):
             __props__ = VulnerabilityAuditArgs.__new__(VulnerabilityAuditArgs)
 
             __props__.__dict__["application_dependencies"] = application_dependencies
-            if build_type is None and not opts.urn:
-                raise TypeError("Missing required property 'build_type'")
             __props__.__dict__["build_type"] = build_type
             __props__.__dict__["compartment_id"] = compartment_id
             __props__.__dict__["configuration"] = configuration
@@ -750,6 +785,8 @@ class VulnerabilityAudit(pulumi.CustomResource):
             __props__.__dict__["max_observed_cvss_v2score_with_ignored"] = None
             __props__.__dict__["max_observed_cvss_v3score"] = None
             __props__.__dict__["max_observed_cvss_v3score_with_ignored"] = None
+            __props__.__dict__["max_observed_severity"] = None
+            __props__.__dict__["max_observed_severity_with_ignored"] = None
             __props__.__dict__["state"] = None
             __props__.__dict__["system_tags"] = None
             __props__.__dict__["time_created"] = None
@@ -781,6 +818,8 @@ class VulnerabilityAudit(pulumi.CustomResource):
             max_observed_cvss_v2score_with_ignored: Optional[pulumi.Input[float]] = None,
             max_observed_cvss_v3score: Optional[pulumi.Input[float]] = None,
             max_observed_cvss_v3score_with_ignored: Optional[pulumi.Input[float]] = None,
+            max_observed_severity: Optional[pulumi.Input[str]] = None,
+            max_observed_severity_with_ignored: Optional[pulumi.Input[str]] = None,
             source: Optional[pulumi.Input[pulumi.InputType['VulnerabilityAuditSourceArgs']]] = None,
             state: Optional[pulumi.Input[str]] = None,
             system_tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
@@ -798,7 +837,7 @@ class VulnerabilityAudit(pulumi.CustomResource):
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['VulnerabilityAuditApplicationDependencyArgs']]]] application_dependencies: List of application dependencies (without vulnerabilities).
-        :param pulumi.Input[str] build_type: The type of the build tool.
+        :param pulumi.Input[str] build_type: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
         :param pulumi.Input[str] compartment_id: (Updatable) The compartment Oracle Cloud identifier ([OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm)) of the vulnerability audit.  If compartment identifier is not provided the compartment of the associated knowledge base will be used instead.
         :param pulumi.Input[pulumi.InputType['VulnerabilityAuditConfigurationArgs']] configuration: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in `exclusions`, or all of the associated Vulnerabilies have a CVSS v2 score below `maxPermissibleCvssV2Score` and a CVSS v3 score below `maxPermissibleCvssV3Score`. type: object
         :param pulumi.Input[Mapping[str, Any]] defined_tags: (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: `{"foo-namespace.bar-key": "value"}`
@@ -811,13 +850,15 @@ class VulnerabilityAudit(pulumi.CustomResource):
         :param pulumi.Input[float] max_observed_cvss_v2score_with_ignored: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
         :param pulumi.Input[float] max_observed_cvss_v3score: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
         :param pulumi.Input[float] max_observed_cvss_v3score_with_ignored: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
+        :param pulumi.Input[str] max_observed_severity: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
+        :param pulumi.Input[str] max_observed_severity_with_ignored: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
         :param pulumi.Input[pulumi.InputType['VulnerabilityAuditSourceArgs']] source: vulnerability audit source.
         :param pulumi.Input[str] state: The current lifecycle state of the vulnerability audit.
         :param pulumi.Input[Mapping[str, Any]] system_tags: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: `{"orcl-cloud.free-tier-retained": "true"}`
         :param pulumi.Input[str] time_created: The creation date and time of the vulnerability audit (formatted according to [RFC3339](https://datatracker.ietf.org/doc/html/rfc3339)).
         :param pulumi.Input[str] time_updated: The update date and time of the vulnerability audit (formatted according to [RFC3339](https://datatracker.ietf.org/doc/html/rfc3339)).
-        :param pulumi.Input[pulumi.InputType['VulnerabilityAuditUsageDataArgs']] usage_data: The source details of the usage data on Object Storage. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
-        :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['VulnerabilityAuditVulnerabilityArgs']]]] vulnerabilities: List of vulnerabilities found in the vulnerability audit.
+        :param pulumi.Input[pulumi.InputType['VulnerabilityAuditUsageDataArgs']] usage_data: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
+        :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['VulnerabilityAuditVulnerabilityArgs']]]] vulnerabilities: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
         :param pulumi.Input[int] vulnerable_artifacts_count: Count of non-ignored vulnerable application dependencies.
         :param pulumi.Input[int] vulnerable_artifacts_count_with_ignored: Count of all vulnerable application dependencies.
         """
@@ -839,6 +880,8 @@ class VulnerabilityAudit(pulumi.CustomResource):
         __props__.__dict__["max_observed_cvss_v2score_with_ignored"] = max_observed_cvss_v2score_with_ignored
         __props__.__dict__["max_observed_cvss_v3score"] = max_observed_cvss_v3score
         __props__.__dict__["max_observed_cvss_v3score_with_ignored"] = max_observed_cvss_v3score_with_ignored
+        __props__.__dict__["max_observed_severity"] = max_observed_severity
+        __props__.__dict__["max_observed_severity_with_ignored"] = max_observed_severity_with_ignored
         __props__.__dict__["source"] = source
         __props__.__dict__["state"] = state
         __props__.__dict__["system_tags"] = system_tags
@@ -862,7 +905,7 @@ class VulnerabilityAudit(pulumi.CustomResource):
     @pulumi.getter(name="buildType")
     def build_type(self) -> pulumi.Output[str]:
         """
-        The type of the build tool.
+        The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
         """
         return pulumi.get(self, "build_type")
 
@@ -962,6 +1005,22 @@ class VulnerabilityAudit(pulumi.CustomResource):
         """
         return pulumi.get(self, "max_observed_cvss_v3score_with_ignored")
 
+    @property
+    @pulumi.getter(name="maxObservedSeverity")
+    def max_observed_severity(self) -> pulumi.Output[str]:
+        """
+        Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
+        """
+        return pulumi.get(self, "max_observed_severity")
+
+    @property
+    @pulumi.getter(name="maxObservedSeverityWithIgnored")
+    def max_observed_severity_with_ignored(self) -> pulumi.Output[str]:
+        """
+        Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
+        """
+        return pulumi.get(self, "max_observed_severity_with_ignored")
+
     @property
     @pulumi.getter
     def source(self) -> pulumi.Output['outputs.VulnerabilityAuditSource']:
@@ -1006,7 +1065,7 @@ class VulnerabilityAudit(pulumi.CustomResource):
     @pulumi.getter(name="usageData")
     def usage_data(self) -> pulumi.Output['outputs.VulnerabilityAuditUsageData']:
         """
-        The source details of the usage data on Object Storage. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
+        The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set `sourceType` to `objectStorageTuple` and use [UsageDataViaObjectStorageTupleDetails](https://docs.cloud.oracle.com/iaas/api/#/en/adm/latest/requests/UsageDataViaObjectStorageTupleDetails) when specifying the namespace, bucket name, and object name.
         """
         return pulumi.get(self, "usage_data")
 
@@ -1014,7 +1073,7 @@ class VulnerabilityAudit(pulumi.CustomResource):
     @pulumi.getter
     def vulnerabilities(self) -> pulumi.Output[Sequence['outputs.VulnerabilityAuditVulnerability']]:
         """
-        List of vulnerabilities found in the vulnerability audit.
+        List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
         """
         return pulumi.get(self, "vulnerabilities")
 

pulumi_oci/database/__init__.py

@@ -161,6 +161,7 @@ from .get_oneoff_patch import *
 from .get_oneoff_patches import *
 from .get_pluggable_database import *
 from .get_pluggable_databases import *
+from .get_system_versions import *
 from .get_vm_cluster import *
 from .get_vm_cluster_network import *
 from .get_vm_cluster_network_download_config_file import *

pulumi_oci/database/_inputs.py

@@ -215,6 +215,7 @@ __all__ = [
     'GetManagedPreferredCredentialsFilterArgs',
     'GetOneoffPatchesFilterArgs',
     'GetPluggableDatabasesFilterArgs',
+    'GetSystemVersionsFilterArgs',
     'GetVmClusterNetworksFilterArgs',
     'GetVmClusterPatchHistoryEntriesFilterArgs',
     'GetVmClusterPatchesFilterArgs',
@@ -13035,6 +13036,45 @@ class GetPluggableDatabasesFilterArgs:
         pulumi.set(self, "regex", value)
 
 
+@pulumi.input_type
+class GetSystemVersionsFilterArgs:
+    def __init__(__self__, *,
+                 name: str,
+                 values: Sequence[str],
+                 regex: Optional[bool] = None):
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+        if regex is not None:
+            pulumi.set(__self__, "regex", regex)
+
+    @property
+    @pulumi.getter
+    def name(self) -> str:
+        return pulumi.get(self, "name")
+
+    @name.setter
+    def name(self, value: str):
+        pulumi.set(self, "name", value)
+
+    @property
+    @pulumi.getter
+    def values(self) -> Sequence[str]:
+        return pulumi.get(self, "values")
+
+    @values.setter
+    def values(self, value: Sequence[str]):
+        pulumi.set(self, "values", value)
+
+    @property
+    @pulumi.getter
+    def regex(self) -> Optional[bool]:
+        return pulumi.get(self, "regex")
+
+    @regex.setter
+    def regex(self, value: Optional[bool]):
+        pulumi.set(self, "regex", value)
+
+
 @pulumi.input_type
 class GetVmClusterNetworksFilterArgs:
     def __init__(__self__, *,

pulumi_oci/database/cloud_vm_cluster.py

@@ -45,6 +45,7 @@ class CloudVmClusterArgs:
                  private_zone_id: Optional[pulumi.Input[str]] = None,
                  scan_listener_port_tcp: Optional[pulumi.Input[int]] = None,
                  scan_listener_port_tcp_ssl: Optional[pulumi.Input[int]] = None,
+                 system_version: Optional[pulumi.Input[str]] = None,
                  time_zone: Optional[pulumi.Input[str]] = None):
         """
         The set of arguments for constructing a CloudVmCluster resource.
@@ -88,6 +89,7 @@ class CloudVmClusterArgs:
         :param pulumi.Input[str] private_zone_id: The private zone id in which DNS records need to be created.
         :param pulumi.Input[int] scan_listener_port_tcp: The TCP Single Client Access Name (SCAN) port. The default port is 1521.
         :param pulumi.Input[int] scan_listener_port_tcp_ssl: The TCPS Single Client Access Name (SCAN) port. The default port is 2484.
+        :param pulumi.Input[str] system_version: Operating system version of the image.
         :param pulumi.Input[str] time_zone: The time zone to use for the cloud VM cluster. For details, see [Time Zones](https://docs.cloud.oracle.com/iaas/Content/Database/References/timezones.htm). 
                
                
@@ -143,6 +145,8 @@ class CloudVmClusterArgs:
             pulumi.set(__self__, "scan_listener_port_tcp", scan_listener_port_tcp)
         if scan_listener_port_tcp_ssl is not None:
             pulumi.set(__self__, "scan_listener_port_tcp_ssl", scan_listener_port_tcp_ssl)
+        if system_version is not None:
+            pulumi.set(__self__, "system_version", system_version)
         if time_zone is not None:
             pulumi.set(__self__, "time_zone", time_zone)
 
@@ -503,6 +507,18 @@ class CloudVmClusterArgs:
     def scan_listener_port_tcp_ssl(self, value: Optional[pulumi.Input[int]]):
         pulumi.set(self, "scan_listener_port_tcp_ssl", value)
 
+    @property
+    @pulumi.getter(name="systemVersion")
+    def system_version(self) -> Optional[pulumi.Input[str]]:
+        """
+        Operating system version of the image.
+        """
+        return pulumi.get(self, "system_version")
+
+    @system_version.setter
+    def system_version(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "system_version", value)
+
     @property
     @pulumi.getter(name="timeZone")
     def time_zone(self) -> Optional[pulumi.Input[str]]:
@@ -1342,6 +1358,7 @@ class CloudVmCluster(pulumi.CustomResource):
                  scan_listener_port_tcp_ssl: Optional[pulumi.Input[int]] = None,
                  ssh_public_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  subnet_id: Optional[pulumi.Input[str]] = None,
+                 system_version: Optional[pulumi.Input[str]] = None,
                  time_zone: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
@@ -1390,6 +1407,7 @@ class CloudVmCluster(pulumi.CustomResource):
             private_zone_id=oci_dns_zone["test_zone"]["id"],
             scan_listener_port_tcp=var["cloud_vm_cluster_scan_listener_port_tcp"],
             scan_listener_port_tcp_ssl=var["cloud_vm_cluster_scan_listener_port_tcp_ssl"],
+            system_version=var["cloud_vm_cluster_system_version"],
             time_zone=var["cloud_vm_cluster_time_zone"])
         ```
 
@@ -1443,6 +1461,7 @@ class CloudVmCluster(pulumi.CustomResource):
         :param pulumi.Input[int] scan_listener_port_tcp_ssl: The TCPS Single Client Access Name (SCAN) port. The default port is 2484.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] ssh_public_keys: (Updatable) The public key portion of one or more key pairs used for SSH access to the cloud VM cluster.
         :param pulumi.Input[str] subnet_id: The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet associated with the cloud VM cluster.
+        :param pulumi.Input[str] system_version: Operating system version of the image.
         :param pulumi.Input[str] time_zone: The time zone to use for the cloud VM cluster. For details, see [Time Zones](https://docs.cloud.oracle.com/iaas/Content/Database/References/timezones.htm). 
                
                
@@ -1501,6 +1520,7 @@ class CloudVmCluster(pulumi.CustomResource):
             private_zone_id=oci_dns_zone["test_zone"]["id"],
             scan_listener_port_tcp=var["cloud_vm_cluster_scan_listener_port_tcp"],
             scan_listener_port_tcp_ssl=var["cloud_vm_cluster_scan_listener_port_tcp_ssl"],
+            system_version=var["cloud_vm_cluster_system_version"],
             time_zone=var["cloud_vm_cluster_time_zone"])
         ```
 
@@ -1556,6 +1576,7 @@ class CloudVmCluster(pulumi.CustomResource):
                  scan_listener_port_tcp_ssl: Optional[pulumi.Input[int]] = None,
                  ssh_public_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  subnet_id: Optional[pulumi.Input[str]] = None,
+                 system_version: Optional[pulumi.Input[str]] = None,
                  time_zone: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
@@ -1613,6 +1634,7 @@ class CloudVmCluster(pulumi.CustomResource):
             if subnet_id is None and not opts.urn:
                 raise TypeError("Missing required property 'subnet_id'")
             __props__.__dict__["subnet_id"] = subnet_id
+            __props__.__dict__["system_version"] = system_version
             __props__.__dict__["time_zone"] = time_zone
             __props__.__dict__["availability_domain"] = None
             __props__.__dict__["disk_redundancy"] = None
@@ -1627,7 +1649,6 @@ class CloudVmCluster(pulumi.CustomResource):
             __props__.__dict__["shape"] = None
             __props__.__dict__["state"] = None
             __props__.__dict__["storage_size_in_gbs"] = None
-            __props__.__dict__["system_version"] = None
             __props__.__dict__["time_created"] = None
             __props__.__dict__["vip_ids"] = None
             __props__.__dict__["zone_id"] = None