SecurityBulletinEvent

Stay organized with collections Save and categorize content based on your preferences.

SecurityBulletinEvent is a notification sent to customers when a security bulletin has been posted that they are vulnerable to.

JSON representation
{
  "resourceTypeAffected": string,
  "bulletinId": string,
  "cveIds": [
    string
  ],
  "severity": string,
  "bulletinUri": string,
  "briefDescription": string,
  "affectedSupportedMinors": [
    string
  ],
  "patchedVersions": [
    string
  ],
  "suggestedUpgradeTarget": string,
  "manualStepsRequired": boolean
}
Fields
resourceTypeAffected

string

The resource type (node/control plane) that has the vulnerability. Multiple notifications (1 notification per resource type) will be sent for a vulnerability that affects > 1 resource type.

bulletinId

string

The ID of the bulletin corresponding to the vulnerability.

cveIds[]

string

The CVEs associated with this bulletin.

severity

string

The severity of this bulletin as it relates to GKE.

bulletinUri

string

The URI link to the bulletin on the website for more information.

briefDescription

string

A brief description of the bulletin. See the bulletin pointed to by the bulletinUri field for an expanded description.

affectedSupportedMinors[]

string

The GKE minor versions affected by this vulnerability.

patchedVersions[]

string

The GKE versions where this vulnerability is patched.

suggestedUpgradeTarget

string

This represents a version selected from the patchedVersions field that the cluster receiving this notification should most likely want to upgrade to based on its current version. Note that if this notification is being received by a given cluster, it means that this version is currently available as an upgrade target in that cluster's location.

manualStepsRequired

boolean

If this field is specified, it means there are manual steps that the user must take to make their clusters safe.