Qualys TotalCloud
Visualize Qualys TotalCloud cloud assets and CSPM control evaluations across AWS, Azure, GCP, and OCI, and monitor findings and changes through queries and alerts.
- Installation
- Authorization
- Data Model
- Types
- Release Notes
Installation
This integration reads data from the Qualys TotalCloud (CloudView) module over its REST API — cloud connectors, cloud assets, controls, and control evaluations (findings) across AWS, Azure, GCP, and OCI. Because it is read-only, a Qualys user with the Reader role is sufficient, provided that user's role has the TotalCloud API Access permission enabled.
You will need the following:
-
A Qualys username and password for a user whose role:
- Has access to the TotalCloud module (the predefined TOTALCLOUD User role, a custom role, or Manager).
- Has the TotalCloud API Access permission enabled under TotalCloud. Without it, the API responds that the user is not authorized to access the module. See User Roles and Permissions and Assign Role to Users.
-
Your Qualys API URL for the platform that hosts your account — for example,
https://qualysapi.qg3.apps.qualys.com. Use the URL that matches your login platform. See Qualys Platform Identification to find yours.
The integration authenticates with HTTP Basic authentication against the CloudView/TotalCloud REST API. Use a username and password associated with a non-test (subscription) account user.
Data Volume Configuration
Control how much data is ingested from Qualys TotalCloud to manage storage and processing.
| Field | Description | Default | Options |
|---|---|---|---|
| Findings History Days | How many days of TotalCloud control evaluations (findings) to fetch per cloud resource. | 90 | 7, 30, 90, 180, 365 |
How it affects data volume: Larger windows pull more evaluation history per resource and meaningfully increase the number of API calls for large multi-cloud tenants.
All ingestion sources are disabled by default. Enable only the providers (AWS, Azure, GCP, OCI) and data types you need from the integration instance's ingestion source settings to keep ingestion scoped to what you use.
Configuration in JupiterOne
To install the Qualys TotalCloud integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Qualys TotalCloud. Click New Instance to begin configuring your integration.
Creating an instance requires the following:
-
The Account Name used to identify the Qualys TotalCloud account in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen theAccountNametoggle is enabled. -
Description to assist in identifying the integration instance, if desired.
-
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration. -
Your Qualys Username, Password, and API URL.
-
Optionally, the Findings History Days window under the Findings configuration section.
Click Create once all values are provided to finalize the integration.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Permissions
IAM permissions that must be granted to the integration principal for data ingestion.
Show Permissions (1)
TotalCloud API Access
Endpoints
API endpoints that the integration makes requests to.
Show Endpoints (17)
/cloudview-api/rest/v1/aws/connectors/cloudview-api/rest/v1/aws/evaluations/{accountId}/cloudview-api/rest/v1/aws/evaluations/{accountId}/resources/{controlId}/cloudview-api/rest/v1/azure/connectors/cloudview-api/rest/v1/azure/evaluations/{accountId}/cloudview-api/rest/v1/azure/evaluations/{accountId}/resources/{controlId}/cloudview-api/rest/v1/controls/metadata/list/cloudview-api/rest/v1/gcp/connectors/cloudview-api/rest/v1/gcp/evaluations/{accountId}/cloudview-api/rest/v1/gcp/evaluations/{accountId}/resources/{controlId}/cloudview-api/rest/v1/oci/connectors/cloudview-api/rest/v1/oci/evaluations/cloudview-api/rest/v1/oci/evaluations/resources/{controlId}/cloudview-api/rest/v1/resource/{resourceType}/AWS/cloudview-api/rest/v1/resource/{resourceType}/Azure/cloudview-api/rest/v1/resource/{resourceType}/GCP/cloudview-api/rest/v1/resource/{resourceType}/OCI
Licenses
Product licenses or SKUs required in the target environment.
Show Licenses (1)
Qualys TotalCloud (CloudView)
Documentation Links
Links to provider documentation relevant to setup and configuration.
Show Documentation Links (2)
Per-Step Breakdown
Detailed authorization requirements for each ingestion step.
Show all steps (12)
| Step | Permissions | Endpoints | Licenses |
|---|---|---|---|
| Fetch AWS Cloud Assets | TotalCloud API Access | /cloudview-api/rest/v1/resource/{resourceType}/AWS | Qualys TotalCloud (CloudView) |
| Fetch AWS Findings | TotalCloud API Access | /cloudview-api/rest/v1/aws/evaluations/{accountId}, /cloudview-api/rest/v1/aws/evaluations/{accountId}/resources/{controlId} | Qualys TotalCloud (CloudView) |
| Fetch Azure Cloud Assets | TotalCloud API Access | /cloudview-api/rest/v1/resource/{resourceType}/Azure | Qualys TotalCloud (CloudView) |
| Fetch Azure Connectors | TotalCloud API Access | /cloudview-api/rest/v1/azure/connectors | Qualys TotalCloud (CloudView) |
| Fetch Azure Findings | TotalCloud API Access | /cloudview-api/rest/v1/azure/evaluations/{accountId}, /cloudview-api/rest/v1/azure/evaluations/{accountId}/resources/{controlId} | Qualys TotalCloud (CloudView) |
| Fetch CSPM Controls | TotalCloud API Access | /cloudview-api/rest/v1/controls/metadata/list | Qualys TotalCloud (CloudView) |
| Fetch GCP Cloud Assets | TotalCloud API Access | /cloudview-api/rest/v1/resource/{resourceType}/GCP | Qualys TotalCloud (CloudView) |
| Fetch GCP Connectors | TotalCloud API Access | /cloudview-api/rest/v1/gcp/connectors | Qualys TotalCloud (CloudView) |
| Fetch GCP Findings | TotalCloud API Access | /cloudview-api/rest/v1/gcp/evaluations/{accountId}, /cloudview-api/rest/v1/gcp/evaluations/{accountId}/resources/{controlId} | Qualys TotalCloud (CloudView) |
| Fetch OCI Cloud Assets | TotalCloud API Access | /cloudview-api/rest/v1/resource/{resourceType}/OCI | Qualys TotalCloud (CloudView) |
| Fetch OCI Connectors | TotalCloud API Access | /cloudview-api/rest/v1/oci/connectors | Qualys TotalCloud (CloudView) |
| Fetch OCI Findings | TotalCloud API Access | /cloudview-api/rest/v1/oci/evaluations, /cloudview-api/rest/v1/oci/evaluations/resources/{controlId} | Qualys TotalCloud (CloudView) |
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| Account | qualys_totalcloud_account | Account |
| AWS Auto Scaling Group | qualys_totalcloud_aws_auto_scaling_group | Group |
| AWS EBS Volume | qualys_totalcloud_aws_ebs | DataStore, Disk |
| AWS EC2 Instance | qualys_totalcloud_aws_ec2_instance | Host |
| AWS EKS Cluster | qualys_totalcloud_aws_eks_cluster | Cluster |
| AWS EKS Fargate Profile | qualys_totalcloud_aws_eks_fargate_profile | Configuration |
| AWS EKS Node Group | qualys_totalcloud_aws_eks_nodegroup | Group |
| AWS IAM User | qualys_totalcloud_aws_iam_user | User |
| AWS Internet Gateway | qualys_totalcloud_aws_internet_gateway | Gateway |
| AWS Lambda Function | qualys_totalcloud_aws_lambda | Function |
| AWS Load Balancer | qualys_totalcloud_aws_load_balancer | Gateway |
| AWS Network ACL | qualys_totalcloud_aws_network_acl | Firewall |
| AWS RDS Instance | qualys_totalcloud_aws_rds | Database, DataStore |
| AWS Route Table | qualys_totalcloud_aws_route_table | Configuration |
| AWS S3 Bucket | qualys_totalcloud_aws_bucket | DataStore |
| AWS Security Group | qualys_totalcloud_aws_vpc_security_group | Firewall |
| AWS Subnet | qualys_totalcloud_aws_subnet | Network |
| AWS VPC | qualys_totalcloud_aws_vpc | Network |
| Azure Function App | qualys_totalcloud_azure_function_app | Function |
| Azure Network Security Group | qualys_totalcloud_azure_network_security_group | Firewall |
| Azure Resource Group | qualys_totalcloud_azure_resource_group | Group |
| Azure SQL Database | qualys_totalcloud_azure_sql_server_database | Database, DataStore |
| Azure SQL Server | qualys_totalcloud_azure_sql_server | Database, Host |
| Azure Virtual Machine | qualys_totalcloud_azure_virtual_machine | Host |
| Azure Virtual Network | qualys_totalcloud_azure_virtual_network | Network |
| Azure Web App | qualys_totalcloud_azure_web_app | Application |
| Cloud Asset | qualys_totalcloud_cloud_asset | Resource |
| Connector | qualys_totalcloud_connector | Account |
| Control | qualys_totalcloud_control | ControlPolicy |
| Finding | qualys_totalcloud_finding | Finding |
| GCP Cloud Function | qualys_totalcloud_gcp_cloud_function | Function |
| GCP Compute Firewall | qualys_totalcloud_gcp_firewall_rules | Firewall |
| GCP Compute Instance | qualys_totalcloud_gcp_vm_instance | Host |
| GCP Compute Network | qualys_totalcloud_gcp_network | Network |
| GCP Compute Subnetwork | qualys_totalcloud_gcp_subnetwork | Network |
| OCI Block Volume | qualys_totalcloud_oci_block_volume | DataStore, Disk |
| OCI Compute Instance | qualys_totalcloud_oci_compute_instance | Host |
| OCI Database System | qualys_totalcloud_oci_db_system | Database, Host |
| OCI Function | qualys_totalcloud_oci_function | Function |
| OCI Identity User | qualys_totalcloud_oci_identity_user | User |
| OCI Load Balancer | qualys_totalcloud_oci_load_balancer | Gateway |
| OCI Network Security Group | qualys_totalcloud_oci_network_security_group | Firewall |
| OCI Object Storage Bucket | qualys_totalcloud_oci_bucket | DataStore |
| OCI Security List | qualys_totalcloud_oci_security_list | Firewall |
| OCI Subnet | qualys_totalcloud_oci_subnet | Network |
| OCI Virtual Cloud Network | qualys_totalcloud_oci_vcn | Network |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
qualys_totalcloud_account | HAS | qualys_totalcloud_connector |
qualys_totalcloud_cloud_asset | HAS | qualys_totalcloud_finding |
qualys_totalcloud_connector | HAS | qualys_totalcloud_cloud_asset |
Mapped Relationships
The following mapped relationships are created:
Source Entity _type | Relationship _class | Target Entity _type | Direction |
|---|---|---|---|
qualys_totalcloud_cloud_asset | IS | aws_ebs_volume | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_s3_bucket | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_rds_instance | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_iam_user | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_lambda_function | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_vpc | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_subnet | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_internet_gateway | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_network_acl | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_route_table | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_security_group | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_lb | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_autoscaling_group | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_eks_cluster | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_eks_nodegroup | FORWARD |
qualys_totalcloud_cloud_asset | IS | aws_eks_fargate_profile | FORWARD |
qualys_totalcloud_cloud_asset | IS | azure_vnet | FORWARD |
qualys_totalcloud_cloud_asset | IS | azure_security_group | FORWARD |
qualys_totalcloud_cloud_asset | IS | azure_resource_group | FORWARD |
qualys_totalcloud_cloud_asset | IS | azure_sql_database | FORWARD |
qualys_totalcloud_cloud_asset | IS | azure_web_app | FORWARD |
qualys_totalcloud_cloud_asset | IS | azure_function_app | FORWARD |
qualys_totalcloud_cloud_asset | IS | google_compute_network | FORWARD |
qualys_totalcloud_cloud_asset | IS | google_compute_subnetwork | FORWARD |
qualys_totalcloud_cloud_asset | IS | google_compute_firewall | FORWARD |
qualys_totalcloud_cloud_asset | IS | google_cloud_function | FORWARD |
qualys_totalcloud_cloud_asset | IS | oci_objectstorage_bucket | FORWARD |
qualys_totalcloud_cloud_asset | IS | oci_virtual_cloud_network | FORWARD |
qualys_totalcloud_cloud_asset | IS | oci_subnet | FORWARD |
qualys_totalcloud_cloud_asset | IS | oci_security_list | FORWARD |
qualys_totalcloud_cloud_asset | IS | oci_network_security_group | FORWARD |
qualys_totalcloud_cloud_asset | IS | oci_block_volume | FORWARD |
qualys_totalcloud_cloud_asset | IS | oci_user | FORWARD |
qualys_totalcloud_cloud_asset | IS | oci_load_balancer | FORWARD |
qualys_totalcloud_cloud_asset | IS | oci_functions_function | FORWARD |
qualys_totalcloud_connector | IS | aws_account | FORWARD |
qualys_totalcloud_connector | IS | azure_subscription | FORWARD |
qualys_totalcloud_connector | IS | google_cloud_project | FORWARD |
qualys_totalcloud_connector | IS | oci_compartment | FORWARD |
Qualys Totalcloud Account
qualys_totalcloud_account inherits from Account
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Cloud Asset
qualys_totalcloud_cloud_asset inherits from Resource
| Property | Type | Description | Specifications |
|---|---|---|---|
accessKeyAge * | number | null | IAM_USER-only: age in days of the oldest access key. | |
accountAlias * | string | null | Human-friendly account alias when available. | |
arn * | string | null | AWS ARN of the resource when applicable. | |
assetState * | string | null | Runtime state of the asset (e.g. running, stopped, available). | |
assetStatus * | string | null | Runtime status code reported by the provider. | |
availabilityDomain * | string | null | OCI-only: availability domain. | |
bucketName * | string | null | S3 bucket name (BUCKET assets). | |
cloudAccountId * | string | AWS account ID / Azure subscription / GCP project / OCI tenancy that owns the asset. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
compartmentId * | string | null | OCI-only: compartment OCID. | |
controlsFailed * | number | null | Number of CSPM controls currently failing for this asset per Qualys last evaluation. | |
dbInstanceIdentifier * | string | null | RDS-only: DB instance identifier. | |
engine * | string | null | Database engine name. | |
engineVersion * | string | null | Database engine version. | |
externalIpAddress * | string | null | GCP VM_INSTANCE-only: external IP. | |
groupId * | string | null | VPC_SECURITY_GROUP-only: native group ID. | |
hasAccessKey * | boolean | null | IAM_USER-only: at least one access key exists. | |
hasConsolePassword * | boolean | null | IAM_USER-only: console password set. | |
hasInboundFromAnywhere * | boolean | null | VPC_SECURITY_GROUP-only: true when an ingress rule allows 0.0.0.0/0 or ::/0. | |
iamInstanceProfileArn * | string | null | EC2_INSTANCE-only: attached IAM instance profile ARN. | |
imageId * | string | null | EC2_INSTANCE-only: AMI ID. | |
imageOffer * | string | null | Azure VM image offer. | |
imagePublisher * | string | null | Azure VM image publisher. | |
imageSku * | string | null | Azure VM image SKU. | |
instanceId * | string | null | EC2_INSTANCE-only: native instance ID. | |
instanceType * | string | null | Compute instance type/size. | |
isAuditingEnabled * | boolean | null | Azure SQL-only: auditing enabled. | |
isBackupRetentionEnabled * | boolean | null | RDS-only: backup retention enabled. | |
isDeletionProtectionEnabled * | boolean | null | RDS-only: deletion-protection enabled. | |
isMfaEnabled * | boolean | null | IAM_USER-only: MFA enabled. | |
isMonitoringEnabled * | boolean | null | Detailed monitoring/diagnostics enabled. | |
isMultiAz * | boolean | null | RDS-only: multi-AZ replication flag. | |
isPublic * | boolean | null | Whether the asset is publicly accessible. | |
isPubliclyAccessible * | boolean | null | Whether the asset accepts public network traffic. | |
isRemediationEnabled * | boolean | null | True when Qualys may auto-remediate this asset. | |
isStorageEncrypted * | boolean | null | Whether at-rest encryption is enabled. | |
isTdeEnabled * | boolean | null | Azure SQL-only: Transparent Data Encryption enabled. | |
isThreatDetectionEnabled * | boolean | null | Azure SQL-only: threat detection enabled. | |
lastLoginOn * | number | null | IAM_USER-only: epoch ms of last console login. | |
machineType * | string | null | GCP VM_INSTANCE-only: machine type URL. | |
networkNames * | array | null | GCP VM_INSTANCE-only: attached VPC network names. | |
networkSecurityGroupId * | string | null | Azure NSG resource ID attached to the asset. | |
osType * | string | null | Azure VIRTUAL_MACHINE-only: OS type. | |
primaryPublicIPAddress * | string | null | Azure VIRTUAL_MACHINE-only: primary public IP. | |
privateIpAddress * | string | null | GCP VM_INSTANCE-only: primary internal IP. | |
privateIpAddresses * | array | null | Private IP addresses. | |
provisioningState * | string | null | Azure provisioning state. | |
publicIpAddresses * | array | null | Public IP addresses. | |
qualysConnectorId * | string | connectorId of the ingesting Qualys connector. Used as a stable cross-reference. | |
qualysUuid * | string | Qualys-side UUID for the asset (globally unique within the tenant). | |
region * | string | null | Cloud region the asset lives in. | |
resourceId * | string | Cloud-native resource identifier (instance ID, bucket name, full ARN, Azure resource ID, GCP resource ID, OCID). | |
resourceType * | string | Qualys resource-type code, e.g. EC2_INSTANCE, BUCKET, IAM_USER. | |
securityGroupIds * | array | null | Attached security group IDs. | |
subnetId * | string | null | AWS subnet ID. | |
tagPairs * | array | null | Cloud-native tags on the asset, formatted as name=value strings (or just name when the tag has no value). | |
vendor * | string | Always "Qualys". | |
vmSize * | string | null | Azure VIRTUAL_MACHINE-only: VM size SKU. | |
vpcId * | string | null | AWS VPC ID. | |
zone * | string | null | GCP-only: zone name. |
Qualys Totalcloud Connector
qualys_totalcloud_connector inherits from Account
| Property | Type | Description | Specifications |
|---|---|---|---|
awsAccountAlias * | string | null | AWS-only: human-readable account alias. | |
awsAccountId * | string | null | AWS-only: the 12-digit AWS account ID. | |
awsBaseAccountId * | string | null | AWS-only: base/payer account ID when present. | |
awsExternalId * | string | null | AWS-only: external ID for the assume-role. | |
awsRoleArn * | string | null | AWS-only: assumed-role ARN Qualys uses. | |
azureApplicationId * | string | null | Azure-only: app registration GUID. | |
azureSubscriptionId * | string | null | Azure-only: subscription GUID. | |
azureTenantId * | string | null | Azure-only: tenant GUID. | |
connectorId * | string | Qualys-side UUID for the connector. | |
connectorState * | string | null | Connector sync state, e.g. SUCCESS, PENDING, REGIONS_DISCOVERED, ERROR. | |
gcpProjectId * | string | null | GCP-only: project ID. | |
gcpServiceAccountEmail * | string | null | GCP-only: service account email Qualys impersonates. | |
groupNames * | array | null | Names of Qualys connector groups this connector belongs to. | |
isChinaRegion * | boolean | null | AWS-only: true for China-region connectors. | |
isDisabled * | boolean | null | True when the connector is paused/disabled. | |
isGovCloud * | boolean | null | AWS-only: true for GovCloud-scoped connectors. | |
isPortalConnector * | boolean | null | True when managed by the new central Qualys Connectors app. | |
isRemediationEnabled * | boolean | null | True when Qualys auto-remediation is enabled for this connector. | |
lastError * | string | null | Last error message reported by Qualys (null when healthy). | |
lastSyncedOn * | number | null | Epoch ms of last successful sync. | |
ociHomeRegion * | string | null | OCI-only: home region name. | |
ociTenancyOcid * | string | null | OCI-only: tenancy OCID. | |
ociUserOcid * | string | null | OCI-only: API user OCID. | |
pollingFrequencyHours * | number | null | Polling interval in decimal hours (hours + minutes/60). | |
provider * | string | Cloud provider: AWS, AZURE, GCP, or OCI. | |
totalAssets * | number | null | Asset count Qualys observed at the last sync. |
Qualys Totalcloud Control
qualys_totalcloud_control inherits from ControlPolicy
| Property | Type | Description | Specifications |
|---|---|---|---|
cid * | string | Qualys control identifier. | |
controlCriticality * | string | null | Qualys control criticality (LOW / MEDIUM / HIGH). Separate from the base-class criticality (numeric). | |
controlType * | string | null | System Defined or User Defined. | |
evaluationDescription * | string | null | Free-text description of what the control evaluates. | |
executionType * | string | null | Run Time or Build Time. | |
failMessage * | string | null | Message shown for FAIL. | |
isCustomizable * | boolean | null | True when the control may be customized by the tenant. | |
isQflowBased * | boolean | null | True for QFlow-based controls. | |
isRemediationEnabled * | boolean | null | True when Qualys can auto-remediate failures. | |
manualRemediation * | string | null | Manual remediation guidance. | |
numericSeverity * | number | null | Numeric mapping of criticality (LOW=2, MEDIUM=5, HIGH=7, CRITICAL=10). | |
passMessage * | string | null | Message shown for PASS. | |
policyNames * | array | null | Framework/policy names this control belongs to. | |
provider * | string | AWS, AZURE, GCP, or OCI. | |
rationale * | string | null | Rationale text for the control. | |
referenceText * | string | null | External reference URLs (raw string from Qualys references field). | |
resourceType * | string | null | Provider resource-type the control evaluates. | |
serviceType * | string | null | Provider service category, e.g. IAM, Azure SQL. | |
specification * | string | null | Detailed specification text. | |
vendor * | string | Always "Qualys". |
Qualys Totalcloud Finding
qualys_totalcloud_finding inherits from Finding
| Property | Type | Description | Specifications |
|---|---|---|---|
cloudAccountId * | string | Cloud account/subscription/project/tenancy ID. | |
cloudProvider * | string | AWS, AZURE, GCP, or OCI. | |
controlId * | string | Qualys control identifier (CID); numeric or alphanumeric. | |
controlName * | string | Denormalized control name (joined from control metadata). | |
evidences * | array | null | Qualys evidence entries supporting this finding, formatted as settingName=actualValue strings (or just one side when the other is missing). | |
firstEvaluatedOn * | number | null | Epoch ms; first time this control was evaluated against the resource. | |
fixedOn * | number | null | Epoch ms when the misconfiguration was last observed as fixed. | |
isPassWithException * | boolean | True when result === PASS_WITH_EXCEPTION. | |
lastEvaluatedOn * | number | null | Epoch ms; most recent evaluation. Null when Qualys reports neither evaluationDates.lastEvaluated nor evaluatedOn. | |
policyName * | string | null | Denormalized framework/policy name (e.g. CIS AWS Foundations). | |
qualysConnectorId * | string | Qualys connectorId that produced this finding. | |
region * | string | null | Cloud region. | |
reopenedOn * | number | null | Epoch ms when the finding most recently re-opened. | |
resourceId * | string | Cloud-native resource ID the finding applies to. | |
resourceType * | string | Qualys resource-type code. | |
result * | string | PASS, FAIL, or PASS_WITH_EXCEPTION. | |
service * | string | null | Qualys service code, e.g. IAM, S3, VPC. | |
vendor * | string | Always "Qualys". |