|
NAMEdata-safe_security-assessment -DESCRIPTIONA security assessment that provides an overall insight into your database security posture. The security assessment results are based on the analysis of your database configurations, user accounts, and security controls. For more information, see Security Assessment Overview <https://docs.oracle.com/en/cloud/paas/data-safe/udscs/security-assessment-overview.html>.AVAILABLE COMMANDS
change-compartment
DescriptionMoves the specified saved security assessment or future scheduled assessments into a different compartment.To start, call first the operation ListSecurityAssessments with filters “type = save_schedule”. This returns the scheduleAssessmentId. Then, call this changeCompartment with the scheduleAssessmentId. The existing saved security assessments created due to the schedule are not moved. However, all new saves will be associated with the new compartment. Usageoci data-safe security-assessment change-compartment [OPTIONS] Required Parameters
The OCID of the compartment where you want to move the security assessment.
The OCID of the security assessment. Optional Parameters
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment change-compartment --compartment-id $compartment_id --security-assessment-id $security_assessment_id compare
DescriptionCompares two security assessments. For this comparison, a security assessment can be a saved assessment, a latest assessment, or a baseline assessment. For example, you can compare saved assessment or a latest assessment against a baseline.Usageoci data-safe security-assessment compare [OPTIONS] Required Parameters
The OCID of the security assessment. In this case a security assessment can be another security assessment, a latest assessment or a baseline.
The OCID of the security assessment. Optional Parameters
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
The maximum time to wait for the work request to reach the state defined by --wait-for-state. Defaults to 1200 seconds.
This operation asynchronously creates, modifies or deletes a resource and uses a work request to track the progress of the operation. Specify this option to perform the action and then wait until the work request reaches a certain state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned. Accepted values are: ACCEPTED, CANCELED, CANCELING, FAILED, IN_PROGRESS, SUCCEEDED, SUSPENDED, SUSPENDING
Check every --wait-interval-seconds to see whether the work request to see if it has reached the state defined by --wait-for-state. Defaults to 30 seconds. Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id export comparison_security_assessment_id=<substitute-value-of-comparison_security_assessment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/compare.html#cmdoption-comparison-security-assessment-id security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment compare --comparison-security-assessment-id $comparison_security_assessment_id --security-assessment-id $security_assessment_id create
DescriptionCreates a new saved security assessment for one or multiple targets in a compartment. When this operation is performed, it will save the latest assessments in the specified compartment. If a schedule is passed, it will persist the latest assessments, at the defined date and time, in the format defined by RFC3339 <https://tools.ietf.org/html/rfc3339>.Usageoci data-safe security-assessment create [OPTIONS] Required Parameters
The OCID of the compartment that contains the security assessment.
The OCID of the target database on which security assessment is to be run. Optional Parameters
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags <https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm> Example: {"Operations": {"CostCenter": "42"}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax. The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.
Description of the security assessment.
The display name of the security assessment.
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags <https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm> Example: {"Department": "Finance"} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax. The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
The maximum time to wait for the work request to reach the state defined by --wait-for-state. Defaults to 1200 seconds.
To schedule the assessment for running periodically, specify the schedule in this attribute. Create or schedule one assessment per compartment. If not defined, the assessment runs immediately. Format - <version-string>;<version-specific-schedule> Allowed version strings - “v1” v1’s version specific schedule -<ss> <mm> <hh> <day-of-week> <day-of-month> Each of the above fields potentially introduce constraints. A workrequest is created only when clock time satisfies all the constraints. Constraints introduced: 1. seconds = <ss> (So, the allowed range for <ss> is [0, 59]) 2. minutes = <mm> (So, the allowed range for <mm> is [0, 59]) 3. hours = <hh> (So, the allowed range for <hh> is [0, 23]) <day-of-week> can be either ‘*’ (without quotes or a number between 1(Monday) and 7(Sunday)) 4. No constraint introduced when it is ‘*’. When not, day of week must equal the given value <day-of-month> can be either ‘*’ (without quotes or a number between 1 and 28) 5. No constraint introduced when it is ‘*’. When not, day of month must equal the given value
This operation asynchronously creates, modifies or deletes a resource and uses a work request to track the progress of the operation. Specify this option to perform the action and then wait until the work request reaches a certain state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned. Accepted values are: ACCEPTED, CANCELED, CANCELING, FAILED, IN_PROGRESS, SUCCEEDED, SUSPENDED, SUSPENDING
Check every --wait-interval-seconds to see whether the work request to see if it has reached the state defined by --wait-for-state. Defaults to 30 seconds. Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id delete
DescriptionDeletes the specified saved security assessment or schedule. To delete a security assessment schedule, first call the operation ListSecurityAssessments with filters “type = save_schedule”. That operation returns the scheduleAssessmentId. Then, call DeleteSecurityAssessment with the scheduleAssessmentId. If the assessment being deleted is the baseline for that compartment, then it will impact all baselines in the compartment.Usageoci data-safe security-assessment delete [OPTIONS] Required Parameters
The OCID of the security assessment. Optional Parameters
Perform deletion without prompting for confirmation.
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
The maximum time to wait for the work request to reach the state defined by --wait-for-state. Defaults to 1200 seconds.
This operation asynchronously creates, modifies or deletes a resource and uses a work request to track the progress of the operation. Specify this option to perform the action and then wait until the work request reaches a certain state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned. Accepted values are: ACCEPTED, CANCELED, CANCELING, FAILED, IN_PROGRESS, SUCCEEDED, SUSPENDED, SUSPENDING
Check every --wait-interval-seconds to see whether the work request to see if it has reached the state defined by --wait-for-state. Defaults to 30 seconds. Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment delete --security-assessment-id $security_assessment_id download-security-assessment-report
DescriptionDownloads the report of the specified security assessment. To download the security assessment report, it needs to be generated first. Please use GenerateSecurityAssessmentReport to generate a downloadable report in the preferred format (PDF, XLS).Usageoci data-safe security-assessment download-security-assessment-report [OPTIONS] Required Parameters
The name of the file that will receive the response data, or ‘-‘ to write to STDOUT.
Format of the report. Accepted values are: PDF, XLS
The OCID of the security assessment. Optional Parameters
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value. Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id export file=<substitute-value-of-file> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/download-security-assessment-report.html#cmdoption-file export format=<substitute-value-of-format> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/download-security-assessment-report.html#cmdoption-format security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment download-security-assessment-report --file $file --format $format --security-assessment-id $security_assessment_id generate-security-assessment-report
DescriptionGenerates the report of the specified security assessment. You can get the report in PDF or XLS format. After generating the report, use DownloadSecurityAssessmentReport to download it in the preferred format.Usageoci data-safe security-assessment generate-security-assessment-report [OPTIONS] Required Parameters
Format of the report. Accepted values are: PDF, XLS
The OCID of the security assessment. Optional Parameters
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
The maximum time to wait for the work request to reach the state defined by --wait-for-state. Defaults to 1200 seconds.
This operation asynchronously creates, modifies or deletes a resource and uses a work request to track the progress of the operation. Specify this option to perform the action and then wait until the work request reaches a certain state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned. Accepted values are: ACCEPTED, CANCELED, CANCELING, FAILED, IN_PROGRESS, SUCCEEDED, SUSPENDED, SUSPENDING
Check every --wait-interval-seconds to see whether the work request to see if it has reached the state defined by --wait-for-state. Defaults to 30 seconds. Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id export format=<substitute-value-of-format> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/generate-security-assessment-report.html#cmdoption-format security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment generate-security-assessment-report --format $format --security-assessment-id $security_assessment_id get
DescriptionGets the details of the specified security assessment.Usageoci data-safe security-assessment get [OPTIONS] Required Parameters
The OCID of the security assessment. Optional Parameters
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment get --security-assessment-id $security_assessment_id get-security-assessment-comparison
DescriptionGets the details of the comparison report on the security assessments submitted for comparison.Usageoci data-safe security-assessment get-security-assessment-comparison [OPTIONS] Required Parameters
The OCID of the baseline security assessment.
The OCID of the security assessment. Optional Parameters
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id export comparison_security_assessment_id=<substitute-value-of-comparison_security_assessment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/get-security-assessment-comparison.html#cmdoption-comparison-security-assessment-id security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment get-security-assessment-comparison --comparison-security-assessment-id $comparison_security_assessment_id --security-assessment-id $security_assessment_id list
DescriptionGets a list of security assessments.The ListSecurityAssessments operation returns only the assessments in the specified compartmentId. The list does not include any subcompartments of the compartmentId passed. The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true. The parameter compartmentIdInSubtree applies when you perform ListSecurityAssessments on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE. Usageoci data-safe security-assessment list [OPTIONS] Required Parameters
A filter to return only resources that match the specified compartment OCID. Optional Parameters
Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed. Accepted values are: ACCESSIBLE, RESTRICTED
Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.
Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the ‘accessLevel’ setting.
A filter to return only resources that match the specified display name.
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
A filter to return only security assessments that are set as baseline.
A filter to return only security assessments of type save schedule.
A filter to return only resources that match the specified lifecycle state. Accepted values are: CREATING, DELETED, DELETING, FAILED, SUCCEEDED, UPDATING
For list pagination. The maximum number of items to return per page in a paginated “List” call. For details about how pagination works, see List Pagination <https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/usingapi.htm#nine>.
For list pagination. The page token representing the page at which to start retrieving results. It is usually retrieved from a previous “List” call. For details about how pagination works, see List Pagination <https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/usingapi.htm#nine>.
When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.
The OCID of the security assessment of type SAVE_SCHEDULE.
The field to sort by. You can specify only one sort order(sortOrder). The default order for timeCreated is descending. Accepted values are: displayName, timeCreated
The sort order to use, either ascending (ASC) or descending (DESC). Accepted values are: ASC, DESC
A filter to return only items related to a specific target OCID.
A filter to return only the resources that were created after the specified date and time, as defined by RFC3339 <https://tools.ietf.org/html/rfc3339>. Using TimeCreatedGreaterThanOrEqualToQueryParam parameter retrieves all resources created after that date. Example: 2016-12-19T16:39:57.600Z The following datetime formats are supported:
UTC with microsecondsFormat: YYYY-MM-DDTHH:mm:ss.ssssssTZD Example: 2017-09-15T20:30:00.123456Z UTC with milliseconds *********************** .. code:: Format: YYYY-MM-DDTHH:mm:ss.sssTZD Example: 2017-09-15T20:30:00.123Z UTC without milliseconds ************************** .. code:: Format: YYYY-MM-DDTHH:mm:ssTZD Example: 2017-09-15T20:30:00Z UTC with minute precision ************************** .. code:: Format: YYYY-MM-DDTHH:mmTZD Example: 2017-09-15T20:30Z Timezone with microsecondsFormat: YYYY-MM-DDTHH:mm:ssTZD Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800 Timezone with milliseconds *************************** .. code:: Format: YYYY-MM-DDTHH:mm:ssTZD Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800 Timezone without milliseconds ******************************* .. code:: Format: YYYY-MM-DDTHH:mm:ssTZD Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800 Timezone with minute precision ******************************* .. code:: Format: YYYY-MM-DDTHH:mmTZD Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800 Short date and time ******************** The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes) .. code:: Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm" Example: '2017-09-15 17:25' Date Only ********** This date will be taken as midnight UTC of that day .. code:: Format: YYYY-MM-DD Example: 2017-09-15 Epoch seconds ************** .. code:: Example: 1412195400
Search for resources that were created before a specific date. Specifying this parameter corresponding timeCreatedLessThan parameter will retrieve all resources created before the specified created date, in “YYYY-MM-ddThh:mmZ” format with a Z offset, as defined by RFC 3339. Example: 2016-12-19T16:39:57.600Z The following datetime formats are supported:
UTC with microsecondsFormat: YYYY-MM-DDTHH:mm:ss.ssssssTZD Example: 2017-09-15T20:30:00.123456Z UTC with milliseconds *********************** .. code:: Format: YYYY-MM-DDTHH:mm:ss.sssTZD Example: 2017-09-15T20:30:00.123Z UTC without milliseconds ************************** .. code:: Format: YYYY-MM-DDTHH:mm:ssTZD Example: 2017-09-15T20:30:00Z UTC with minute precision ************************** .. code:: Format: YYYY-MM-DDTHH:mmTZD Example: 2017-09-15T20:30Z Timezone with microsecondsFormat: YYYY-MM-DDTHH:mm:ssTZD Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800 Timezone with milliseconds *************************** .. code:: Format: YYYY-MM-DDTHH:mm:ssTZD Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800 Timezone without milliseconds ******************************* .. code:: Format: YYYY-MM-DDTHH:mm:ssTZD Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800 Timezone with minute precision ******************************* .. code:: Format: YYYY-MM-DDTHH:mmTZD Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800 Short date and time ******************** The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes) .. code:: Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm" Example: '2017-09-15 17:25' Date Only ********** This date will be taken as midnight UTC of that day .. code:: Format: YYYY-MM-DD Example: 2017-09-15 Epoch seconds ************** .. code:: Example: 1412195400
A filter to return only security asessments that were created by either user or system. Accepted values are: SYSTEM, USER
A filter to return only items that match the specified security assessment type. Accepted values are: COMPARTMENT, LATEST, SAVED, SAVE_SCHEDULE Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/list.html#cmdoption-compartment-id oci data-safe security-assessment list --compartment-id $compartment_id list-findings
DescriptionList all the findings from all the targets in the specified assessment.Usageoci data-safe security-assessment list-findings [OPTIONS] Required Parameters
The OCID of the security assessment. Optional Parameters
Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed. Accepted values are: ACCESSIBLE, RESTRICTED
Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.
Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the ‘accessLevel’ setting.
Each finding has a key. This key is same for the finding across targets
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
For list pagination. The maximum number of items to return per page in a paginated “List” call. For details about how pagination works, see List Pagination <https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/usingapi.htm#nine>.
For list pagination. The page token representing the page at which to start retrieving results. It is usually retrieved from a previous “List” call. For details about how pagination works, see List Pagination <https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/usingapi.htm#nine>.
When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.
A filter to return only findings of a particular risk level. Accepted values are: ADVISORY, EVALUATE, HIGH, LOW, MEDIUM, PASS Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment list-findings --security-assessment-id $security_assessment_id refresh
DescriptionRuns a security assessment, refreshes the latest assessment, and saves it for future reference. The assessment runs with a securityAssessmentId of type LATEST. Before you start, first call the ListSecurityAssessments operation with filter “type = latest” to get the security assessment id for the target’s latest assessment.Usageoci data-safe security-assessment refresh [OPTIONS] Required Parameters
The OCID of the security assessment. Optional Parameters
The OCID of the compartment that contains the security assessment.
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags <https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm> Example: {"Operations": {"CostCenter": "42"}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax. The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.
The display name of the security assessment.
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags <https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm> Example: {"Department": "Finance"} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax. The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
The maximum time to wait for the work request to reach the state defined by --wait-for-state. Defaults to 1200 seconds.
This operation asynchronously creates, modifies or deletes a resource and uses a work request to track the progress of the operation. Specify this option to perform the action and then wait until the work request reaches a certain state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned. Accepted values are: ACCEPTED, CANCELED, CANCELING, FAILED, IN_PROGRESS, SUCCEEDED, SUSPENDED, SUSPENDING
Check every --wait-interval-seconds to see whether the work request to see if it has reached the state defined by --wait-for-state. Defaults to 30 seconds. Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment refresh --security-assessment-id $security_assessment_id set-security-assessment-baseline
DescriptionSets the saved security assessment as the baseline in the compartment where the the specified assessment resides. The security assessment needs to be of type ‘SAVED’.Usageoci data-safe security-assessment set-security-assessment-baseline [OPTIONS] Required Parameters
The OCID of the security assessment. Optional Parameters
List of security assessment OCIDs that need to be updated while setting the baseline. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax. The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
The maximum time to wait for the work request to reach the state defined by --wait-for-state. Defaults to 1200 seconds.
This operation asynchronously creates, modifies or deletes a resource and uses a work request to track the progress of the operation. Specify this option to perform the action and then wait until the work request reaches a certain state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned. Accepted values are: ACCEPTED, CANCELED, CANCELING, FAILED, IN_PROGRESS, SUCCEEDED, SUSPENDED, SUSPENDING
Check every --wait-interval-seconds to see whether the work request to see if it has reached the state defined by --wait-for-state. Defaults to 30 seconds. Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment set-security-assessment-baseline --security-assessment-id $security_assessment_id unset-security-assessment-baseline
DescriptionRemoves the baseline setting for the saved security assessment. The saved security assessment is no longer considered a baseline. Sets the if-match parameter to the value of the etag from a previous GET or POST response for that resource.Usageoci data-safe security-assessment unset-security-assessment-baseline [OPTIONS] Required Parameters
The OCID of the security assessment. Optional Parameters
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
The maximum time to wait for the work request to reach the state defined by --wait-for-state. Defaults to 1200 seconds.
This operation asynchronously creates, modifies or deletes a resource and uses a work request to track the progress of the operation. Specify this option to perform the action and then wait until the work request reaches a certain state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned. Accepted values are: ACCEPTED, CANCELED, CANCELING, FAILED, IN_PROGRESS, SUCCEEDED, SUSPENDED, SUSPENDING
Check every --wait-interval-seconds to see whether the work request to see if it has reached the state defined by --wait-for-state. Defaults to 30 seconds. Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment unset-security-assessment-baseline --security-assessment-id $security_assessment_id update
DescriptionUpdates one or more attributes of the specified security assessment. This operation allows to update the security assessment displayName, description, or schedule.Usageoci data-safe security-assessment update [OPTIONS] Required Parameters
The OCID of the security assessment. Optional Parameters
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags <https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm> Example: {"Operations": {"CostCenter": "42"}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax. The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.
The description of the security assessment.
The display name of the security assessment.
Perform update without prompting for confirmation.
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags <https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm> Example: {"Department": "Finance"} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax. The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.
Provide input to this command as a JSON document from a file using the file://path-to/file syntax. The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array. Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used. For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions
For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.
The maximum time to wait for the work request to reach the state defined by --wait-for-state. Defaults to 1200 seconds.
This is applicable only for save schedule and latest assessment. It updates the existing schedule in a specified format: <version-string>;<version-specific-schedule> Allowed version strings - “v1” v1’s version specific schedule -<ss> <mm> <hh> <day-of-week> <day-of-month> Each of the above fields potentially introduce constraints. A workrequest is created only when clock time satisfies all the constraints. Constraints introduced: 1. seconds = <ss> (So, the allowed range for <ss> is [0, 59]) 2. minutes = <mm> (So, the allowed range for <mm> is [0, 59]) 3. hours = <hh> (So, the allowed range for <hh> is [0, 23]) <day-of-week> can be either ‘*’ (without quotes or a number between 1(Monday) and 7(Sunday)) 4. No constraint introduced when it is ‘*’. When not, day of week must equal the given value <day-of-month> can be either ‘*’ (without quotes or a number between 1 and 28) 5. No constraint introduced when it is ‘*’. When not, day of month must equal the given value
This operation asynchronously creates, modifies or deletes a resource and uses a work request to track the progress of the operation. Specify this option to perform the action and then wait until the work request reaches a certain state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned. Accepted values are: ACCEPTED, CANCELED, CANCELING, FAILED, IN_PROGRESS, SUCCEEDED, SUSPENDED, SUSPENDING
Check every --wait-interval-seconds to see whether the work request to see if it has reached the state defined by --wait-for-state. Defaults to 30 seconds. Global ParametersUse oci --help for help on global parameters.--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v ExamplesCopy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples. export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-compartment-id export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/data-safe/security-assessment/create.html#cmdoption-target-id security_assessment_id=$(oci data-safe security-assessment create --compartment-id $compartment_id --target-id $target_id --query data.id --raw-output) oci data-safe security-assessment update --security-assessment-id $security_assessment_id AUTHOROracleCOPYRIGHT2016, 2022, Oracle
Visit the GSP FreeBSD Man Page Interface. |