When I tried to delete and old compartment where VCN, Compute Instances and Co. were already deleted, the action failed because there were old Vulnerability Scanning reports available for hosts and ports. And they need to be deleted first before a compartment can be deleted.
The error message with the resource ids:
Method A) – click by click
Here are the scan reports for tab Hosts. You can delete them one by one when clicking on the dropdown menu of the line. But, this is not really an option with over 300 list entries…
Method B) – OCI CLI Bulk Delete
Based on installed OCI CLI, this is a small script which iterates over all entries of a specific compartment and prints the output of the delete command. Take care about the required IAM permissions (see sections Links below). The –force parameter avoids the confirmation question for each delete action.
#!/bin/bash set -e vssList=$(oci vulnerability-scanning host scan result agent list --compartment-id ocid1.compartment.oc1..aaaaaaaaaql7z6v12345678903r4n43npa7pix7s4aj4vxa --profile ADMIN --all) for i in $(echo "$vssList" | jq '.data | .items | .[].id') do echo "oci vulnerability-scanning host scan result agent delete --host-agent-scan-result-id $i --profile ADMIN --force"
The output is like this, just copy and paste it.
oci vulnerability-scanning host scan result agent delete --host-agent-scan-result-id "ocid1.vsshostscanresult.oc1..aaaaaaaahv2twspqpjf55hrkg3aua4av7t4obao4jdds7egbgct5vwfa3yoa" --profile ADMIN --force oci vulnerability-scanning host scan result agent delete --host-agent-scan-result-id "ocid1.vsshostscanresult.oc1..aaaaaaaaw66ek6e5pkzogeray72zbjne5xo77h5tk6ed3e2g4drr3c65bszq" --profile ADMIN --force oci vulnerability-scanning host scan result agent delete --host-agent-scan-result-id "ocid1.vsshostscanresult.oc1..aaaaaaaadbc4hoxvj4wcqkdkfsxzbo67tz5s7ldhjkm37g74rgo6cuafd4dq" --profile ADMIN --force oci vulnerability-scanning host scan result agent delete --host-agent-scan-result-id "ocid1.vsshostscanresult.oc1..aaaaaaaakcg3nkosa6sd2plrk34y4gfhoo6ty5ls4gg3fhjfixmwrlzyo2yq" --profile ADMIN --force oci vulnerability-scanning host scan result agent delete --host-agent-scan-result-id "ocid1.vsshostscanresult.oc1..aaaaaaaa6v7uyjro32oyd23j3k2gtqcrsbq6ux2j3s5xeauic4fl2rlh6j3a" --profile ADMIN --force oci vulnerability-scanning host scan result agent delete --host-agent-scan-result-id "ocid1.vsshostscanresult.oc1..aaaaaaaa2pscpiwabrb77xxlu4plfu4dtcqhkcw5twh4osia64jurj6a3dxa" --profile ADMIN --force oci vulnerability-scanning host scan result agent delete --host-agent-scan-result-id "ocid1.vsshostscanresult.oc1..aaaaaaaak5v3ngcowqbvofurcqzzqdnjq77ciuhswvd7u2md27vr36htebyq" --profile ADMIN --force oci vulnerability-scanning host scan result agent delete --host-agent-scan-result-id "ocid1.vsshostscanresult.oc1..aaaaaaaacskxl5ypmtzzajhdprhldxdl4usiimvuxwqouoxwotggwks36ibq" --profile ADMIN --force oci vulnerability-scanning host scan result agent delete --host-agent-scan-result-id "ocid1.vsshostscanresult.oc1..aaaaaaaaycieyjd3twmhewlim2qhbbx4ghoraminzyucptkihs24gxfpikqa" --profile ADMIN --force oci vulnerability-scanning host scan result agent delete --host-agent-scan-result-id "ocid1.vsshostscanresult.oc1..aaaaaaaamzqhslkhwtebaxfrg656iscz34cg7w2zlikz3jycv5sldpfwk7ha" --profile ADMIN --force
If you have scan reports for hosts, then use this command:
# Command oci vulnerability-scanning host scan result port list # Parameter --host-port-scan-result-id