SecurityBulletinEvent is a notification sent to customers when a security bulletin has been posted that they are vulnerable to.
| JSON representation |
|---|
{ "resourceTypeAffected": string, "bulletinId": string, "cveIds": [ string ], "severity": string, "bulletinUri": string, "briefDescription": string, "affectedSupportedMinors": [ string ], "patchedVersions": [ string ], "suggestedUpgradeTarget": string, "manualStepsRequired": boolean } |
| Fields | |
|---|---|
resourceTypeAffected |
The resource type (node/control plane) that has the vulnerability. Multiple notifications (1 notification per resource type) will be sent for a vulnerability that affects > 1 resource type. |
bulletinId |
The ID of the bulletin corresponding to the vulnerability. |
cveIds[] |
The CVEs associated with this bulletin. |
severity |
The severity of this bulletin as it relates to GKE. |
bulletinUri |
The URI link to the bulletin on the website for more information. |
briefDescription |
A brief description of the bulletin. See the bulletin pointed to by the bulletinUri field for an expanded description. |
affectedSupportedMinors[] |
The GKE minor versions affected by this vulnerability. |
patchedVersions[] |
The GKE versions where this vulnerability is patched. |
suggestedUpgradeTarget |
This represents a version selected from the patchedVersions field that the cluster receiving this notification should most likely want to upgrade to based on its current version. Note that if this notification is being received by a given cluster, it means that this version is currently available as an upgrade target in that cluster's location. |
manualStepsRequired |
If this field is specified, it means there are manual steps that the user must take to make their clusters safe. |