For {project}, either project-number or project-id can be provided. For {instance}, either Compute Engine instance-id or instance-name can be provided.
Request body
The request body must be empty.
Response body
If successful, the response body contains an instance of VulnerabilityReport.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-07-28 UTC."],[[["\u003cp\u003eThis endpoint retrieves a vulnerability report for a specific VM instance, but only if the VM has associated inventory data.\u003c/p\u003e\n"],["\u003cp\u003eThe request uses a \u003ccode\u003eGET\u003c/code\u003e method with a URL that specifies the project, location, and instance to target, and it's formatted using gRPC Transcoding syntax.\u003c/p\u003e\n"],["\u003cp\u003eThe request body is required to be empty for this specific endpoint.\u003c/p\u003e\n"],["\u003cp\u003eSuccessful responses return a \u003ccode\u003eVulnerabilityReport\u003c/code\u003e instance, providing details about the discovered vulnerabilities on the target VM.\u003c/p\u003e\n"],["\u003cp\u003eAccessing this endpoint requires both the \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e OAuth scope and the \u003ccode\u003eosconfig.vulnerabilityReports.get\u003c/code\u003e IAM permission on the target resource.\u003c/p\u003e\n"]]],[],null,[]]