blob: 4f3b956a063f3c741f5a56bd6f41fe6c759a1125 [file] [log] [blame]
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001<html><body>
2<style>
3
4body, h1, h2, h3, div, span, p, pre, a {
5 margin: 0;
6 padding: 0;
7 border: 0;
8 font-weight: inherit;
9 font-style: inherit;
10 font-size: 100%;
11 font-family: inherit;
12 vertical-align: baseline;
13}
14
15body {
16 font-size: 13px;
17 padding: 1em;
18}
19
20h1 {
21 font-size: 26px;
22 margin-bottom: 1em;
23}
24
25h2 {
26 font-size: 24px;
27 margin-bottom: 1em;
28}
29
30h3 {
31 font-size: 20px;
32 margin-bottom: 1em;
33 margin-top: 1em;
34}
35
36pre, code {
37 line-height: 1.5;
38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
39}
40
41pre {
42 margin-top: 0.5em;
43}
44
45h1, h2, h3, p {
46 font-family: Arial, sans serif;
47}
48
49h1, h2, h3 {
50 border-bottom: solid #CCC 1px;
51}
52
53.toc_element {
54 margin-top: 0.5em;
55}
56
57.firstline {
58 margin-left: 2 em;
59}
60
61.method {
62 margin-top: 1em;
63 border: solid 1px #CCC;
64 padding: 1em;
65 background: #EEE;
66}
67
68.details {
69 font-weight: bold;
70 font-size: 14px;
71}
72
73</style>
74
75<h1><a href="containeranalysis_v1alpha1.html">Container Analysis API</a> . <a href="containeranalysis_v1alpha1.projects.html">projects</a> . <a href="containeranalysis_v1alpha1.projects.notes.html">notes</a></h1>
76<h2>Instance Methods</h2>
77<p class="toc_element">
78 <code><a href="containeranalysis_v1alpha1.projects.notes.occurrences.html">occurrences()</a></code>
79</p>
80<p class="firstline">Returns the occurrences Resource.</p>
81
82<p class="toc_element">
Bu Sun Kimd059ad82020-07-22 17:02:09 -070083 <code><a href="#create">create(parent, body=None, noteId=None, name=None, x__xgafv=None)</a></code></p>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -070084<p class="firstline">Creates a new `Note`.</p>
85<p class="toc_element">
86 <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
87<p class="firstline">Deletes the given `Note` from the system.</p>
88<p class="toc_element">
89 <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
90<p class="firstline">Returns the requested `Note`.</p>
91<p class="toc_element">
92 <code><a href="#getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</a></code></p>
93<p class="firstline">Gets the access control policy for a note or an `Occurrence` resource.</p>
94<p class="toc_element">
Bu Sun Kimd059ad82020-07-22 17:02:09 -070095 <code><a href="#list">list(parent, filter=None, pageSize=None, name=None, pageToken=None, x__xgafv=None)</a></code></p>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -070096<p class="firstline">Lists all `Notes` for a given project.</p>
97<p class="toc_element">
98 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
99<p class="firstline">Retrieves the next page of results.</p>
100<p class="toc_element">
Dan O'Mearadd494642020-05-01 07:42:23 -0700101 <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700102<p class="firstline">Updates an existing `Note`.</p>
103<p class="toc_element">
Dan O'Mearadd494642020-05-01 07:42:23 -0700104 <code><a href="#setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</a></code></p>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700105<p class="firstline">Sets the access control policy on the specified `Note` or `Occurrence`.</p>
106<p class="toc_element">
Dan O'Mearadd494642020-05-01 07:42:23 -0700107 <code><a href="#testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</a></code></p>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700108<p class="firstline">Returns the permissions that a caller has on the specified note or</p>
109<h3>Method Details</h3>
110<div class="method">
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700111 <code class="details" id="create">create(parent, body=None, noteId=None, name=None, x__xgafv=None)</code>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700112 <pre>Creates a new `Note`.
113
114Args:
115 parent: string, This field contains the project Id for example:
Bu Sun Kim65020912020-05-20 12:08:20 -0700116&quot;projects/{project_id} (required)
Dan O'Mearadd494642020-05-01 07:42:23 -0700117 body: object, The request body.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700118 The object takes the form of:
119
120{ # Provides a detailed description of a `Note`.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700121 &quot;package&quot;: { # This represents a particular package that is distributed over # A note describing a package hosted by various package managers.
122 # various channels.
123 # e.g. glibc (aka libc6) is distributed by many, at various versions.
124 &quot;distribution&quot;: [ # The various channels by which a package is distributed.
125 { # This represents a particular channel of distribution for a given package.
126 # e.g. Debian&#x27;s jessie-backports dpkg mirror
127 &quot;latestVersion&quot;: { # Version contains structured information about the version of the package. # The latest available version of this package in
128 # this distribution channel.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700129 # For a discussion of this in Debian/Ubuntu:
130 # http://serverfault.com/questions/604541/debian-packages-version-convention
131 # For a discussion of this in Redhat/Fedora/Centos:
132 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
Bu Sun Kim65020912020-05-20 12:08:20 -0700133 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700134 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
Bu Sun Kim65020912020-05-20 12:08:20 -0700135 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700136 # If kind is not NORMAL, then the other fields are ignored.
Bu Sun Kim65020912020-05-20 12:08:20 -0700137 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700138 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700139 &quot;maintainer&quot;: &quot;A String&quot;, # A freeform string denoting the maintainer of this package.
140 &quot;architecture&quot;: &quot;A String&quot;, # The CPU architecture for which packages in this distribution
141 # channel were built
142 &quot;description&quot;: &quot;A String&quot;, # The distribution channel-specific description of this package.
143 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format](https://cpe.mitre.org/specification/)
144 # denoting the package manager version distributing a package.
145 &quot;url&quot;: &quot;A String&quot;, # The distribution channel-specific homepage for this package.
Bu Sun Kim65020912020-05-20 12:08:20 -0700146 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700147 ],
148 &quot;name&quot;: &quot;A String&quot;, # The name of the package.
Bu Sun Kim65020912020-05-20 12:08:20 -0700149 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700150 &quot;name&quot;: &quot;A String&quot;, # The name of the note in the form
151 # &quot;projects/{provider_project_id}/notes/{NOTE_ID}&quot;
Bu Sun Kim65020912020-05-20 12:08:20 -0700152 &quot;relatedUrl&quot;: [ # URLs associated with this note
153 { # Metadata for any related URL information
Bu Sun Kim65020912020-05-20 12:08:20 -0700154 &quot;label&quot;: &quot;A String&quot;, # Label to describe usage of the URL
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700155 &quot;url&quot;: &quot;A String&quot;, # Specific URL to associate with the note
Bu Sun Kim65020912020-05-20 12:08:20 -0700156 },
157 ],
158 &quot;expirationTime&quot;: &quot;A String&quot;, # Time of expiration for this note, null if note does not expire.
159 &quot;baseImage&quot;: { # Basis describes the base image portion (Note) of the DockerImage # A note describing a base image.
160 # relationship. Linked occurrences are derived from this or an
161 # equivalent image via:
162 # FROM &lt;Basis.resource_url&gt;
163 # Or an equivalent reference, e.g. a tag of the resource_url.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700164 &quot;resourceUrl&quot;: &quot;A String&quot;, # The resource_url for the resource representing the basis of
165 # associated occurrence images.
Bu Sun Kim65020912020-05-20 12:08:20 -0700166 &quot;fingerprint&quot;: { # A set of properties that uniquely identify a given Docker image. # The fingerprint of the base image.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700167 &quot;v2Name&quot;: &quot;A String&quot;, # Output only. The name of the image&#x27;s v2 blobs computed via:
168 # [bottom] := v2_blobbottom := sha256(v2_blob[N] + &quot; &quot; + v2_name[N+1])
169 # Only the name of the final blob is kept.
170 # This field can be used as a filter in list requests.
Bu Sun Kim65020912020-05-20 12:08:20 -0700171 &quot;v2Blob&quot;: [ # The ordered list of v2 blobs that represent a given image.
172 &quot;A String&quot;,
173 ],
174 &quot;v1Name&quot;: &quot;A String&quot;, # The layer-id of the final layer in the Docker image&#x27;s v1
175 # representation.
176 # This field can be used as a filter in list requests.
Bu Sun Kim65020912020-05-20 12:08:20 -0700177 },
Bu Sun Kim65020912020-05-20 12:08:20 -0700178 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700179 &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time this note was created. This field can be used as a
180 # filter in list requests.
181 &quot;vulnerabilityType&quot;: { # VulnerabilityType provides metadata about a security vulnerability. # A package vulnerability type of note.
182 &quot;details&quot;: [ # All information about the package to specifically identify this
183 # vulnerability. One entry per (version range and cpe_uri) the
184 # package vulnerability has manifested in.
185 { # Identifies all occurrences of this vulnerability in the package for a
186 # specific distro/location
187 # For example: glibc in cpe:/o:debian:debian_linux:8 for versions 2.1 - 2.2
188 &quot;isObsolete&quot;: True or False, # Whether this Detail is obsolete. Occurrences are expected not to point to
189 # obsolete details.
190 &quot;minAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The min version of the package in which the vulnerability exists.
191 # For a discussion of this in Debian/Ubuntu:
192 # http://serverfault.com/questions/604541/debian-packages-version-convention
193 # For a discussion of this in Redhat/Fedora/Centos:
194 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
195 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
196 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
197 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
198 # If kind is not NORMAL, then the other fields are ignored.
199 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
200 },
201 &quot;maxAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The max version of the package in which the vulnerability exists.
202 # For a discussion of this in Debian/Ubuntu:
203 # http://serverfault.com/questions/604541/debian-packages-version-convention
204 # For a discussion of this in Redhat/Fedora/Centos:
205 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
206 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
207 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
208 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
209 # If kind is not NORMAL, then the other fields are ignored.
210 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
211 },
212 &quot;packageType&quot;: &quot;A String&quot;, # The type of package; whether native or non native(ruby gems,
213 # node.js packages etc)
214 &quot;fixedLocation&quot;: { # The location of the vulnerability # The fix for this specific package version.
215 &quot;version&quot;: { # Version contains structured information about the version of the package. # The version of the package being described. This field can be used as a
216 # filter in list requests.
217 # For a discussion of this in Debian/Ubuntu:
218 # http://serverfault.com/questions/604541/debian-packages-version-convention
219 # For a discussion of this in Redhat/Fedora/Centos:
220 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
221 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
222 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
223 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
224 # If kind is not NORMAL, then the other fields are ignored.
225 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
226 },
227 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/)
228 # format. Examples include distro or storage location for vulnerable jar.
229 # This field can be used as a filter in list requests.
230 &quot;package&quot;: &quot;A String&quot;, # The package being described.
231 },
232 &quot;description&quot;: &quot;A String&quot;, # A vendor-specific description of this note.
233 &quot;package&quot;: &quot;A String&quot;, # The name of the package where the vulnerability was found.
234 # This field can be used as a filter in list requests.
235 &quot;severityName&quot;: &quot;A String&quot;, # The severity (eg: distro assigned severity) for this vulnerability.
236 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in
237 # which the vulnerability manifests. Examples include distro or storage
238 # location for vulnerable jar.
239 # This field can be used as a filter in list requests.
240 },
241 ],
242 &quot;severity&quot;: &quot;A String&quot;, # Note provider assigned impact of the vulnerability
243 &quot;cvssScore&quot;: 3.14, # The CVSS score for this Vulnerability.
244 },
Bu Sun Kim65020912020-05-20 12:08:20 -0700245 &quot;buildType&quot;: { # Note holding the version of the provider&#x27;s builder and the signature of # Build provenance type for a verifiable build.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700246 # the provenance message in linked BuildDetails.
Bu Sun Kim65020912020-05-20 12:08:20 -0700247 &quot;signature&quot;: { # Message encapsulating the signature of the verified build. # Signature of the build in Occurrences pointing to the Note containing this
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700248 # `BuilderDetails`.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700249 &quot;keyId&quot;: &quot;A String&quot;, # An Id for the key used to sign. This could be either an Id for the key
250 # stored in `public_key` (such as the Id or fingerprint for a PGP key, or the
251 # CN for a cert), or a reference to an external key (such as a reference to a
252 # key in Cloud Key Management Service).
253 &quot;signature&quot;: &quot;A String&quot;, # Signature of the related `BuildProvenance`, encoded in a base64 string.
254 &quot;keyType&quot;: &quot;A String&quot;, # The type of the key, either stored in `public_key` or referenced in
255 # `key_id`
Bu Sun Kim65020912020-05-20 12:08:20 -0700256 &quot;publicKey&quot;: &quot;A String&quot;, # Public key of the builder which can be used to verify that the related
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700257 # findings are valid and unchanged. If `key_type` is empty, this defaults
258 # to PEM encoded public keys.
259 #
260 # This field may be empty if `key_id` references an external key.
261 #
262 # For Cloud Build based signatures, this is a PEM encoded public
263 # key. To verify the Cloud Build signature, place the contents of
264 # this field into a file (public.pem). The signature field is base64-decoded
265 # into its binary representation in signature.bin, and the provenance bytes
266 # from `BuildDetails` are base64-decoded into a binary representation in
267 # signed.bin. OpenSSL can then verify the signature:
268 # `openssl sha256 -verify public.pem -signature signature.bin signed.bin`
Bu Sun Kim65020912020-05-20 12:08:20 -0700269 },
270 &quot;builderVersion&quot;: &quot;A String&quot;, # Version of the builder which produced this Note.
271 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700272 &quot;kind&quot;: &quot;A String&quot;, # Output only. This explicitly denotes which kind of note is specified. This
273 # field can be used as a filter in list requests.
Bu Sun Kim65020912020-05-20 12:08:20 -0700274 &quot;longDescription&quot;: &quot;A String&quot;, # A detailed description of this `Note`.
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700275 &quot;deployable&quot;: { # An artifact that can be deployed in some runtime. # A note describing something that can be deployed.
276 &quot;resourceUri&quot;: [ # Resource URI for the artifact being deployed.
277 &quot;A String&quot;,
278 ],
279 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700280 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The time this note was last updated. This field can be used as
281 # a filter in list requests.
Bu Sun Kim65020912020-05-20 12:08:20 -0700282 &quot;shortDescription&quot;: &quot;A String&quot;, # A one sentence description of this `Note`.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700283 &quot;discovery&quot;: { # A note that indicates a type of analysis a provider would perform. This note # A note describing a provider/analysis type.
284 # exists in a provider&#x27;s project. A `Discovery` occurrence is created in a
285 # consumer&#x27;s project at the start of analysis. The occurrence&#x27;s operation will
286 # indicate the status of the analysis. Absence of an occurrence linked to this
287 # note for a resource indicates that analysis hasn&#x27;t started.
288 &quot;analysisKind&quot;: &quot;A String&quot;, # The kind of analysis that is handled by this discovery.
289 },
Bu Sun Kim65020912020-05-20 12:08:20 -0700290 &quot;attestationAuthority&quot;: { # Note kind that represents a logical attestation &quot;role&quot; or &quot;authority&quot;. For # A note describing an attestation role.
291 # example, an organization might have one `AttestationAuthority` for &quot;QA&quot; and
292 # one for &quot;build&quot;. This Note is intended to act strictly as a grouping
293 # mechanism for the attached Occurrences (Attestations). This grouping
294 # mechanism also provides a security boundary, since IAM ACLs gate the ability
295 # for a principle to attach an Occurrence to a given Note. It also provides a
296 # single point of lookup to find all attached Attestation Occurrences, even if
297 # they don&#x27;t all live in the same project.
298 &quot;hint&quot;: { # This submessage provides human-readable hints about the purpose of the
299 # AttestationAuthority. Because the name of a Note acts as its resource
300 # reference, it is important to disambiguate the canonical name of the Note
301 # (which might be a UUID for security purposes) from &quot;readable&quot; names more
302 # suitable for debug output. Note that these hints should NOT be used to
303 # look up AttestationAuthorities in security sensitive contexts, such as when
304 # looking up Attestations to verify.
305 &quot;humanReadableName&quot;: &quot;A String&quot;, # The human readable name of this Attestation Authority, for example &quot;qa&quot;.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700306 },
307 },
Bu Sun Kim65020912020-05-20 12:08:20 -0700308 &quot;upgrade&quot;: { # An Upgrade Note represents a potential upgrade of a package to a given # A note describing an upgrade.
309 # version. For each package version combination (i.e. bash 4.0, bash 4.1,
310 # bash 4.1.2), there will be a Upgrade Note.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700311 &quot;package&quot;: &quot;A String&quot;, # Required - The package this Upgrade is for.
Bu Sun Kim65020912020-05-20 12:08:20 -0700312 &quot;version&quot;: { # Version contains structured information about the version of the package. # Required - The version of the package in machine + human readable form.
313 # For a discussion of this in Debian/Ubuntu:
314 # http://serverfault.com/questions/604541/debian-packages-version-convention
315 # For a discussion of this in Redhat/Fedora/Centos:
316 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
317 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700318 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
Bu Sun Kim65020912020-05-20 12:08:20 -0700319 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
320 # If kind is not NORMAL, then the other fields are ignored.
321 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
Bu Sun Kim65020912020-05-20 12:08:20 -0700322 },
323 &quot;distributions&quot;: [ # Metadata about the upgrade for each specific operating system.
324 { # The Upgrade Distribution represents metadata about the Upgrade for each
325 # operating system (CPE). Some distributions have additional metadata around
326 # updates, classifying them into various categories and severities.
Bu Sun Kim65020912020-05-20 12:08:20 -0700327 &quot;classification&quot;: &quot;A String&quot;, # The operating system classification of this Upgrade, as specified by the
328 # upstream operating system upgrade feed.
Bu Sun Kim65020912020-05-20 12:08:20 -0700329 &quot;cpeUri&quot;: &quot;A String&quot;, # Required - The specific operating system this metadata applies to. See
330 # https://cpe.mitre.org/specification/.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700331 &quot;severity&quot;: &quot;A String&quot;, # The severity as specified by the upstream operating system.
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700332 &quot;cve&quot;: [ # The cve that would be resolved by this upgrade.
333 &quot;A String&quot;,
334 ],
Bu Sun Kim65020912020-05-20 12:08:20 -0700335 },
336 ],
337 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700338 }
339
340 noteId: string, The ID to use for this note.
341 name: string, The name of the project.
342Should be of the form &quot;providers/{provider_id}&quot;.
343@Deprecated
344 x__xgafv: string, V1 error format.
345 Allowed values
346 1 - v1 error format
347 2 - v2 error format
348
349Returns:
350 An object of the form:
351
352 { # Provides a detailed description of a `Note`.
353 &quot;package&quot;: { # This represents a particular package that is distributed over # A note describing a package hosted by various package managers.
354 # various channels.
355 # e.g. glibc (aka libc6) is distributed by many, at various versions.
356 &quot;distribution&quot;: [ # The various channels by which a package is distributed.
357 { # This represents a particular channel of distribution for a given package.
358 # e.g. Debian&#x27;s jessie-backports dpkg mirror
359 &quot;latestVersion&quot;: { # Version contains structured information about the version of the package. # The latest available version of this package in
360 # this distribution channel.
361 # For a discussion of this in Debian/Ubuntu:
362 # http://serverfault.com/questions/604541/debian-packages-version-convention
363 # For a discussion of this in Redhat/Fedora/Centos:
364 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
365 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
366 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
367 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
368 # If kind is not NORMAL, then the other fields are ignored.
369 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
370 },
371 &quot;maintainer&quot;: &quot;A String&quot;, # A freeform string denoting the maintainer of this package.
372 &quot;architecture&quot;: &quot;A String&quot;, # The CPU architecture for which packages in this distribution
373 # channel were built
374 &quot;description&quot;: &quot;A String&quot;, # The distribution channel-specific description of this package.
375 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format](https://cpe.mitre.org/specification/)
376 # denoting the package manager version distributing a package.
377 &quot;url&quot;: &quot;A String&quot;, # The distribution channel-specific homepage for this package.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700378 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700379 ],
380 &quot;name&quot;: &quot;A String&quot;, # The name of the package.
381 },
382 &quot;name&quot;: &quot;A String&quot;, # The name of the note in the form
383 # &quot;projects/{provider_project_id}/notes/{NOTE_ID}&quot;
384 &quot;relatedUrl&quot;: [ # URLs associated with this note
385 { # Metadata for any related URL information
386 &quot;label&quot;: &quot;A String&quot;, # Label to describe usage of the URL
387 &quot;url&quot;: &quot;A String&quot;, # Specific URL to associate with the note
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700388 },
389 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700390 &quot;expirationTime&quot;: &quot;A String&quot;, # Time of expiration for this note, null if note does not expire.
391 &quot;baseImage&quot;: { # Basis describes the base image portion (Note) of the DockerImage # A note describing a base image.
392 # relationship. Linked occurrences are derived from this or an
393 # equivalent image via:
394 # FROM &lt;Basis.resource_url&gt;
395 # Or an equivalent reference, e.g. a tag of the resource_url.
396 &quot;resourceUrl&quot;: &quot;A String&quot;, # The resource_url for the resource representing the basis of
397 # associated occurrence images.
398 &quot;fingerprint&quot;: { # A set of properties that uniquely identify a given Docker image. # The fingerprint of the base image.
399 &quot;v2Name&quot;: &quot;A String&quot;, # Output only. The name of the image&#x27;s v2 blobs computed via:
400 # [bottom] := v2_blobbottom := sha256(v2_blob[N] + &quot; &quot; + v2_name[N+1])
401 # Only the name of the final blob is kept.
402 # This field can be used as a filter in list requests.
403 &quot;v2Blob&quot;: [ # The ordered list of v2 blobs that represent a given image.
404 &quot;A String&quot;,
405 ],
406 &quot;v1Name&quot;: &quot;A String&quot;, # The layer-id of the final layer in the Docker image&#x27;s v1
407 # representation.
408 # This field can be used as a filter in list requests.
409 },
410 },
411 &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time this note was created. This field can be used as a
412 # filter in list requests.
413 &quot;vulnerabilityType&quot;: { # VulnerabilityType provides metadata about a security vulnerability. # A package vulnerability type of note.
414 &quot;details&quot;: [ # All information about the package to specifically identify this
415 # vulnerability. One entry per (version range and cpe_uri) the
416 # package vulnerability has manifested in.
417 { # Identifies all occurrences of this vulnerability in the package for a
418 # specific distro/location
419 # For example: glibc in cpe:/o:debian:debian_linux:8 for versions 2.1 - 2.2
420 &quot;isObsolete&quot;: True or False, # Whether this Detail is obsolete. Occurrences are expected not to point to
421 # obsolete details.
422 &quot;minAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The min version of the package in which the vulnerability exists.
423 # For a discussion of this in Debian/Ubuntu:
424 # http://serverfault.com/questions/604541/debian-packages-version-convention
425 # For a discussion of this in Redhat/Fedora/Centos:
426 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
427 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
428 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
429 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
430 # If kind is not NORMAL, then the other fields are ignored.
431 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
432 },
433 &quot;maxAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The max version of the package in which the vulnerability exists.
434 # For a discussion of this in Debian/Ubuntu:
435 # http://serverfault.com/questions/604541/debian-packages-version-convention
436 # For a discussion of this in Redhat/Fedora/Centos:
437 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
438 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
439 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
440 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
441 # If kind is not NORMAL, then the other fields are ignored.
442 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
443 },
444 &quot;packageType&quot;: &quot;A String&quot;, # The type of package; whether native or non native(ruby gems,
445 # node.js packages etc)
446 &quot;fixedLocation&quot;: { # The location of the vulnerability # The fix for this specific package version.
447 &quot;version&quot;: { # Version contains structured information about the version of the package. # The version of the package being described. This field can be used as a
448 # filter in list requests.
449 # For a discussion of this in Debian/Ubuntu:
450 # http://serverfault.com/questions/604541/debian-packages-version-convention
451 # For a discussion of this in Redhat/Fedora/Centos:
452 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
453 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
454 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
455 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
456 # If kind is not NORMAL, then the other fields are ignored.
457 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
458 },
459 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/)
460 # format. Examples include distro or storage location for vulnerable jar.
461 # This field can be used as a filter in list requests.
462 &quot;package&quot;: &quot;A String&quot;, # The package being described.
463 },
464 &quot;description&quot;: &quot;A String&quot;, # A vendor-specific description of this note.
465 &quot;package&quot;: &quot;A String&quot;, # The name of the package where the vulnerability was found.
466 # This field can be used as a filter in list requests.
467 &quot;severityName&quot;: &quot;A String&quot;, # The severity (eg: distro assigned severity) for this vulnerability.
468 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in
469 # which the vulnerability manifests. Examples include distro or storage
470 # location for vulnerable jar.
471 # This field can be used as a filter in list requests.
472 },
473 ],
474 &quot;severity&quot;: &quot;A String&quot;, # Note provider assigned impact of the vulnerability
475 &quot;cvssScore&quot;: 3.14, # The CVSS score for this Vulnerability.
476 },
477 &quot;buildType&quot;: { # Note holding the version of the provider&#x27;s builder and the signature of # Build provenance type for a verifiable build.
478 # the provenance message in linked BuildDetails.
479 &quot;signature&quot;: { # Message encapsulating the signature of the verified build. # Signature of the build in Occurrences pointing to the Note containing this
480 # `BuilderDetails`.
481 &quot;keyId&quot;: &quot;A String&quot;, # An Id for the key used to sign. This could be either an Id for the key
482 # stored in `public_key` (such as the Id or fingerprint for a PGP key, or the
483 # CN for a cert), or a reference to an external key (such as a reference to a
484 # key in Cloud Key Management Service).
485 &quot;signature&quot;: &quot;A String&quot;, # Signature of the related `BuildProvenance`, encoded in a base64 string.
486 &quot;keyType&quot;: &quot;A String&quot;, # The type of the key, either stored in `public_key` or referenced in
487 # `key_id`
488 &quot;publicKey&quot;: &quot;A String&quot;, # Public key of the builder which can be used to verify that the related
489 # findings are valid and unchanged. If `key_type` is empty, this defaults
490 # to PEM encoded public keys.
491 #
492 # This field may be empty if `key_id` references an external key.
493 #
494 # For Cloud Build based signatures, this is a PEM encoded public
495 # key. To verify the Cloud Build signature, place the contents of
496 # this field into a file (public.pem). The signature field is base64-decoded
497 # into its binary representation in signature.bin, and the provenance bytes
498 # from `BuildDetails` are base64-decoded into a binary representation in
499 # signed.bin. OpenSSL can then verify the signature:
500 # `openssl sha256 -verify public.pem -signature signature.bin signed.bin`
501 },
502 &quot;builderVersion&quot;: &quot;A String&quot;, # Version of the builder which produced this Note.
503 },
504 &quot;kind&quot;: &quot;A String&quot;, # Output only. This explicitly denotes which kind of note is specified. This
505 # field can be used as a filter in list requests.
506 &quot;longDescription&quot;: &quot;A String&quot;, # A detailed description of this `Note`.
507 &quot;deployable&quot;: { # An artifact that can be deployed in some runtime. # A note describing something that can be deployed.
508 &quot;resourceUri&quot;: [ # Resource URI for the artifact being deployed.
509 &quot;A String&quot;,
510 ],
511 },
512 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The time this note was last updated. This field can be used as
513 # a filter in list requests.
514 &quot;shortDescription&quot;: &quot;A String&quot;, # A one sentence description of this `Note`.
515 &quot;discovery&quot;: { # A note that indicates a type of analysis a provider would perform. This note # A note describing a provider/analysis type.
516 # exists in a provider&#x27;s project. A `Discovery` occurrence is created in a
517 # consumer&#x27;s project at the start of analysis. The occurrence&#x27;s operation will
518 # indicate the status of the analysis. Absence of an occurrence linked to this
519 # note for a resource indicates that analysis hasn&#x27;t started.
520 &quot;analysisKind&quot;: &quot;A String&quot;, # The kind of analysis that is handled by this discovery.
521 },
522 &quot;attestationAuthority&quot;: { # Note kind that represents a logical attestation &quot;role&quot; or &quot;authority&quot;. For # A note describing an attestation role.
523 # example, an organization might have one `AttestationAuthority` for &quot;QA&quot; and
524 # one for &quot;build&quot;. This Note is intended to act strictly as a grouping
525 # mechanism for the attached Occurrences (Attestations). This grouping
526 # mechanism also provides a security boundary, since IAM ACLs gate the ability
527 # for a principle to attach an Occurrence to a given Note. It also provides a
528 # single point of lookup to find all attached Attestation Occurrences, even if
529 # they don&#x27;t all live in the same project.
530 &quot;hint&quot;: { # This submessage provides human-readable hints about the purpose of the
531 # AttestationAuthority. Because the name of a Note acts as its resource
532 # reference, it is important to disambiguate the canonical name of the Note
533 # (which might be a UUID for security purposes) from &quot;readable&quot; names more
534 # suitable for debug output. Note that these hints should NOT be used to
535 # look up AttestationAuthorities in security sensitive contexts, such as when
536 # looking up Attestations to verify.
537 &quot;humanReadableName&quot;: &quot;A String&quot;, # The human readable name of this Attestation Authority, for example &quot;qa&quot;.
538 },
539 },
540 &quot;upgrade&quot;: { # An Upgrade Note represents a potential upgrade of a package to a given # A note describing an upgrade.
541 # version. For each package version combination (i.e. bash 4.0, bash 4.1,
542 # bash 4.1.2), there will be a Upgrade Note.
543 &quot;package&quot;: &quot;A String&quot;, # Required - The package this Upgrade is for.
544 &quot;version&quot;: { # Version contains structured information about the version of the package. # Required - The version of the package in machine + human readable form.
545 # For a discussion of this in Debian/Ubuntu:
546 # http://serverfault.com/questions/604541/debian-packages-version-convention
547 # For a discussion of this in Redhat/Fedora/Centos:
548 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
549 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
550 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
551 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
552 # If kind is not NORMAL, then the other fields are ignored.
553 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
554 },
555 &quot;distributions&quot;: [ # Metadata about the upgrade for each specific operating system.
556 { # The Upgrade Distribution represents metadata about the Upgrade for each
557 # operating system (CPE). Some distributions have additional metadata around
558 # updates, classifying them into various categories and severities.
559 &quot;classification&quot;: &quot;A String&quot;, # The operating system classification of this Upgrade, as specified by the
560 # upstream operating system upgrade feed.
561 &quot;cpeUri&quot;: &quot;A String&quot;, # Required - The specific operating system this metadata applies to. See
562 # https://cpe.mitre.org/specification/.
563 &quot;severity&quot;: &quot;A String&quot;, # The severity as specified by the upstream operating system.
564 &quot;cve&quot;: [ # The cve that would be resolved by this upgrade.
565 &quot;A String&quot;,
566 ],
567 },
568 ],
569 },
570 }</pre>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700571</div>
572
573<div class="method">
574 <code class="details" id="delete">delete(name, x__xgafv=None)</code>
575 <pre>Deletes the given `Note` from the system.
576
577Args:
578 name: string, The name of the note in the form of
Bu Sun Kim65020912020-05-20 12:08:20 -0700579&quot;providers/{provider_id}/notes/{NOTE_ID}&quot; (required)
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700580 x__xgafv: string, V1 error format.
581 Allowed values
582 1 - v1 error format
583 2 - v2 error format
584
585Returns:
586 An object of the form:
587
588 { # A generic empty message that you can re-use to avoid defining duplicated
589 # empty messages in your APIs. A typical example is to use it as the request
590 # or the response type of an API method. For instance:
591 #
592 # service Foo {
593 # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
594 # }
595 #
596 # The JSON representation for `Empty` is empty JSON object `{}`.
597 }</pre>
598</div>
599
600<div class="method">
601 <code class="details" id="get">get(name, x__xgafv=None)</code>
602 <pre>Returns the requested `Note`.
603
604Args:
605 name: string, The name of the note in the form of
Bu Sun Kim65020912020-05-20 12:08:20 -0700606&quot;providers/{provider_id}/notes/{NOTE_ID}&quot; (required)
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700607 x__xgafv: string, V1 error format.
608 Allowed values
609 1 - v1 error format
610 2 - v2 error format
611
612Returns:
613 An object of the form:
614
615 { # Provides a detailed description of a `Note`.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700616 &quot;package&quot;: { # This represents a particular package that is distributed over # A note describing a package hosted by various package managers.
617 # various channels.
618 # e.g. glibc (aka libc6) is distributed by many, at various versions.
619 &quot;distribution&quot;: [ # The various channels by which a package is distributed.
620 { # This represents a particular channel of distribution for a given package.
621 # e.g. Debian&#x27;s jessie-backports dpkg mirror
622 &quot;latestVersion&quot;: { # Version contains structured information about the version of the package. # The latest available version of this package in
623 # this distribution channel.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700624 # For a discussion of this in Debian/Ubuntu:
625 # http://serverfault.com/questions/604541/debian-packages-version-convention
626 # For a discussion of this in Redhat/Fedora/Centos:
627 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
Bu Sun Kim65020912020-05-20 12:08:20 -0700628 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700629 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
Bu Sun Kim65020912020-05-20 12:08:20 -0700630 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700631 # If kind is not NORMAL, then the other fields are ignored.
Bu Sun Kim65020912020-05-20 12:08:20 -0700632 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700633 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700634 &quot;maintainer&quot;: &quot;A String&quot;, # A freeform string denoting the maintainer of this package.
635 &quot;architecture&quot;: &quot;A String&quot;, # The CPU architecture for which packages in this distribution
636 # channel were built
637 &quot;description&quot;: &quot;A String&quot;, # The distribution channel-specific description of this package.
638 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format](https://cpe.mitre.org/specification/)
639 # denoting the package manager version distributing a package.
640 &quot;url&quot;: &quot;A String&quot;, # The distribution channel-specific homepage for this package.
Bu Sun Kim65020912020-05-20 12:08:20 -0700641 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700642 ],
643 &quot;name&quot;: &quot;A String&quot;, # The name of the package.
644 },
645 &quot;name&quot;: &quot;A String&quot;, # The name of the note in the form
646 # &quot;projects/{provider_project_id}/notes/{NOTE_ID}&quot;
647 &quot;relatedUrl&quot;: [ # URLs associated with this note
648 { # Metadata for any related URL information
649 &quot;label&quot;: &quot;A String&quot;, # Label to describe usage of the URL
650 &quot;url&quot;: &quot;A String&quot;, # Specific URL to associate with the note
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700651 },
652 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700653 &quot;expirationTime&quot;: &quot;A String&quot;, # Time of expiration for this note, null if note does not expire.
654 &quot;baseImage&quot;: { # Basis describes the base image portion (Note) of the DockerImage # A note describing a base image.
655 # relationship. Linked occurrences are derived from this or an
656 # equivalent image via:
657 # FROM &lt;Basis.resource_url&gt;
658 # Or an equivalent reference, e.g. a tag of the resource_url.
659 &quot;resourceUrl&quot;: &quot;A String&quot;, # The resource_url for the resource representing the basis of
660 # associated occurrence images.
661 &quot;fingerprint&quot;: { # A set of properties that uniquely identify a given Docker image. # The fingerprint of the base image.
662 &quot;v2Name&quot;: &quot;A String&quot;, # Output only. The name of the image&#x27;s v2 blobs computed via:
663 # [bottom] := v2_blobbottom := sha256(v2_blob[N] + &quot; &quot; + v2_name[N+1])
664 # Only the name of the final blob is kept.
665 # This field can be used as a filter in list requests.
666 &quot;v2Blob&quot;: [ # The ordered list of v2 blobs that represent a given image.
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700667 &quot;A String&quot;,
668 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700669 &quot;v1Name&quot;: &quot;A String&quot;, # The layer-id of the final layer in the Docker image&#x27;s v1
670 # representation.
671 # This field can be used as a filter in list requests.
Bu Sun Kim65020912020-05-20 12:08:20 -0700672 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700673 },
674 &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time this note was created. This field can be used as a
675 # filter in list requests.
676 &quot;vulnerabilityType&quot;: { # VulnerabilityType provides metadata about a security vulnerability. # A package vulnerability type of note.
677 &quot;details&quot;: [ # All information about the package to specifically identify this
678 # vulnerability. One entry per (version range and cpe_uri) the
679 # package vulnerability has manifested in.
680 { # Identifies all occurrences of this vulnerability in the package for a
681 # specific distro/location
682 # For example: glibc in cpe:/o:debian:debian_linux:8 for versions 2.1 - 2.2
683 &quot;isObsolete&quot;: True or False, # Whether this Detail is obsolete. Occurrences are expected not to point to
684 # obsolete details.
685 &quot;minAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The min version of the package in which the vulnerability exists.
686 # For a discussion of this in Debian/Ubuntu:
687 # http://serverfault.com/questions/604541/debian-packages-version-convention
688 # For a discussion of this in Redhat/Fedora/Centos:
689 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
690 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
691 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
692 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
693 # If kind is not NORMAL, then the other fields are ignored.
694 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
695 },
696 &quot;maxAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The max version of the package in which the vulnerability exists.
697 # For a discussion of this in Debian/Ubuntu:
698 # http://serverfault.com/questions/604541/debian-packages-version-convention
699 # For a discussion of this in Redhat/Fedora/Centos:
700 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
701 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
702 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
703 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
704 # If kind is not NORMAL, then the other fields are ignored.
705 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
706 },
707 &quot;packageType&quot;: &quot;A String&quot;, # The type of package; whether native or non native(ruby gems,
708 # node.js packages etc)
709 &quot;fixedLocation&quot;: { # The location of the vulnerability # The fix for this specific package version.
710 &quot;version&quot;: { # Version contains structured information about the version of the package. # The version of the package being described. This field can be used as a
711 # filter in list requests.
712 # For a discussion of this in Debian/Ubuntu:
713 # http://serverfault.com/questions/604541/debian-packages-version-convention
714 # For a discussion of this in Redhat/Fedora/Centos:
715 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
716 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
717 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
718 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
719 # If kind is not NORMAL, then the other fields are ignored.
720 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
721 },
722 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/)
723 # format. Examples include distro or storage location for vulnerable jar.
724 # This field can be used as a filter in list requests.
725 &quot;package&quot;: &quot;A String&quot;, # The package being described.
726 },
727 &quot;description&quot;: &quot;A String&quot;, # A vendor-specific description of this note.
728 &quot;package&quot;: &quot;A String&quot;, # The name of the package where the vulnerability was found.
729 # This field can be used as a filter in list requests.
730 &quot;severityName&quot;: &quot;A String&quot;, # The severity (eg: distro assigned severity) for this vulnerability.
731 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in
732 # which the vulnerability manifests. Examples include distro or storage
733 # location for vulnerable jar.
734 # This field can be used as a filter in list requests.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700735 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700736 ],
737 &quot;severity&quot;: &quot;A String&quot;, # Note provider assigned impact of the vulnerability
738 &quot;cvssScore&quot;: 3.14, # The CVSS score for this Vulnerability.
739 },
740 &quot;buildType&quot;: { # Note holding the version of the provider&#x27;s builder and the signature of # Build provenance type for a verifiable build.
741 # the provenance message in linked BuildDetails.
742 &quot;signature&quot;: { # Message encapsulating the signature of the verified build. # Signature of the build in Occurrences pointing to the Note containing this
743 # `BuilderDetails`.
744 &quot;keyId&quot;: &quot;A String&quot;, # An Id for the key used to sign. This could be either an Id for the key
745 # stored in `public_key` (such as the Id or fingerprint for a PGP key, or the
746 # CN for a cert), or a reference to an external key (such as a reference to a
747 # key in Cloud Key Management Service).
748 &quot;signature&quot;: &quot;A String&quot;, # Signature of the related `BuildProvenance`, encoded in a base64 string.
749 &quot;keyType&quot;: &quot;A String&quot;, # The type of the key, either stored in `public_key` or referenced in
750 # `key_id`
751 &quot;publicKey&quot;: &quot;A String&quot;, # Public key of the builder which can be used to verify that the related
752 # findings are valid and unchanged. If `key_type` is empty, this defaults
753 # to PEM encoded public keys.
754 #
755 # This field may be empty if `key_id` references an external key.
756 #
757 # For Cloud Build based signatures, this is a PEM encoded public
758 # key. To verify the Cloud Build signature, place the contents of
759 # this field into a file (public.pem). The signature field is base64-decoded
760 # into its binary representation in signature.bin, and the provenance bytes
761 # from `BuildDetails` are base64-decoded into a binary representation in
762 # signed.bin. OpenSSL can then verify the signature:
763 # `openssl sha256 -verify public.pem -signature signature.bin signed.bin`
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700764 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700765 &quot;builderVersion&quot;: &quot;A String&quot;, # Version of the builder which produced this Note.
766 },
767 &quot;kind&quot;: &quot;A String&quot;, # Output only. This explicitly denotes which kind of note is specified. This
768 # field can be used as a filter in list requests.
769 &quot;longDescription&quot;: &quot;A String&quot;, # A detailed description of this `Note`.
770 &quot;deployable&quot;: { # An artifact that can be deployed in some runtime. # A note describing something that can be deployed.
771 &quot;resourceUri&quot;: [ # Resource URI for the artifact being deployed.
772 &quot;A String&quot;,
773 ],
774 },
775 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The time this note was last updated. This field can be used as
776 # a filter in list requests.
777 &quot;shortDescription&quot;: &quot;A String&quot;, # A one sentence description of this `Note`.
778 &quot;discovery&quot;: { # A note that indicates a type of analysis a provider would perform. This note # A note describing a provider/analysis type.
779 # exists in a provider&#x27;s project. A `Discovery` occurrence is created in a
780 # consumer&#x27;s project at the start of analysis. The occurrence&#x27;s operation will
781 # indicate the status of the analysis. Absence of an occurrence linked to this
782 # note for a resource indicates that analysis hasn&#x27;t started.
783 &quot;analysisKind&quot;: &quot;A String&quot;, # The kind of analysis that is handled by this discovery.
784 },
785 &quot;attestationAuthority&quot;: { # Note kind that represents a logical attestation &quot;role&quot; or &quot;authority&quot;. For # A note describing an attestation role.
786 # example, an organization might have one `AttestationAuthority` for &quot;QA&quot; and
787 # one for &quot;build&quot;. This Note is intended to act strictly as a grouping
788 # mechanism for the attached Occurrences (Attestations). This grouping
789 # mechanism also provides a security boundary, since IAM ACLs gate the ability
790 # for a principle to attach an Occurrence to a given Note. It also provides a
791 # single point of lookup to find all attached Attestation Occurrences, even if
792 # they don&#x27;t all live in the same project.
793 &quot;hint&quot;: { # This submessage provides human-readable hints about the purpose of the
794 # AttestationAuthority. Because the name of a Note acts as its resource
795 # reference, it is important to disambiguate the canonical name of the Note
796 # (which might be a UUID for security purposes) from &quot;readable&quot; names more
797 # suitable for debug output. Note that these hints should NOT be used to
798 # look up AttestationAuthorities in security sensitive contexts, such as when
799 # looking up Attestations to verify.
800 &quot;humanReadableName&quot;: &quot;A String&quot;, # The human readable name of this Attestation Authority, for example &quot;qa&quot;.
801 },
802 },
803 &quot;upgrade&quot;: { # An Upgrade Note represents a potential upgrade of a package to a given # A note describing an upgrade.
804 # version. For each package version combination (i.e. bash 4.0, bash 4.1,
805 # bash 4.1.2), there will be a Upgrade Note.
806 &quot;package&quot;: &quot;A String&quot;, # Required - The package this Upgrade is for.
807 &quot;version&quot;: { # Version contains structured information about the version of the package. # Required - The version of the package in machine + human readable form.
808 # For a discussion of this in Debian/Ubuntu:
809 # http://serverfault.com/questions/604541/debian-packages-version-convention
810 # For a discussion of this in Redhat/Fedora/Centos:
811 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
812 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
813 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
814 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
815 # If kind is not NORMAL, then the other fields are ignored.
816 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
817 },
818 &quot;distributions&quot;: [ # Metadata about the upgrade for each specific operating system.
819 { # The Upgrade Distribution represents metadata about the Upgrade for each
820 # operating system (CPE). Some distributions have additional metadata around
821 # updates, classifying them into various categories and severities.
822 &quot;classification&quot;: &quot;A String&quot;, # The operating system classification of this Upgrade, as specified by the
823 # upstream operating system upgrade feed.
824 &quot;cpeUri&quot;: &quot;A String&quot;, # Required - The specific operating system this metadata applies to. See
825 # https://cpe.mitre.org/specification/.
826 &quot;severity&quot;: &quot;A String&quot;, # The severity as specified by the upstream operating system.
827 &quot;cve&quot;: [ # The cve that would be resolved by this upgrade.
828 &quot;A String&quot;,
829 ],
830 },
831 ],
832 },
833 }</pre>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700834</div>
835
836<div class="method">
837 <code class="details" id="getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</code>
838 <pre>Gets the access control policy for a note or an `Occurrence` resource.
839Requires `containeranalysis.notes.setIamPolicy` or
840`containeranalysis.occurrences.setIamPolicy` permission if the resource is
841a note or occurrence, respectively.
842Attempting to call this method on a resource without the required
843permission will result in a `PERMISSION_DENIED` error. Attempting to call
844this method on a non-existent resource will result in a `NOT_FOUND` error
845if the user has list permission on the project, or a `PERMISSION_DENIED`
846error otherwise. The resource takes the following formats:
847`projects/{PROJECT_ID}/occurrences/{OCCURRENCE_ID}` for occurrences and
848projects/{PROJECT_ID}/notes/{NOTE_ID} for notes
849
850Args:
851 resource: string, REQUIRED: The resource for which the policy is being requested.
852See the operation documentation for the appropriate value for this field. (required)
853 body: object, The request body.
854 The object takes the form of:
855
856{ # Request message for `GetIamPolicy` method.
Bu Sun Kim65020912020-05-20 12:08:20 -0700857 &quot;options&quot;: { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to
Dan O'Mearadd494642020-05-01 07:42:23 -0700858 # `GetIamPolicy`.
Bu Sun Kim65020912020-05-20 12:08:20 -0700859 &quot;requestedPolicyVersion&quot;: 42, # Optional. The policy format version to be returned.
Dan O'Mearadd494642020-05-01 07:42:23 -0700860 #
861 # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
862 # rejected.
863 #
864 # Requests for policies with any conditional bindings must specify version 3.
865 # Policies without any conditional bindings may specify any valid value or
866 # leave the field unset.
Bu Sun Kim65020912020-05-20 12:08:20 -0700867 #
868 # To learn which resources support conditions in their IAM policies, see the
869 # [IAM
870 # documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
Dan O'Mearadd494642020-05-01 07:42:23 -0700871 },
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700872 }
873
874 x__xgafv: string, V1 error format.
875 Allowed values
876 1 - v1 error format
877 2 - v2 error format
878
879Returns:
880 An object of the form:
881
Dan O'Mearadd494642020-05-01 07:42:23 -0700882 { # An Identity and Access Management (IAM) policy, which specifies access
883 # controls for Google Cloud resources.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700884 #
885 #
Dan O'Mearadd494642020-05-01 07:42:23 -0700886 # A `Policy` is a collection of `bindings`. A `binding` binds one or more
887 # `members` to a single `role`. Members can be user accounts, service accounts,
888 # Google groups, and domains (such as G Suite). A `role` is a named list of
889 # permissions; each `role` can be an IAM predefined role or a user-created
890 # custom role.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700891 #
Bu Sun Kim65020912020-05-20 12:08:20 -0700892 # For some types of Google Cloud resources, a `binding` can also specify a
893 # `condition`, which is a logical expression that allows access to a resource
894 # only if the expression evaluates to `true`. A condition can add constraints
895 # based on attributes of the request, the resource, or both. To learn which
896 # resources support conditions in their IAM policies, see the
897 # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
Dan O'Mearadd494642020-05-01 07:42:23 -0700898 #
899 # **JSON example:**
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700900 #
901 # {
Bu Sun Kim65020912020-05-20 12:08:20 -0700902 # &quot;bindings&quot;: [
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700903 # {
Bu Sun Kim65020912020-05-20 12:08:20 -0700904 # &quot;role&quot;: &quot;roles/resourcemanager.organizationAdmin&quot;,
905 # &quot;members&quot;: [
906 # &quot;user:mike@example.com&quot;,
907 # &quot;group:admins@example.com&quot;,
908 # &quot;domain:google.com&quot;,
909 # &quot;serviceAccount:my-project-id@appspot.gserviceaccount.com&quot;
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700910 # ]
911 # },
912 # {
Bu Sun Kim65020912020-05-20 12:08:20 -0700913 # &quot;role&quot;: &quot;roles/resourcemanager.organizationViewer&quot;,
914 # &quot;members&quot;: [
915 # &quot;user:eve@example.com&quot;
916 # ],
917 # &quot;condition&quot;: {
918 # &quot;title&quot;: &quot;expirable access&quot;,
919 # &quot;description&quot;: &quot;Does not grant access after Sep 2020&quot;,
920 # &quot;expression&quot;: &quot;request.time &lt; timestamp(&#x27;2020-10-01T00:00:00.000Z&#x27;)&quot;,
Dan O'Mearadd494642020-05-01 07:42:23 -0700921 # }
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700922 # }
Dan O'Mearadd494642020-05-01 07:42:23 -0700923 # ],
Bu Sun Kim65020912020-05-20 12:08:20 -0700924 # &quot;etag&quot;: &quot;BwWWja0YfJA=&quot;,
925 # &quot;version&quot;: 3
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700926 # }
927 #
Dan O'Mearadd494642020-05-01 07:42:23 -0700928 # **YAML example:**
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700929 #
930 # bindings:
931 # - members:
932 # - user:mike@example.com
933 # - group:admins@example.com
934 # - domain:google.com
Dan O'Mearadd494642020-05-01 07:42:23 -0700935 # - serviceAccount:my-project-id@appspot.gserviceaccount.com
936 # role: roles/resourcemanager.organizationAdmin
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700937 # - members:
Dan O'Mearadd494642020-05-01 07:42:23 -0700938 # - user:eve@example.com
939 # role: roles/resourcemanager.organizationViewer
940 # condition:
941 # title: expirable access
942 # description: Does not grant access after Sep 2020
Bu Sun Kim65020912020-05-20 12:08:20 -0700943 # expression: request.time &lt; timestamp(&#x27;2020-10-01T00:00:00.000Z&#x27;)
Dan O'Mearadd494642020-05-01 07:42:23 -0700944 # - etag: BwWWja0YfJA=
945 # - version: 3
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700946 #
947 # For a description of IAM and its features, see the
Dan O'Mearadd494642020-05-01 07:42:23 -0700948 # [IAM documentation](https://cloud.google.com/iam/docs/).
Bu Sun Kim65020912020-05-20 12:08:20 -0700949 &quot;bindings&quot;: [ # Associates a list of `members` to a `role`. Optionally, may specify a
Dan O'Mearadd494642020-05-01 07:42:23 -0700950 # `condition` that determines how and when the `bindings` are applied. Each
951 # of the `bindings` must contain at least one member.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700952 { # Associates `members` with a `role`.
Bu Sun Kim65020912020-05-20 12:08:20 -0700953 &quot;condition&quot;: { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding.
954 #
955 # If the condition evaluates to `true`, then this binding applies to the
956 # current request.
957 #
958 # If the condition evaluates to `false`, then this binding does not apply to
959 # the current request. However, a different role binding might grant the same
960 # role to one or more of the members in this binding.
961 #
962 # To learn which resources support conditions in their IAM policies, see the
963 # [IAM
964 # documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
965 # syntax. CEL is a C-like expression language. The syntax and semantics of CEL
966 # are documented at https://github.com/google/cel-spec.
967 #
968 # Example (Comparison):
969 #
970 # title: &quot;Summary size limit&quot;
971 # description: &quot;Determines if a summary is less than 100 chars&quot;
972 # expression: &quot;document.summary.size() &lt; 100&quot;
973 #
974 # Example (Equality):
975 #
976 # title: &quot;Requestor is owner&quot;
977 # description: &quot;Determines if requestor is the document owner&quot;
978 # expression: &quot;document.owner == request.auth.claims.email&quot;
979 #
980 # Example (Logic):
981 #
982 # title: &quot;Public documents&quot;
983 # description: &quot;Determine whether the document should be publicly visible&quot;
984 # expression: &quot;document.type != &#x27;private&#x27; &amp;&amp; document.type != &#x27;internal&#x27;&quot;
985 #
986 # Example (Data Manipulation):
987 #
988 # title: &quot;Notification string&quot;
989 # description: &quot;Create a notification string with a timestamp.&quot;
990 # expression: &quot;&#x27;New message received at &#x27; + string(document.create_time)&quot;
991 #
992 # The exact variables and functions that may be referenced within an expression
993 # are determined by the service that evaluates it. See the service
994 # documentation for additional information.
Bu Sun Kim65020912020-05-20 12:08:20 -0700995 &quot;title&quot;: &quot;A String&quot;, # Optional. Title for the expression, i.e. a short string describing
996 # its purpose. This can be used e.g. in UIs which allow to enter the
997 # expression.
Bu Sun Kimd059ad82020-07-22 17:02:09 -0700998 &quot;expression&quot;: &quot;A String&quot;, # Textual representation of an expression in Common Expression Language
999 # syntax.
Bu Sun Kim65020912020-05-20 12:08:20 -07001000 &quot;location&quot;: &quot;A String&quot;, # Optional. String indicating the location of the expression for error
1001 # reporting, e.g. a file name and a position in the file.
1002 &quot;description&quot;: &quot;A String&quot;, # Optional. Description of the expression. This is a longer text which
1003 # describes the expression, e.g. when hovered over it in a UI.
1004 },
1005 &quot;members&quot;: [ # Specifies the identities requesting access for a Cloud Platform resource.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001006 # `members` can have the following values:
1007 #
1008 # * `allUsers`: A special identifier that represents anyone who is
1009 # on the internet; with or without a Google account.
1010 #
1011 # * `allAuthenticatedUsers`: A special identifier that represents anyone
1012 # who is authenticated with a Google account or a service account.
1013 #
1014 # * `user:{emailid}`: An email address that represents a specific Google
Dan O'Mearadd494642020-05-01 07:42:23 -07001015 # account. For example, `alice@example.com` .
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001016 #
1017 #
1018 # * `serviceAccount:{emailid}`: An email address that represents a service
1019 # account. For example, `my-other-app@appspot.gserviceaccount.com`.
1020 #
1021 # * `group:{emailid}`: An email address that represents a Google group.
1022 # For example, `admins@example.com`.
1023 #
Dan O'Mearadd494642020-05-01 07:42:23 -07001024 # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
1025 # identifier) representing a user that has been recently deleted. For
1026 # example, `alice@example.com?uid=123456789012345678901`. If the user is
1027 # recovered, this value reverts to `user:{emailid}` and the recovered user
1028 # retains the role in the binding.
1029 #
1030 # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
1031 # unique identifier) representing a service account that has been recently
1032 # deleted. For example,
1033 # `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
1034 # If the service account is undeleted, this value reverts to
1035 # `serviceAccount:{emailid}` and the undeleted service account retains the
1036 # role in the binding.
1037 #
1038 # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique
1039 # identifier) representing a Google group that has been recently
1040 # deleted. For example, `admins@example.com?uid=123456789012345678901`. If
1041 # the group is recovered, this value reverts to `group:{emailid}` and the
1042 # recovered group retains the role in the binding.
1043 #
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001044 #
1045 # * `domain:{domain}`: The G Suite domain (primary) that represents all the
1046 # users of that domain. For example, `google.com` or `example.com`.
1047 #
Bu Sun Kim65020912020-05-20 12:08:20 -07001048 &quot;A String&quot;,
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001049 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001050 &quot;role&quot;: &quot;A String&quot;, # Role that is assigned to `members`.
1051 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001052 },
1053 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001054 &quot;version&quot;: 42, # Specifies the format of the policy.
1055 #
1056 # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
1057 # are rejected.
1058 #
1059 # Any operation that affects conditional role bindings must specify version
1060 # `3`. This requirement applies to the following operations:
1061 #
1062 # * Getting a policy that includes a conditional role binding
1063 # * Adding a conditional role binding to a policy
1064 # * Changing a conditional role binding in a policy
1065 # * Removing any role binding, with or without a condition, from a policy
1066 # that includes conditions
1067 #
1068 # **Important:** If you use IAM Conditions, you must include the `etag` field
1069 # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
1070 # you to overwrite a version `3` policy with a version `1` policy, and all of
1071 # the conditions in the version `3` policy are lost.
1072 #
1073 # If a policy does not include any conditions, operations on that policy may
1074 # specify any valid version or leave the field unset.
1075 #
1076 # To learn which resources support conditions in their IAM policies, see the
1077 # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
1078 &quot;etag&quot;: &quot;A String&quot;, # `etag` is used for optimistic concurrency control as a way to help
1079 # prevent simultaneous updates of a policy from overwriting each other.
1080 # It is strongly suggested that systems make use of the `etag` in the
1081 # read-modify-write cycle to perform policy updates in order to avoid race
1082 # conditions: An `etag` is returned in the response to `getIamPolicy`, and
1083 # systems are expected to put that etag in the request to `setIamPolicy` to
1084 # ensure that their change will be applied to the same version of the policy.
1085 #
1086 # **Important:** If you use IAM Conditions, you must include the `etag` field
1087 # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
1088 # you to overwrite a version `3` policy with a version `1` policy, and all of
1089 # the conditions in the version `3` policy are lost.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001090 }</pre>
1091</div>
1092
1093<div class="method">
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001094 <code class="details" id="list">list(parent, filter=None, pageSize=None, name=None, pageToken=None, x__xgafv=None)</code>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001095 <pre>Lists all `Notes` for a given project.
1096
1097Args:
Bu Sun Kim65020912020-05-20 12:08:20 -07001098 parent: string, This field contains the project Id for example: &quot;projects/{PROJECT_ID}&quot;. (required)
1099 filter: string, The filter expression.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001100 pageSize: integer, Number of notes to return in the list.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001101 name: string, The name field will contain the project Id for example:
Bu Sun Kim65020912020-05-20 12:08:20 -07001102&quot;providers/{provider_id}
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001103@Deprecated
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001104 pageToken: string, Token to provide to skip to a particular spot in the list.
1105 x__xgafv: string, V1 error format.
1106 Allowed values
1107 1 - v1 error format
1108 2 - v2 error format
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001109
1110Returns:
1111 An object of the form:
1112
1113 { # Response including listed notes.
Bu Sun Kim65020912020-05-20 12:08:20 -07001114 &quot;notes&quot;: [ # The occurrences requested
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001115 { # Provides a detailed description of a `Note`.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001116 &quot;package&quot;: { # This represents a particular package that is distributed over # A note describing a package hosted by various package managers.
1117 # various channels.
1118 # e.g. glibc (aka libc6) is distributed by many, at various versions.
1119 &quot;distribution&quot;: [ # The various channels by which a package is distributed.
1120 { # This represents a particular channel of distribution for a given package.
1121 # e.g. Debian&#x27;s jessie-backports dpkg mirror
1122 &quot;latestVersion&quot;: { # Version contains structured information about the version of the package. # The latest available version of this package in
1123 # this distribution channel.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001124 # For a discussion of this in Debian/Ubuntu:
1125 # http://serverfault.com/questions/604541/debian-packages-version-convention
1126 # For a discussion of this in Redhat/Fedora/Centos:
1127 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
Bu Sun Kim65020912020-05-20 12:08:20 -07001128 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001129 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
Bu Sun Kim65020912020-05-20 12:08:20 -07001130 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001131 # If kind is not NORMAL, then the other fields are ignored.
Bu Sun Kim65020912020-05-20 12:08:20 -07001132 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001133 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001134 &quot;maintainer&quot;: &quot;A String&quot;, # A freeform string denoting the maintainer of this package.
1135 &quot;architecture&quot;: &quot;A String&quot;, # The CPU architecture for which packages in this distribution
1136 # channel were built
1137 &quot;description&quot;: &quot;A String&quot;, # The distribution channel-specific description of this package.
1138 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format](https://cpe.mitre.org/specification/)
1139 # denoting the package manager version distributing a package.
1140 &quot;url&quot;: &quot;A String&quot;, # The distribution channel-specific homepage for this package.
Bu Sun Kim65020912020-05-20 12:08:20 -07001141 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001142 ],
1143 &quot;name&quot;: &quot;A String&quot;, # The name of the package.
1144 },
1145 &quot;name&quot;: &quot;A String&quot;, # The name of the note in the form
1146 # &quot;projects/{provider_project_id}/notes/{NOTE_ID}&quot;
1147 &quot;relatedUrl&quot;: [ # URLs associated with this note
1148 { # Metadata for any related URL information
1149 &quot;label&quot;: &quot;A String&quot;, # Label to describe usage of the URL
1150 &quot;url&quot;: &quot;A String&quot;, # Specific URL to associate with the note
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001151 },
1152 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001153 &quot;expirationTime&quot;: &quot;A String&quot;, # Time of expiration for this note, null if note does not expire.
1154 &quot;baseImage&quot;: { # Basis describes the base image portion (Note) of the DockerImage # A note describing a base image.
1155 # relationship. Linked occurrences are derived from this or an
1156 # equivalent image via:
1157 # FROM &lt;Basis.resource_url&gt;
1158 # Or an equivalent reference, e.g. a tag of the resource_url.
1159 &quot;resourceUrl&quot;: &quot;A String&quot;, # The resource_url for the resource representing the basis of
1160 # associated occurrence images.
1161 &quot;fingerprint&quot;: { # A set of properties that uniquely identify a given Docker image. # The fingerprint of the base image.
1162 &quot;v2Name&quot;: &quot;A String&quot;, # Output only. The name of the image&#x27;s v2 blobs computed via:
1163 # [bottom] := v2_blobbottom := sha256(v2_blob[N] + &quot; &quot; + v2_name[N+1])
1164 # Only the name of the final blob is kept.
1165 # This field can be used as a filter in list requests.
1166 &quot;v2Blob&quot;: [ # The ordered list of v2 blobs that represent a given image.
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -07001167 &quot;A String&quot;,
1168 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001169 &quot;v1Name&quot;: &quot;A String&quot;, # The layer-id of the final layer in the Docker image&#x27;s v1
1170 # representation.
1171 # This field can be used as a filter in list requests.
Bu Sun Kim65020912020-05-20 12:08:20 -07001172 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001173 },
1174 &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time this note was created. This field can be used as a
1175 # filter in list requests.
1176 &quot;vulnerabilityType&quot;: { # VulnerabilityType provides metadata about a security vulnerability. # A package vulnerability type of note.
1177 &quot;details&quot;: [ # All information about the package to specifically identify this
1178 # vulnerability. One entry per (version range and cpe_uri) the
1179 # package vulnerability has manifested in.
1180 { # Identifies all occurrences of this vulnerability in the package for a
1181 # specific distro/location
1182 # For example: glibc in cpe:/o:debian:debian_linux:8 for versions 2.1 - 2.2
1183 &quot;isObsolete&quot;: True or False, # Whether this Detail is obsolete. Occurrences are expected not to point to
1184 # obsolete details.
1185 &quot;minAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The min version of the package in which the vulnerability exists.
1186 # For a discussion of this in Debian/Ubuntu:
1187 # http://serverfault.com/questions/604541/debian-packages-version-convention
1188 # For a discussion of this in Redhat/Fedora/Centos:
1189 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1190 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1191 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1192 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1193 # If kind is not NORMAL, then the other fields are ignored.
1194 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1195 },
1196 &quot;maxAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The max version of the package in which the vulnerability exists.
1197 # For a discussion of this in Debian/Ubuntu:
1198 # http://serverfault.com/questions/604541/debian-packages-version-convention
1199 # For a discussion of this in Redhat/Fedora/Centos:
1200 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1201 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1202 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1203 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1204 # If kind is not NORMAL, then the other fields are ignored.
1205 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1206 },
1207 &quot;packageType&quot;: &quot;A String&quot;, # The type of package; whether native or non native(ruby gems,
1208 # node.js packages etc)
1209 &quot;fixedLocation&quot;: { # The location of the vulnerability # The fix for this specific package version.
1210 &quot;version&quot;: { # Version contains structured information about the version of the package. # The version of the package being described. This field can be used as a
1211 # filter in list requests.
1212 # For a discussion of this in Debian/Ubuntu:
1213 # http://serverfault.com/questions/604541/debian-packages-version-convention
1214 # For a discussion of this in Redhat/Fedora/Centos:
1215 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1216 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1217 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1218 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1219 # If kind is not NORMAL, then the other fields are ignored.
1220 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1221 },
1222 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/)
1223 # format. Examples include distro or storage location for vulnerable jar.
1224 # This field can be used as a filter in list requests.
1225 &quot;package&quot;: &quot;A String&quot;, # The package being described.
1226 },
1227 &quot;description&quot;: &quot;A String&quot;, # A vendor-specific description of this note.
1228 &quot;package&quot;: &quot;A String&quot;, # The name of the package where the vulnerability was found.
1229 # This field can be used as a filter in list requests.
1230 &quot;severityName&quot;: &quot;A String&quot;, # The severity (eg: distro assigned severity) for this vulnerability.
1231 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in
1232 # which the vulnerability manifests. Examples include distro or storage
1233 # location for vulnerable jar.
1234 # This field can be used as a filter in list requests.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001235 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001236 ],
1237 &quot;severity&quot;: &quot;A String&quot;, # Note provider assigned impact of the vulnerability
1238 &quot;cvssScore&quot;: 3.14, # The CVSS score for this Vulnerability.
1239 },
1240 &quot;buildType&quot;: { # Note holding the version of the provider&#x27;s builder and the signature of # Build provenance type for a verifiable build.
1241 # the provenance message in linked BuildDetails.
1242 &quot;signature&quot;: { # Message encapsulating the signature of the verified build. # Signature of the build in Occurrences pointing to the Note containing this
1243 # `BuilderDetails`.
1244 &quot;keyId&quot;: &quot;A String&quot;, # An Id for the key used to sign. This could be either an Id for the key
1245 # stored in `public_key` (such as the Id or fingerprint for a PGP key, or the
1246 # CN for a cert), or a reference to an external key (such as a reference to a
1247 # key in Cloud Key Management Service).
1248 &quot;signature&quot;: &quot;A String&quot;, # Signature of the related `BuildProvenance`, encoded in a base64 string.
1249 &quot;keyType&quot;: &quot;A String&quot;, # The type of the key, either stored in `public_key` or referenced in
1250 # `key_id`
1251 &quot;publicKey&quot;: &quot;A String&quot;, # Public key of the builder which can be used to verify that the related
1252 # findings are valid and unchanged. If `key_type` is empty, this defaults
1253 # to PEM encoded public keys.
1254 #
1255 # This field may be empty if `key_id` references an external key.
1256 #
1257 # For Cloud Build based signatures, this is a PEM encoded public
1258 # key. To verify the Cloud Build signature, place the contents of
1259 # this field into a file (public.pem). The signature field is base64-decoded
1260 # into its binary representation in signature.bin, and the provenance bytes
1261 # from `BuildDetails` are base64-decoded into a binary representation in
1262 # signed.bin. OpenSSL can then verify the signature:
1263 # `openssl sha256 -verify public.pem -signature signature.bin signed.bin`
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001264 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001265 &quot;builderVersion&quot;: &quot;A String&quot;, # Version of the builder which produced this Note.
1266 },
1267 &quot;kind&quot;: &quot;A String&quot;, # Output only. This explicitly denotes which kind of note is specified. This
1268 # field can be used as a filter in list requests.
1269 &quot;longDescription&quot;: &quot;A String&quot;, # A detailed description of this `Note`.
1270 &quot;deployable&quot;: { # An artifact that can be deployed in some runtime. # A note describing something that can be deployed.
1271 &quot;resourceUri&quot;: [ # Resource URI for the artifact being deployed.
1272 &quot;A String&quot;,
1273 ],
1274 },
1275 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The time this note was last updated. This field can be used as
1276 # a filter in list requests.
1277 &quot;shortDescription&quot;: &quot;A String&quot;, # A one sentence description of this `Note`.
1278 &quot;discovery&quot;: { # A note that indicates a type of analysis a provider would perform. This note # A note describing a provider/analysis type.
1279 # exists in a provider&#x27;s project. A `Discovery` occurrence is created in a
1280 # consumer&#x27;s project at the start of analysis. The occurrence&#x27;s operation will
1281 # indicate the status of the analysis. Absence of an occurrence linked to this
1282 # note for a resource indicates that analysis hasn&#x27;t started.
1283 &quot;analysisKind&quot;: &quot;A String&quot;, # The kind of analysis that is handled by this discovery.
1284 },
1285 &quot;attestationAuthority&quot;: { # Note kind that represents a logical attestation &quot;role&quot; or &quot;authority&quot;. For # A note describing an attestation role.
1286 # example, an organization might have one `AttestationAuthority` for &quot;QA&quot; and
1287 # one for &quot;build&quot;. This Note is intended to act strictly as a grouping
1288 # mechanism for the attached Occurrences (Attestations). This grouping
1289 # mechanism also provides a security boundary, since IAM ACLs gate the ability
1290 # for a principle to attach an Occurrence to a given Note. It also provides a
1291 # single point of lookup to find all attached Attestation Occurrences, even if
1292 # they don&#x27;t all live in the same project.
1293 &quot;hint&quot;: { # This submessage provides human-readable hints about the purpose of the
1294 # AttestationAuthority. Because the name of a Note acts as its resource
1295 # reference, it is important to disambiguate the canonical name of the Note
1296 # (which might be a UUID for security purposes) from &quot;readable&quot; names more
1297 # suitable for debug output. Note that these hints should NOT be used to
1298 # look up AttestationAuthorities in security sensitive contexts, such as when
1299 # looking up Attestations to verify.
1300 &quot;humanReadableName&quot;: &quot;A String&quot;, # The human readable name of this Attestation Authority, for example &quot;qa&quot;.
1301 },
1302 },
1303 &quot;upgrade&quot;: { # An Upgrade Note represents a potential upgrade of a package to a given # A note describing an upgrade.
1304 # version. For each package version combination (i.e. bash 4.0, bash 4.1,
1305 # bash 4.1.2), there will be a Upgrade Note.
1306 &quot;package&quot;: &quot;A String&quot;, # Required - The package this Upgrade is for.
1307 &quot;version&quot;: { # Version contains structured information about the version of the package. # Required - The version of the package in machine + human readable form.
1308 # For a discussion of this in Debian/Ubuntu:
1309 # http://serverfault.com/questions/604541/debian-packages-version-convention
1310 # For a discussion of this in Redhat/Fedora/Centos:
1311 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1312 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1313 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1314 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1315 # If kind is not NORMAL, then the other fields are ignored.
1316 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1317 },
1318 &quot;distributions&quot;: [ # Metadata about the upgrade for each specific operating system.
1319 { # The Upgrade Distribution represents metadata about the Upgrade for each
1320 # operating system (CPE). Some distributions have additional metadata around
1321 # updates, classifying them into various categories and severities.
1322 &quot;classification&quot;: &quot;A String&quot;, # The operating system classification of this Upgrade, as specified by the
1323 # upstream operating system upgrade feed.
1324 &quot;cpeUri&quot;: &quot;A String&quot;, # Required - The specific operating system this metadata applies to. See
1325 # https://cpe.mitre.org/specification/.
1326 &quot;severity&quot;: &quot;A String&quot;, # The severity as specified by the upstream operating system.
1327 &quot;cve&quot;: [ # The cve that would be resolved by this upgrade.
1328 &quot;A String&quot;,
1329 ],
1330 },
1331 ],
1332 },
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001333 },
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001334 ],
Bu Sun Kim65020912020-05-20 12:08:20 -07001335 &quot;nextPageToken&quot;: &quot;A String&quot;, # The next pagination token in the list response. It should be used as
1336 # page_token for the following request. An empty value means no more result.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001337 }</pre>
1338</div>
1339
1340<div class="method">
1341 <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
1342 <pre>Retrieves the next page of results.
1343
1344Args:
1345 previous_request: The request for the previous page. (required)
1346 previous_response: The response from the request for the previous page. (required)
1347
1348Returns:
Bu Sun Kim65020912020-05-20 12:08:20 -07001349 A request object that you can call &#x27;execute()&#x27; on to request the next
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001350 page. Returns None if there are no more items in the collection.
1351 </pre>
1352</div>
1353
1354<div class="method">
Dan O'Mearadd494642020-05-01 07:42:23 -07001355 <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001356 <pre>Updates an existing `Note`.
1357
1358Args:
1359 name: string, The name of the note.
Bu Sun Kim65020912020-05-20 12:08:20 -07001360Should be of the form &quot;projects/{provider_id}/notes/{note_id}&quot;. (required)
Dan O'Mearadd494642020-05-01 07:42:23 -07001361 body: object, The request body.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001362 The object takes the form of:
1363
1364{ # Provides a detailed description of a `Note`.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001365 &quot;package&quot;: { # This represents a particular package that is distributed over # A note describing a package hosted by various package managers.
1366 # various channels.
1367 # e.g. glibc (aka libc6) is distributed by many, at various versions.
1368 &quot;distribution&quot;: [ # The various channels by which a package is distributed.
1369 { # This represents a particular channel of distribution for a given package.
1370 # e.g. Debian&#x27;s jessie-backports dpkg mirror
1371 &quot;latestVersion&quot;: { # Version contains structured information about the version of the package. # The latest available version of this package in
1372 # this distribution channel.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001373 # For a discussion of this in Debian/Ubuntu:
1374 # http://serverfault.com/questions/604541/debian-packages-version-convention
1375 # For a discussion of this in Redhat/Fedora/Centos:
1376 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
Bu Sun Kim65020912020-05-20 12:08:20 -07001377 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001378 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
Bu Sun Kim65020912020-05-20 12:08:20 -07001379 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001380 # If kind is not NORMAL, then the other fields are ignored.
Bu Sun Kim65020912020-05-20 12:08:20 -07001381 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001382 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001383 &quot;maintainer&quot;: &quot;A String&quot;, # A freeform string denoting the maintainer of this package.
1384 &quot;architecture&quot;: &quot;A String&quot;, # The CPU architecture for which packages in this distribution
1385 # channel were built
1386 &quot;description&quot;: &quot;A String&quot;, # The distribution channel-specific description of this package.
1387 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format](https://cpe.mitre.org/specification/)
1388 # denoting the package manager version distributing a package.
1389 &quot;url&quot;: &quot;A String&quot;, # The distribution channel-specific homepage for this package.
Bu Sun Kim65020912020-05-20 12:08:20 -07001390 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001391 ],
1392 &quot;name&quot;: &quot;A String&quot;, # The name of the package.
Bu Sun Kim65020912020-05-20 12:08:20 -07001393 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001394 &quot;name&quot;: &quot;A String&quot;, # The name of the note in the form
1395 # &quot;projects/{provider_project_id}/notes/{NOTE_ID}&quot;
Bu Sun Kim65020912020-05-20 12:08:20 -07001396 &quot;relatedUrl&quot;: [ # URLs associated with this note
1397 { # Metadata for any related URL information
Bu Sun Kim65020912020-05-20 12:08:20 -07001398 &quot;label&quot;: &quot;A String&quot;, # Label to describe usage of the URL
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001399 &quot;url&quot;: &quot;A String&quot;, # Specific URL to associate with the note
Bu Sun Kim65020912020-05-20 12:08:20 -07001400 },
1401 ],
1402 &quot;expirationTime&quot;: &quot;A String&quot;, # Time of expiration for this note, null if note does not expire.
1403 &quot;baseImage&quot;: { # Basis describes the base image portion (Note) of the DockerImage # A note describing a base image.
1404 # relationship. Linked occurrences are derived from this or an
1405 # equivalent image via:
1406 # FROM &lt;Basis.resource_url&gt;
1407 # Or an equivalent reference, e.g. a tag of the resource_url.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001408 &quot;resourceUrl&quot;: &quot;A String&quot;, # The resource_url for the resource representing the basis of
1409 # associated occurrence images.
Bu Sun Kim65020912020-05-20 12:08:20 -07001410 &quot;fingerprint&quot;: { # A set of properties that uniquely identify a given Docker image. # The fingerprint of the base image.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001411 &quot;v2Name&quot;: &quot;A String&quot;, # Output only. The name of the image&#x27;s v2 blobs computed via:
1412 # [bottom] := v2_blobbottom := sha256(v2_blob[N] + &quot; &quot; + v2_name[N+1])
1413 # Only the name of the final blob is kept.
1414 # This field can be used as a filter in list requests.
Bu Sun Kim65020912020-05-20 12:08:20 -07001415 &quot;v2Blob&quot;: [ # The ordered list of v2 blobs that represent a given image.
1416 &quot;A String&quot;,
1417 ],
1418 &quot;v1Name&quot;: &quot;A String&quot;, # The layer-id of the final layer in the Docker image&#x27;s v1
1419 # representation.
1420 # This field can be used as a filter in list requests.
Bu Sun Kim65020912020-05-20 12:08:20 -07001421 },
Bu Sun Kim65020912020-05-20 12:08:20 -07001422 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001423 &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time this note was created. This field can be used as a
1424 # filter in list requests.
1425 &quot;vulnerabilityType&quot;: { # VulnerabilityType provides metadata about a security vulnerability. # A package vulnerability type of note.
1426 &quot;details&quot;: [ # All information about the package to specifically identify this
1427 # vulnerability. One entry per (version range and cpe_uri) the
1428 # package vulnerability has manifested in.
1429 { # Identifies all occurrences of this vulnerability in the package for a
1430 # specific distro/location
1431 # For example: glibc in cpe:/o:debian:debian_linux:8 for versions 2.1 - 2.2
1432 &quot;isObsolete&quot;: True or False, # Whether this Detail is obsolete. Occurrences are expected not to point to
1433 # obsolete details.
1434 &quot;minAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The min version of the package in which the vulnerability exists.
1435 # For a discussion of this in Debian/Ubuntu:
1436 # http://serverfault.com/questions/604541/debian-packages-version-convention
1437 # For a discussion of this in Redhat/Fedora/Centos:
1438 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1439 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1440 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1441 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1442 # If kind is not NORMAL, then the other fields are ignored.
1443 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1444 },
1445 &quot;maxAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The max version of the package in which the vulnerability exists.
1446 # For a discussion of this in Debian/Ubuntu:
1447 # http://serverfault.com/questions/604541/debian-packages-version-convention
1448 # For a discussion of this in Redhat/Fedora/Centos:
1449 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1450 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1451 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1452 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1453 # If kind is not NORMAL, then the other fields are ignored.
1454 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1455 },
1456 &quot;packageType&quot;: &quot;A String&quot;, # The type of package; whether native or non native(ruby gems,
1457 # node.js packages etc)
1458 &quot;fixedLocation&quot;: { # The location of the vulnerability # The fix for this specific package version.
1459 &quot;version&quot;: { # Version contains structured information about the version of the package. # The version of the package being described. This field can be used as a
1460 # filter in list requests.
1461 # For a discussion of this in Debian/Ubuntu:
1462 # http://serverfault.com/questions/604541/debian-packages-version-convention
1463 # For a discussion of this in Redhat/Fedora/Centos:
1464 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1465 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1466 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1467 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1468 # If kind is not NORMAL, then the other fields are ignored.
1469 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1470 },
1471 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/)
1472 # format. Examples include distro or storage location for vulnerable jar.
1473 # This field can be used as a filter in list requests.
1474 &quot;package&quot;: &quot;A String&quot;, # The package being described.
1475 },
1476 &quot;description&quot;: &quot;A String&quot;, # A vendor-specific description of this note.
1477 &quot;package&quot;: &quot;A String&quot;, # The name of the package where the vulnerability was found.
1478 # This field can be used as a filter in list requests.
1479 &quot;severityName&quot;: &quot;A String&quot;, # The severity (eg: distro assigned severity) for this vulnerability.
1480 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in
1481 # which the vulnerability manifests. Examples include distro or storage
1482 # location for vulnerable jar.
1483 # This field can be used as a filter in list requests.
1484 },
1485 ],
1486 &quot;severity&quot;: &quot;A String&quot;, # Note provider assigned impact of the vulnerability
1487 &quot;cvssScore&quot;: 3.14, # The CVSS score for this Vulnerability.
1488 },
Bu Sun Kim65020912020-05-20 12:08:20 -07001489 &quot;buildType&quot;: { # Note holding the version of the provider&#x27;s builder and the signature of # Build provenance type for a verifiable build.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001490 # the provenance message in linked BuildDetails.
Bu Sun Kim65020912020-05-20 12:08:20 -07001491 &quot;signature&quot;: { # Message encapsulating the signature of the verified build. # Signature of the build in Occurrences pointing to the Note containing this
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001492 # `BuilderDetails`.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001493 &quot;keyId&quot;: &quot;A String&quot;, # An Id for the key used to sign. This could be either an Id for the key
1494 # stored in `public_key` (such as the Id or fingerprint for a PGP key, or the
1495 # CN for a cert), or a reference to an external key (such as a reference to a
1496 # key in Cloud Key Management Service).
1497 &quot;signature&quot;: &quot;A String&quot;, # Signature of the related `BuildProvenance`, encoded in a base64 string.
1498 &quot;keyType&quot;: &quot;A String&quot;, # The type of the key, either stored in `public_key` or referenced in
1499 # `key_id`
Bu Sun Kim65020912020-05-20 12:08:20 -07001500 &quot;publicKey&quot;: &quot;A String&quot;, # Public key of the builder which can be used to verify that the related
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001501 # findings are valid and unchanged. If `key_type` is empty, this defaults
1502 # to PEM encoded public keys.
1503 #
1504 # This field may be empty if `key_id` references an external key.
1505 #
1506 # For Cloud Build based signatures, this is a PEM encoded public
1507 # key. To verify the Cloud Build signature, place the contents of
1508 # this field into a file (public.pem). The signature field is base64-decoded
1509 # into its binary representation in signature.bin, and the provenance bytes
1510 # from `BuildDetails` are base64-decoded into a binary representation in
1511 # signed.bin. OpenSSL can then verify the signature:
1512 # `openssl sha256 -verify public.pem -signature signature.bin signed.bin`
Bu Sun Kim65020912020-05-20 12:08:20 -07001513 },
1514 &quot;builderVersion&quot;: &quot;A String&quot;, # Version of the builder which produced this Note.
1515 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001516 &quot;kind&quot;: &quot;A String&quot;, # Output only. This explicitly denotes which kind of note is specified. This
1517 # field can be used as a filter in list requests.
Bu Sun Kim65020912020-05-20 12:08:20 -07001518 &quot;longDescription&quot;: &quot;A String&quot;, # A detailed description of this `Note`.
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -07001519 &quot;deployable&quot;: { # An artifact that can be deployed in some runtime. # A note describing something that can be deployed.
1520 &quot;resourceUri&quot;: [ # Resource URI for the artifact being deployed.
1521 &quot;A String&quot;,
1522 ],
1523 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001524 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The time this note was last updated. This field can be used as
1525 # a filter in list requests.
Bu Sun Kim65020912020-05-20 12:08:20 -07001526 &quot;shortDescription&quot;: &quot;A String&quot;, # A one sentence description of this `Note`.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001527 &quot;discovery&quot;: { # A note that indicates a type of analysis a provider would perform. This note # A note describing a provider/analysis type.
1528 # exists in a provider&#x27;s project. A `Discovery` occurrence is created in a
1529 # consumer&#x27;s project at the start of analysis. The occurrence&#x27;s operation will
1530 # indicate the status of the analysis. Absence of an occurrence linked to this
1531 # note for a resource indicates that analysis hasn&#x27;t started.
1532 &quot;analysisKind&quot;: &quot;A String&quot;, # The kind of analysis that is handled by this discovery.
1533 },
Bu Sun Kim65020912020-05-20 12:08:20 -07001534 &quot;attestationAuthority&quot;: { # Note kind that represents a logical attestation &quot;role&quot; or &quot;authority&quot;. For # A note describing an attestation role.
1535 # example, an organization might have one `AttestationAuthority` for &quot;QA&quot; and
1536 # one for &quot;build&quot;. This Note is intended to act strictly as a grouping
1537 # mechanism for the attached Occurrences (Attestations). This grouping
1538 # mechanism also provides a security boundary, since IAM ACLs gate the ability
1539 # for a principle to attach an Occurrence to a given Note. It also provides a
1540 # single point of lookup to find all attached Attestation Occurrences, even if
1541 # they don&#x27;t all live in the same project.
1542 &quot;hint&quot;: { # This submessage provides human-readable hints about the purpose of the
1543 # AttestationAuthority. Because the name of a Note acts as its resource
1544 # reference, it is important to disambiguate the canonical name of the Note
1545 # (which might be a UUID for security purposes) from &quot;readable&quot; names more
1546 # suitable for debug output. Note that these hints should NOT be used to
1547 # look up AttestationAuthorities in security sensitive contexts, such as when
1548 # looking up Attestations to verify.
1549 &quot;humanReadableName&quot;: &quot;A String&quot;, # The human readable name of this Attestation Authority, for example &quot;qa&quot;.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001550 },
1551 },
Bu Sun Kim65020912020-05-20 12:08:20 -07001552 &quot;upgrade&quot;: { # An Upgrade Note represents a potential upgrade of a package to a given # A note describing an upgrade.
1553 # version. For each package version combination (i.e. bash 4.0, bash 4.1,
1554 # bash 4.1.2), there will be a Upgrade Note.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001555 &quot;package&quot;: &quot;A String&quot;, # Required - The package this Upgrade is for.
Bu Sun Kim65020912020-05-20 12:08:20 -07001556 &quot;version&quot;: { # Version contains structured information about the version of the package. # Required - The version of the package in machine + human readable form.
1557 # For a discussion of this in Debian/Ubuntu:
1558 # http://serverfault.com/questions/604541/debian-packages-version-convention
1559 # For a discussion of this in Redhat/Fedora/Centos:
1560 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1561 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001562 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
Bu Sun Kim65020912020-05-20 12:08:20 -07001563 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1564 # If kind is not NORMAL, then the other fields are ignored.
1565 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
Bu Sun Kim65020912020-05-20 12:08:20 -07001566 },
1567 &quot;distributions&quot;: [ # Metadata about the upgrade for each specific operating system.
1568 { # The Upgrade Distribution represents metadata about the Upgrade for each
1569 # operating system (CPE). Some distributions have additional metadata around
1570 # updates, classifying them into various categories and severities.
Bu Sun Kim65020912020-05-20 12:08:20 -07001571 &quot;classification&quot;: &quot;A String&quot;, # The operating system classification of this Upgrade, as specified by the
1572 # upstream operating system upgrade feed.
Bu Sun Kim65020912020-05-20 12:08:20 -07001573 &quot;cpeUri&quot;: &quot;A String&quot;, # Required - The specific operating system this metadata applies to. See
1574 # https://cpe.mitre.org/specification/.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001575 &quot;severity&quot;: &quot;A String&quot;, # The severity as specified by the upstream operating system.
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -07001576 &quot;cve&quot;: [ # The cve that would be resolved by this upgrade.
1577 &quot;A String&quot;,
1578 ],
Bu Sun Kim65020912020-05-20 12:08:20 -07001579 },
1580 ],
1581 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001582 }
1583
1584 updateMask: string, The fields to update.
1585 x__xgafv: string, V1 error format.
1586 Allowed values
1587 1 - v1 error format
1588 2 - v2 error format
1589
1590Returns:
1591 An object of the form:
1592
1593 { # Provides a detailed description of a `Note`.
1594 &quot;package&quot;: { # This represents a particular package that is distributed over # A note describing a package hosted by various package managers.
1595 # various channels.
1596 # e.g. glibc (aka libc6) is distributed by many, at various versions.
1597 &quot;distribution&quot;: [ # The various channels by which a package is distributed.
1598 { # This represents a particular channel of distribution for a given package.
1599 # e.g. Debian&#x27;s jessie-backports dpkg mirror
1600 &quot;latestVersion&quot;: { # Version contains structured information about the version of the package. # The latest available version of this package in
1601 # this distribution channel.
1602 # For a discussion of this in Debian/Ubuntu:
1603 # http://serverfault.com/questions/604541/debian-packages-version-convention
1604 # For a discussion of this in Redhat/Fedora/Centos:
1605 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1606 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1607 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1608 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1609 # If kind is not NORMAL, then the other fields are ignored.
1610 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1611 },
1612 &quot;maintainer&quot;: &quot;A String&quot;, # A freeform string denoting the maintainer of this package.
1613 &quot;architecture&quot;: &quot;A String&quot;, # The CPU architecture for which packages in this distribution
1614 # channel were built
1615 &quot;description&quot;: &quot;A String&quot;, # The distribution channel-specific description of this package.
1616 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format](https://cpe.mitre.org/specification/)
1617 # denoting the package manager version distributing a package.
1618 &quot;url&quot;: &quot;A String&quot;, # The distribution channel-specific homepage for this package.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001619 },
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001620 ],
1621 &quot;name&quot;: &quot;A String&quot;, # The name of the package.
1622 },
1623 &quot;name&quot;: &quot;A String&quot;, # The name of the note in the form
1624 # &quot;projects/{provider_project_id}/notes/{NOTE_ID}&quot;
1625 &quot;relatedUrl&quot;: [ # URLs associated with this note
1626 { # Metadata for any related URL information
1627 &quot;label&quot;: &quot;A String&quot;, # Label to describe usage of the URL
1628 &quot;url&quot;: &quot;A String&quot;, # Specific URL to associate with the note
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001629 },
1630 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001631 &quot;expirationTime&quot;: &quot;A String&quot;, # Time of expiration for this note, null if note does not expire.
1632 &quot;baseImage&quot;: { # Basis describes the base image portion (Note) of the DockerImage # A note describing a base image.
1633 # relationship. Linked occurrences are derived from this or an
1634 # equivalent image via:
1635 # FROM &lt;Basis.resource_url&gt;
1636 # Or an equivalent reference, e.g. a tag of the resource_url.
1637 &quot;resourceUrl&quot;: &quot;A String&quot;, # The resource_url for the resource representing the basis of
1638 # associated occurrence images.
1639 &quot;fingerprint&quot;: { # A set of properties that uniquely identify a given Docker image. # The fingerprint of the base image.
1640 &quot;v2Name&quot;: &quot;A String&quot;, # Output only. The name of the image&#x27;s v2 blobs computed via:
1641 # [bottom] := v2_blobbottom := sha256(v2_blob[N] + &quot; &quot; + v2_name[N+1])
1642 # Only the name of the final blob is kept.
1643 # This field can be used as a filter in list requests.
1644 &quot;v2Blob&quot;: [ # The ordered list of v2 blobs that represent a given image.
1645 &quot;A String&quot;,
1646 ],
1647 &quot;v1Name&quot;: &quot;A String&quot;, # The layer-id of the final layer in the Docker image&#x27;s v1
1648 # representation.
1649 # This field can be used as a filter in list requests.
1650 },
1651 },
1652 &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time this note was created. This field can be used as a
1653 # filter in list requests.
1654 &quot;vulnerabilityType&quot;: { # VulnerabilityType provides metadata about a security vulnerability. # A package vulnerability type of note.
1655 &quot;details&quot;: [ # All information about the package to specifically identify this
1656 # vulnerability. One entry per (version range and cpe_uri) the
1657 # package vulnerability has manifested in.
1658 { # Identifies all occurrences of this vulnerability in the package for a
1659 # specific distro/location
1660 # For example: glibc in cpe:/o:debian:debian_linux:8 for versions 2.1 - 2.2
1661 &quot;isObsolete&quot;: True or False, # Whether this Detail is obsolete. Occurrences are expected not to point to
1662 # obsolete details.
1663 &quot;minAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The min version of the package in which the vulnerability exists.
1664 # For a discussion of this in Debian/Ubuntu:
1665 # http://serverfault.com/questions/604541/debian-packages-version-convention
1666 # For a discussion of this in Redhat/Fedora/Centos:
1667 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1668 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1669 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1670 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1671 # If kind is not NORMAL, then the other fields are ignored.
1672 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1673 },
1674 &quot;maxAffectedVersion&quot;: { # Version contains structured information about the version of the package. # The max version of the package in which the vulnerability exists.
1675 # For a discussion of this in Debian/Ubuntu:
1676 # http://serverfault.com/questions/604541/debian-packages-version-convention
1677 # For a discussion of this in Redhat/Fedora/Centos:
1678 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1679 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1680 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1681 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1682 # If kind is not NORMAL, then the other fields are ignored.
1683 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1684 },
1685 &quot;packageType&quot;: &quot;A String&quot;, # The type of package; whether native or non native(ruby gems,
1686 # node.js packages etc)
1687 &quot;fixedLocation&quot;: { # The location of the vulnerability # The fix for this specific package version.
1688 &quot;version&quot;: { # Version contains structured information about the version of the package. # The version of the package being described. This field can be used as a
1689 # filter in list requests.
1690 # For a discussion of this in Debian/Ubuntu:
1691 # http://serverfault.com/questions/604541/debian-packages-version-convention
1692 # For a discussion of this in Redhat/Fedora/Centos:
1693 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1694 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1695 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1696 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1697 # If kind is not NORMAL, then the other fields are ignored.
1698 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1699 },
1700 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/)
1701 # format. Examples include distro or storage location for vulnerable jar.
1702 # This field can be used as a filter in list requests.
1703 &quot;package&quot;: &quot;A String&quot;, # The package being described.
1704 },
1705 &quot;description&quot;: &quot;A String&quot;, # A vendor-specific description of this note.
1706 &quot;package&quot;: &quot;A String&quot;, # The name of the package where the vulnerability was found.
1707 # This field can be used as a filter in list requests.
1708 &quot;severityName&quot;: &quot;A String&quot;, # The severity (eg: distro assigned severity) for this vulnerability.
1709 &quot;cpeUri&quot;: &quot;A String&quot;, # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in
1710 # which the vulnerability manifests. Examples include distro or storage
1711 # location for vulnerable jar.
1712 # This field can be used as a filter in list requests.
1713 },
1714 ],
1715 &quot;severity&quot;: &quot;A String&quot;, # Note provider assigned impact of the vulnerability
1716 &quot;cvssScore&quot;: 3.14, # The CVSS score for this Vulnerability.
1717 },
1718 &quot;buildType&quot;: { # Note holding the version of the provider&#x27;s builder and the signature of # Build provenance type for a verifiable build.
1719 # the provenance message in linked BuildDetails.
1720 &quot;signature&quot;: { # Message encapsulating the signature of the verified build. # Signature of the build in Occurrences pointing to the Note containing this
1721 # `BuilderDetails`.
1722 &quot;keyId&quot;: &quot;A String&quot;, # An Id for the key used to sign. This could be either an Id for the key
1723 # stored in `public_key` (such as the Id or fingerprint for a PGP key, or the
1724 # CN for a cert), or a reference to an external key (such as a reference to a
1725 # key in Cloud Key Management Service).
1726 &quot;signature&quot;: &quot;A String&quot;, # Signature of the related `BuildProvenance`, encoded in a base64 string.
1727 &quot;keyType&quot;: &quot;A String&quot;, # The type of the key, either stored in `public_key` or referenced in
1728 # `key_id`
1729 &quot;publicKey&quot;: &quot;A String&quot;, # Public key of the builder which can be used to verify that the related
1730 # findings are valid and unchanged. If `key_type` is empty, this defaults
1731 # to PEM encoded public keys.
1732 #
1733 # This field may be empty if `key_id` references an external key.
1734 #
1735 # For Cloud Build based signatures, this is a PEM encoded public
1736 # key. To verify the Cloud Build signature, place the contents of
1737 # this field into a file (public.pem). The signature field is base64-decoded
1738 # into its binary representation in signature.bin, and the provenance bytes
1739 # from `BuildDetails` are base64-decoded into a binary representation in
1740 # signed.bin. OpenSSL can then verify the signature:
1741 # `openssl sha256 -verify public.pem -signature signature.bin signed.bin`
1742 },
1743 &quot;builderVersion&quot;: &quot;A String&quot;, # Version of the builder which produced this Note.
1744 },
1745 &quot;kind&quot;: &quot;A String&quot;, # Output only. This explicitly denotes which kind of note is specified. This
1746 # field can be used as a filter in list requests.
1747 &quot;longDescription&quot;: &quot;A String&quot;, # A detailed description of this `Note`.
1748 &quot;deployable&quot;: { # An artifact that can be deployed in some runtime. # A note describing something that can be deployed.
1749 &quot;resourceUri&quot;: [ # Resource URI for the artifact being deployed.
1750 &quot;A String&quot;,
1751 ],
1752 },
1753 &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The time this note was last updated. This field can be used as
1754 # a filter in list requests.
1755 &quot;shortDescription&quot;: &quot;A String&quot;, # A one sentence description of this `Note`.
1756 &quot;discovery&quot;: { # A note that indicates a type of analysis a provider would perform. This note # A note describing a provider/analysis type.
1757 # exists in a provider&#x27;s project. A `Discovery` occurrence is created in a
1758 # consumer&#x27;s project at the start of analysis. The occurrence&#x27;s operation will
1759 # indicate the status of the analysis. Absence of an occurrence linked to this
1760 # note for a resource indicates that analysis hasn&#x27;t started.
1761 &quot;analysisKind&quot;: &quot;A String&quot;, # The kind of analysis that is handled by this discovery.
1762 },
1763 &quot;attestationAuthority&quot;: { # Note kind that represents a logical attestation &quot;role&quot; or &quot;authority&quot;. For # A note describing an attestation role.
1764 # example, an organization might have one `AttestationAuthority` for &quot;QA&quot; and
1765 # one for &quot;build&quot;. This Note is intended to act strictly as a grouping
1766 # mechanism for the attached Occurrences (Attestations). This grouping
1767 # mechanism also provides a security boundary, since IAM ACLs gate the ability
1768 # for a principle to attach an Occurrence to a given Note. It also provides a
1769 # single point of lookup to find all attached Attestation Occurrences, even if
1770 # they don&#x27;t all live in the same project.
1771 &quot;hint&quot;: { # This submessage provides human-readable hints about the purpose of the
1772 # AttestationAuthority. Because the name of a Note acts as its resource
1773 # reference, it is important to disambiguate the canonical name of the Note
1774 # (which might be a UUID for security purposes) from &quot;readable&quot; names more
1775 # suitable for debug output. Note that these hints should NOT be used to
1776 # look up AttestationAuthorities in security sensitive contexts, such as when
1777 # looking up Attestations to verify.
1778 &quot;humanReadableName&quot;: &quot;A String&quot;, # The human readable name of this Attestation Authority, for example &quot;qa&quot;.
1779 },
1780 },
1781 &quot;upgrade&quot;: { # An Upgrade Note represents a potential upgrade of a package to a given # A note describing an upgrade.
1782 # version. For each package version combination (i.e. bash 4.0, bash 4.1,
1783 # bash 4.1.2), there will be a Upgrade Note.
1784 &quot;package&quot;: &quot;A String&quot;, # Required - The package this Upgrade is for.
1785 &quot;version&quot;: { # Version contains structured information about the version of the package. # Required - The version of the package in machine + human readable form.
1786 # For a discussion of this in Debian/Ubuntu:
1787 # http://serverfault.com/questions/604541/debian-packages-version-convention
1788 # For a discussion of this in Redhat/Fedora/Centos:
1789 # http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/
1790 &quot;name&quot;: &quot;A String&quot;, # The main part of the version name.
1791 &quot;revision&quot;: &quot;A String&quot;, # The iteration of the package build from the above version.
1792 &quot;kind&quot;: &quot;A String&quot;, # Distinguish between sentinel MIN/MAX versions and normal versions.
1793 # If kind is not NORMAL, then the other fields are ignored.
1794 &quot;epoch&quot;: 42, # Used to correct mistakes in the version numbering scheme.
1795 },
1796 &quot;distributions&quot;: [ # Metadata about the upgrade for each specific operating system.
1797 { # The Upgrade Distribution represents metadata about the Upgrade for each
1798 # operating system (CPE). Some distributions have additional metadata around
1799 # updates, classifying them into various categories and severities.
1800 &quot;classification&quot;: &quot;A String&quot;, # The operating system classification of this Upgrade, as specified by the
1801 # upstream operating system upgrade feed.
1802 &quot;cpeUri&quot;: &quot;A String&quot;, # Required - The specific operating system this metadata applies to. See
1803 # https://cpe.mitre.org/specification/.
1804 &quot;severity&quot;: &quot;A String&quot;, # The severity as specified by the upstream operating system.
1805 &quot;cve&quot;: [ # The cve that would be resolved by this upgrade.
1806 &quot;A String&quot;,
1807 ],
1808 },
1809 ],
1810 },
1811 }</pre>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001812</div>
1813
1814<div class="method">
Dan O'Mearadd494642020-05-01 07:42:23 -07001815 <code class="details" id="setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</code>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001816 <pre>Sets the access control policy on the specified `Note` or `Occurrence`.
1817Requires `containeranalysis.notes.setIamPolicy` or
1818`containeranalysis.occurrences.setIamPolicy` permission if the resource is
1819a `Note` or an `Occurrence`, respectively.
1820Attempting to call this method without these permissions will result in a `
1821`PERMISSION_DENIED` error.
1822Attempting to call this method on a non-existent resource will result in a
1823`NOT_FOUND` error if the user has `containeranalysis.notes.list` permission
1824on a `Note` or `containeranalysis.occurrences.list` on an `Occurrence`, or
1825a `PERMISSION_DENIED` error otherwise. The resource takes the following
1826formats: `projects/{projectid}/occurrences/{occurrenceid}` for occurrences
1827and projects/{projectid}/notes/{noteid} for notes
1828
1829Args:
1830 resource: string, REQUIRED: The resource for which the policy is being specified.
1831See the operation documentation for the appropriate value for this field. (required)
Dan O'Mearadd494642020-05-01 07:42:23 -07001832 body: object, The request body.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001833 The object takes the form of:
1834
1835{ # Request message for `SetIamPolicy` method.
Bu Sun Kim65020912020-05-20 12:08:20 -07001836 &quot;policy&quot;: { # An Identity and Access Management (IAM) policy, which specifies access # REQUIRED: The complete policy to be applied to the `resource`. The size of
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001837 # the policy is limited to a few 10s of KB. An empty policy is a
1838 # valid policy but certain Cloud Platform services (such as Projects)
1839 # might reject them.
Dan O'Mearadd494642020-05-01 07:42:23 -07001840 # controls for Google Cloud resources.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001841 #
1842 #
Dan O'Mearadd494642020-05-01 07:42:23 -07001843 # A `Policy` is a collection of `bindings`. A `binding` binds one or more
1844 # `members` to a single `role`. Members can be user accounts, service accounts,
1845 # Google groups, and domains (such as G Suite). A `role` is a named list of
1846 # permissions; each `role` can be an IAM predefined role or a user-created
1847 # custom role.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001848 #
Bu Sun Kim65020912020-05-20 12:08:20 -07001849 # For some types of Google Cloud resources, a `binding` can also specify a
1850 # `condition`, which is a logical expression that allows access to a resource
1851 # only if the expression evaluates to `true`. A condition can add constraints
1852 # based on attributes of the request, the resource, or both. To learn which
1853 # resources support conditions in their IAM policies, see the
1854 # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
Dan O'Mearadd494642020-05-01 07:42:23 -07001855 #
1856 # **JSON example:**
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001857 #
1858 # {
Bu Sun Kim65020912020-05-20 12:08:20 -07001859 # &quot;bindings&quot;: [
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001860 # {
Bu Sun Kim65020912020-05-20 12:08:20 -07001861 # &quot;role&quot;: &quot;roles/resourcemanager.organizationAdmin&quot;,
1862 # &quot;members&quot;: [
1863 # &quot;user:mike@example.com&quot;,
1864 # &quot;group:admins@example.com&quot;,
1865 # &quot;domain:google.com&quot;,
1866 # &quot;serviceAccount:my-project-id@appspot.gserviceaccount.com&quot;
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001867 # ]
1868 # },
1869 # {
Bu Sun Kim65020912020-05-20 12:08:20 -07001870 # &quot;role&quot;: &quot;roles/resourcemanager.organizationViewer&quot;,
1871 # &quot;members&quot;: [
1872 # &quot;user:eve@example.com&quot;
1873 # ],
1874 # &quot;condition&quot;: {
1875 # &quot;title&quot;: &quot;expirable access&quot;,
1876 # &quot;description&quot;: &quot;Does not grant access after Sep 2020&quot;,
1877 # &quot;expression&quot;: &quot;request.time &lt; timestamp(&#x27;2020-10-01T00:00:00.000Z&#x27;)&quot;,
Dan O'Mearadd494642020-05-01 07:42:23 -07001878 # }
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001879 # }
Dan O'Mearadd494642020-05-01 07:42:23 -07001880 # ],
Bu Sun Kim65020912020-05-20 12:08:20 -07001881 # &quot;etag&quot;: &quot;BwWWja0YfJA=&quot;,
1882 # &quot;version&quot;: 3
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001883 # }
1884 #
Dan O'Mearadd494642020-05-01 07:42:23 -07001885 # **YAML example:**
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001886 #
1887 # bindings:
1888 # - members:
1889 # - user:mike@example.com
1890 # - group:admins@example.com
1891 # - domain:google.com
Dan O'Mearadd494642020-05-01 07:42:23 -07001892 # - serviceAccount:my-project-id@appspot.gserviceaccount.com
1893 # role: roles/resourcemanager.organizationAdmin
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001894 # - members:
Dan O'Mearadd494642020-05-01 07:42:23 -07001895 # - user:eve@example.com
1896 # role: roles/resourcemanager.organizationViewer
1897 # condition:
1898 # title: expirable access
1899 # description: Does not grant access after Sep 2020
Bu Sun Kim65020912020-05-20 12:08:20 -07001900 # expression: request.time &lt; timestamp(&#x27;2020-10-01T00:00:00.000Z&#x27;)
Dan O'Mearadd494642020-05-01 07:42:23 -07001901 # - etag: BwWWja0YfJA=
1902 # - version: 3
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001903 #
1904 # For a description of IAM and its features, see the
Dan O'Mearadd494642020-05-01 07:42:23 -07001905 # [IAM documentation](https://cloud.google.com/iam/docs/).
Bu Sun Kim65020912020-05-20 12:08:20 -07001906 &quot;bindings&quot;: [ # Associates a list of `members` to a `role`. Optionally, may specify a
Dan O'Mearadd494642020-05-01 07:42:23 -07001907 # `condition` that determines how and when the `bindings` are applied. Each
1908 # of the `bindings` must contain at least one member.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001909 { # Associates `members` with a `role`.
Bu Sun Kim65020912020-05-20 12:08:20 -07001910 &quot;condition&quot;: { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding.
1911 #
1912 # If the condition evaluates to `true`, then this binding applies to the
1913 # current request.
1914 #
1915 # If the condition evaluates to `false`, then this binding does not apply to
1916 # the current request. However, a different role binding might grant the same
1917 # role to one or more of the members in this binding.
1918 #
1919 # To learn which resources support conditions in their IAM policies, see the
1920 # [IAM
1921 # documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
1922 # syntax. CEL is a C-like expression language. The syntax and semantics of CEL
1923 # are documented at https://github.com/google/cel-spec.
1924 #
1925 # Example (Comparison):
1926 #
1927 # title: &quot;Summary size limit&quot;
1928 # description: &quot;Determines if a summary is less than 100 chars&quot;
1929 # expression: &quot;document.summary.size() &lt; 100&quot;
1930 #
1931 # Example (Equality):
1932 #
1933 # title: &quot;Requestor is owner&quot;
1934 # description: &quot;Determines if requestor is the document owner&quot;
1935 # expression: &quot;document.owner == request.auth.claims.email&quot;
1936 #
1937 # Example (Logic):
1938 #
1939 # title: &quot;Public documents&quot;
1940 # description: &quot;Determine whether the document should be publicly visible&quot;
1941 # expression: &quot;document.type != &#x27;private&#x27; &amp;&amp; document.type != &#x27;internal&#x27;&quot;
1942 #
1943 # Example (Data Manipulation):
1944 #
1945 # title: &quot;Notification string&quot;
1946 # description: &quot;Create a notification string with a timestamp.&quot;
1947 # expression: &quot;&#x27;New message received at &#x27; + string(document.create_time)&quot;
1948 #
1949 # The exact variables and functions that may be referenced within an expression
1950 # are determined by the service that evaluates it. See the service
1951 # documentation for additional information.
Bu Sun Kim65020912020-05-20 12:08:20 -07001952 &quot;title&quot;: &quot;A String&quot;, # Optional. Title for the expression, i.e. a short string describing
1953 # its purpose. This can be used e.g. in UIs which allow to enter the
1954 # expression.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07001955 &quot;expression&quot;: &quot;A String&quot;, # Textual representation of an expression in Common Expression Language
1956 # syntax.
Bu Sun Kim65020912020-05-20 12:08:20 -07001957 &quot;location&quot;: &quot;A String&quot;, # Optional. String indicating the location of the expression for error
1958 # reporting, e.g. a file name and a position in the file.
1959 &quot;description&quot;: &quot;A String&quot;, # Optional. Description of the expression. This is a longer text which
1960 # describes the expression, e.g. when hovered over it in a UI.
1961 },
1962 &quot;members&quot;: [ # Specifies the identities requesting access for a Cloud Platform resource.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001963 # `members` can have the following values:
1964 #
1965 # * `allUsers`: A special identifier that represents anyone who is
1966 # on the internet; with or without a Google account.
1967 #
1968 # * `allAuthenticatedUsers`: A special identifier that represents anyone
1969 # who is authenticated with a Google account or a service account.
1970 #
1971 # * `user:{emailid}`: An email address that represents a specific Google
Dan O'Mearadd494642020-05-01 07:42:23 -07001972 # account. For example, `alice@example.com` .
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001973 #
1974 #
1975 # * `serviceAccount:{emailid}`: An email address that represents a service
1976 # account. For example, `my-other-app@appspot.gserviceaccount.com`.
1977 #
1978 # * `group:{emailid}`: An email address that represents a Google group.
1979 # For example, `admins@example.com`.
1980 #
Dan O'Mearadd494642020-05-01 07:42:23 -07001981 # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
1982 # identifier) representing a user that has been recently deleted. For
1983 # example, `alice@example.com?uid=123456789012345678901`. If the user is
1984 # recovered, this value reverts to `user:{emailid}` and the recovered user
1985 # retains the role in the binding.
1986 #
1987 # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
1988 # unique identifier) representing a service account that has been recently
1989 # deleted. For example,
1990 # `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
1991 # If the service account is undeleted, this value reverts to
1992 # `serviceAccount:{emailid}` and the undeleted service account retains the
1993 # role in the binding.
1994 #
1995 # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique
1996 # identifier) representing a Google group that has been recently
1997 # deleted. For example, `admins@example.com?uid=123456789012345678901`. If
1998 # the group is recovered, this value reverts to `group:{emailid}` and the
1999 # recovered group retains the role in the binding.
2000 #
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002001 #
2002 # * `domain:{domain}`: The G Suite domain (primary) that represents all the
2003 # users of that domain. For example, `google.com` or `example.com`.
2004 #
Bu Sun Kim65020912020-05-20 12:08:20 -07002005 &quot;A String&quot;,
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002006 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -07002007 &quot;role&quot;: &quot;A String&quot;, # Role that is assigned to `members`.
2008 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002009 },
2010 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -07002011 &quot;version&quot;: 42, # Specifies the format of the policy.
2012 #
2013 # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
2014 # are rejected.
2015 #
2016 # Any operation that affects conditional role bindings must specify version
2017 # `3`. This requirement applies to the following operations:
2018 #
2019 # * Getting a policy that includes a conditional role binding
2020 # * Adding a conditional role binding to a policy
2021 # * Changing a conditional role binding in a policy
2022 # * Removing any role binding, with or without a condition, from a policy
2023 # that includes conditions
2024 #
2025 # **Important:** If you use IAM Conditions, you must include the `etag` field
2026 # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
2027 # you to overwrite a version `3` policy with a version `1` policy, and all of
2028 # the conditions in the version `3` policy are lost.
2029 #
2030 # If a policy does not include any conditions, operations on that policy may
2031 # specify any valid version or leave the field unset.
2032 #
2033 # To learn which resources support conditions in their IAM policies, see the
2034 # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
2035 &quot;etag&quot;: &quot;A String&quot;, # `etag` is used for optimistic concurrency control as a way to help
2036 # prevent simultaneous updates of a policy from overwriting each other.
2037 # It is strongly suggested that systems make use of the `etag` in the
2038 # read-modify-write cycle to perform policy updates in order to avoid race
2039 # conditions: An `etag` is returned in the response to `getIamPolicy`, and
2040 # systems are expected to put that etag in the request to `setIamPolicy` to
2041 # ensure that their change will be applied to the same version of the policy.
2042 #
2043 # **Important:** If you use IAM Conditions, you must include the `etag` field
2044 # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
2045 # you to overwrite a version `3` policy with a version `1` policy, and all of
2046 # the conditions in the version `3` policy are lost.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002047 },
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002048 }
2049
2050 x__xgafv: string, V1 error format.
2051 Allowed values
2052 1 - v1 error format
2053 2 - v2 error format
2054
2055Returns:
2056 An object of the form:
2057
Dan O'Mearadd494642020-05-01 07:42:23 -07002058 { # An Identity and Access Management (IAM) policy, which specifies access
2059 # controls for Google Cloud resources.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002060 #
2061 #
Dan O'Mearadd494642020-05-01 07:42:23 -07002062 # A `Policy` is a collection of `bindings`. A `binding` binds one or more
2063 # `members` to a single `role`. Members can be user accounts, service accounts,
2064 # Google groups, and domains (such as G Suite). A `role` is a named list of
2065 # permissions; each `role` can be an IAM predefined role or a user-created
2066 # custom role.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002067 #
Bu Sun Kim65020912020-05-20 12:08:20 -07002068 # For some types of Google Cloud resources, a `binding` can also specify a
2069 # `condition`, which is a logical expression that allows access to a resource
2070 # only if the expression evaluates to `true`. A condition can add constraints
2071 # based on attributes of the request, the resource, or both. To learn which
2072 # resources support conditions in their IAM policies, see the
2073 # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
Dan O'Mearadd494642020-05-01 07:42:23 -07002074 #
2075 # **JSON example:**
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002076 #
2077 # {
Bu Sun Kim65020912020-05-20 12:08:20 -07002078 # &quot;bindings&quot;: [
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002079 # {
Bu Sun Kim65020912020-05-20 12:08:20 -07002080 # &quot;role&quot;: &quot;roles/resourcemanager.organizationAdmin&quot;,
2081 # &quot;members&quot;: [
2082 # &quot;user:mike@example.com&quot;,
2083 # &quot;group:admins@example.com&quot;,
2084 # &quot;domain:google.com&quot;,
2085 # &quot;serviceAccount:my-project-id@appspot.gserviceaccount.com&quot;
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002086 # ]
2087 # },
2088 # {
Bu Sun Kim65020912020-05-20 12:08:20 -07002089 # &quot;role&quot;: &quot;roles/resourcemanager.organizationViewer&quot;,
2090 # &quot;members&quot;: [
2091 # &quot;user:eve@example.com&quot;
2092 # ],
2093 # &quot;condition&quot;: {
2094 # &quot;title&quot;: &quot;expirable access&quot;,
2095 # &quot;description&quot;: &quot;Does not grant access after Sep 2020&quot;,
2096 # &quot;expression&quot;: &quot;request.time &lt; timestamp(&#x27;2020-10-01T00:00:00.000Z&#x27;)&quot;,
Dan O'Mearadd494642020-05-01 07:42:23 -07002097 # }
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002098 # }
Dan O'Mearadd494642020-05-01 07:42:23 -07002099 # ],
Bu Sun Kim65020912020-05-20 12:08:20 -07002100 # &quot;etag&quot;: &quot;BwWWja0YfJA=&quot;,
2101 # &quot;version&quot;: 3
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002102 # }
2103 #
Dan O'Mearadd494642020-05-01 07:42:23 -07002104 # **YAML example:**
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002105 #
2106 # bindings:
2107 # - members:
2108 # - user:mike@example.com
2109 # - group:admins@example.com
2110 # - domain:google.com
Dan O'Mearadd494642020-05-01 07:42:23 -07002111 # - serviceAccount:my-project-id@appspot.gserviceaccount.com
2112 # role: roles/resourcemanager.organizationAdmin
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002113 # - members:
Dan O'Mearadd494642020-05-01 07:42:23 -07002114 # - user:eve@example.com
2115 # role: roles/resourcemanager.organizationViewer
2116 # condition:
2117 # title: expirable access
2118 # description: Does not grant access after Sep 2020
Bu Sun Kim65020912020-05-20 12:08:20 -07002119 # expression: request.time &lt; timestamp(&#x27;2020-10-01T00:00:00.000Z&#x27;)
Dan O'Mearadd494642020-05-01 07:42:23 -07002120 # - etag: BwWWja0YfJA=
2121 # - version: 3
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002122 #
2123 # For a description of IAM and its features, see the
Dan O'Mearadd494642020-05-01 07:42:23 -07002124 # [IAM documentation](https://cloud.google.com/iam/docs/).
Bu Sun Kim65020912020-05-20 12:08:20 -07002125 &quot;bindings&quot;: [ # Associates a list of `members` to a `role`. Optionally, may specify a
Dan O'Mearadd494642020-05-01 07:42:23 -07002126 # `condition` that determines how and when the `bindings` are applied. Each
2127 # of the `bindings` must contain at least one member.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002128 { # Associates `members` with a `role`.
Bu Sun Kim65020912020-05-20 12:08:20 -07002129 &quot;condition&quot;: { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding.
2130 #
2131 # If the condition evaluates to `true`, then this binding applies to the
2132 # current request.
2133 #
2134 # If the condition evaluates to `false`, then this binding does not apply to
2135 # the current request. However, a different role binding might grant the same
2136 # role to one or more of the members in this binding.
2137 #
2138 # To learn which resources support conditions in their IAM policies, see the
2139 # [IAM
2140 # documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
2141 # syntax. CEL is a C-like expression language. The syntax and semantics of CEL
2142 # are documented at https://github.com/google/cel-spec.
2143 #
2144 # Example (Comparison):
2145 #
2146 # title: &quot;Summary size limit&quot;
2147 # description: &quot;Determines if a summary is less than 100 chars&quot;
2148 # expression: &quot;document.summary.size() &lt; 100&quot;
2149 #
2150 # Example (Equality):
2151 #
2152 # title: &quot;Requestor is owner&quot;
2153 # description: &quot;Determines if requestor is the document owner&quot;
2154 # expression: &quot;document.owner == request.auth.claims.email&quot;
2155 #
2156 # Example (Logic):
2157 #
2158 # title: &quot;Public documents&quot;
2159 # description: &quot;Determine whether the document should be publicly visible&quot;
2160 # expression: &quot;document.type != &#x27;private&#x27; &amp;&amp; document.type != &#x27;internal&#x27;&quot;
2161 #
2162 # Example (Data Manipulation):
2163 #
2164 # title: &quot;Notification string&quot;
2165 # description: &quot;Create a notification string with a timestamp.&quot;
2166 # expression: &quot;&#x27;New message received at &#x27; + string(document.create_time)&quot;
2167 #
2168 # The exact variables and functions that may be referenced within an expression
2169 # are determined by the service that evaluates it. See the service
2170 # documentation for additional information.
Bu Sun Kim65020912020-05-20 12:08:20 -07002171 &quot;title&quot;: &quot;A String&quot;, # Optional. Title for the expression, i.e. a short string describing
2172 # its purpose. This can be used e.g. in UIs which allow to enter the
2173 # expression.
Bu Sun Kimd059ad82020-07-22 17:02:09 -07002174 &quot;expression&quot;: &quot;A String&quot;, # Textual representation of an expression in Common Expression Language
2175 # syntax.
Bu Sun Kim65020912020-05-20 12:08:20 -07002176 &quot;location&quot;: &quot;A String&quot;, # Optional. String indicating the location of the expression for error
2177 # reporting, e.g. a file name and a position in the file.
2178 &quot;description&quot;: &quot;A String&quot;, # Optional. Description of the expression. This is a longer text which
2179 # describes the expression, e.g. when hovered over it in a UI.
2180 },
2181 &quot;members&quot;: [ # Specifies the identities requesting access for a Cloud Platform resource.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002182 # `members` can have the following values:
2183 #
2184 # * `allUsers`: A special identifier that represents anyone who is
2185 # on the internet; with or without a Google account.
2186 #
2187 # * `allAuthenticatedUsers`: A special identifier that represents anyone
2188 # who is authenticated with a Google account or a service account.
2189 #
2190 # * `user:{emailid}`: An email address that represents a specific Google
Dan O'Mearadd494642020-05-01 07:42:23 -07002191 # account. For example, `alice@example.com` .
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002192 #
2193 #
2194 # * `serviceAccount:{emailid}`: An email address that represents a service
2195 # account. For example, `my-other-app@appspot.gserviceaccount.com`.
2196 #
2197 # * `group:{emailid}`: An email address that represents a Google group.
2198 # For example, `admins@example.com`.
2199 #
Dan O'Mearadd494642020-05-01 07:42:23 -07002200 # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
2201 # identifier) representing a user that has been recently deleted. For
2202 # example, `alice@example.com?uid=123456789012345678901`. If the user is
2203 # recovered, this value reverts to `user:{emailid}` and the recovered user
2204 # retains the role in the binding.
2205 #
2206 # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
2207 # unique identifier) representing a service account that has been recently
2208 # deleted. For example,
2209 # `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
2210 # If the service account is undeleted, this value reverts to
2211 # `serviceAccount:{emailid}` and the undeleted service account retains the
2212 # role in the binding.
2213 #
2214 # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique
2215 # identifier) representing a Google group that has been recently
2216 # deleted. For example, `admins@example.com?uid=123456789012345678901`. If
2217 # the group is recovered, this value reverts to `group:{emailid}` and the
2218 # recovered group retains the role in the binding.
2219 #
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002220 #
2221 # * `domain:{domain}`: The G Suite domain (primary) that represents all the
2222 # users of that domain. For example, `google.com` or `example.com`.
2223 #
Bu Sun Kim65020912020-05-20 12:08:20 -07002224 &quot;A String&quot;,
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002225 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -07002226 &quot;role&quot;: &quot;A String&quot;, # Role that is assigned to `members`.
2227 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002228 },
2229 ],
Bu Sun Kimd059ad82020-07-22 17:02:09 -07002230 &quot;version&quot;: 42, # Specifies the format of the policy.
2231 #
2232 # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
2233 # are rejected.
2234 #
2235 # Any operation that affects conditional role bindings must specify version
2236 # `3`. This requirement applies to the following operations:
2237 #
2238 # * Getting a policy that includes a conditional role binding
2239 # * Adding a conditional role binding to a policy
2240 # * Changing a conditional role binding in a policy
2241 # * Removing any role binding, with or without a condition, from a policy
2242 # that includes conditions
2243 #
2244 # **Important:** If you use IAM Conditions, you must include the `etag` field
2245 # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
2246 # you to overwrite a version `3` policy with a version `1` policy, and all of
2247 # the conditions in the version `3` policy are lost.
2248 #
2249 # If a policy does not include any conditions, operations on that policy may
2250 # specify any valid version or leave the field unset.
2251 #
2252 # To learn which resources support conditions in their IAM policies, see the
2253 # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
2254 &quot;etag&quot;: &quot;A String&quot;, # `etag` is used for optimistic concurrency control as a way to help
2255 # prevent simultaneous updates of a policy from overwriting each other.
2256 # It is strongly suggested that systems make use of the `etag` in the
2257 # read-modify-write cycle to perform policy updates in order to avoid race
2258 # conditions: An `etag` is returned in the response to `getIamPolicy`, and
2259 # systems are expected to put that etag in the request to `setIamPolicy` to
2260 # ensure that their change will be applied to the same version of the policy.
2261 #
2262 # **Important:** If you use IAM Conditions, you must include the `etag` field
2263 # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
2264 # you to overwrite a version `3` policy with a version `1` policy, and all of
2265 # the conditions in the version `3` policy are lost.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002266 }</pre>
2267</div>
2268
2269<div class="method">
Dan O'Mearadd494642020-05-01 07:42:23 -07002270 <code class="details" id="testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</code>
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002271 <pre>Returns the permissions that a caller has on the specified note or
2272occurrence resource. Requires list permission on the project (for example,
Bu Sun Kim65020912020-05-20 12:08:20 -07002273&quot;storage.objects.list&quot; on the containing bucket for testing permission of
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002274an object). Attempting to call this method on a non-existent resource will
2275result in a `NOT_FOUND` error if the user has list permission on the
2276project, or a `PERMISSION_DENIED` error otherwise. The resource takes the
2277following formats: `projects/{PROJECT_ID}/occurrences/{OCCURRENCE_ID}` for
2278`Occurrences` and `projects/{PROJECT_ID}/notes/{NOTE_ID}` for `Notes`
2279
2280Args:
2281 resource: string, REQUIRED: The resource for which the policy detail is being requested.
2282See the operation documentation for the appropriate value for this field. (required)
Dan O'Mearadd494642020-05-01 07:42:23 -07002283 body: object, The request body.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002284 The object takes the form of:
2285
2286{ # Request message for `TestIamPermissions` method.
Bu Sun Kim65020912020-05-20 12:08:20 -07002287 &quot;permissions&quot;: [ # The set of permissions to check for the `resource`. Permissions with
2288 # wildcards (such as &#x27;*&#x27; or &#x27;storage.*&#x27;) are not allowed. For more
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002289 # information see
2290 # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
Bu Sun Kim65020912020-05-20 12:08:20 -07002291 &quot;A String&quot;,
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002292 ],
2293 }
2294
2295 x__xgafv: string, V1 error format.
2296 Allowed values
2297 1 - v1 error format
2298 2 - v2 error format
2299
2300Returns:
2301 An object of the form:
2302
2303 { # Response message for `TestIamPermissions` method.
Bu Sun Kim65020912020-05-20 12:08:20 -07002304 &quot;permissions&quot;: [ # A subset of `TestPermissionsRequest.permissions` that the caller is
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002305 # allowed.
Bu Sun Kim65020912020-05-20 12:08:20 -07002306 &quot;A String&quot;,
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07002307 ],
2308 }</pre>
2309</div>
2310
2311</body></html>