> For the complete documentation index, see [llms.txt](https://docs.ox.security/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.ox.security/api-documentation/api-reference/api--cloud-security/queries/get-single-cloud-bom-item.md).
# getSingleCloudBomItem
Retrieves detailed information about a specific cloud BOM item.
### Examples
{% tabs %}
{% tab title="GraphQL" %}
```graphql
query GetSingleCloudBomItem($getSingleCloudBomItemInput: GetSingleCloudBomItem!) {
getSingleCloudBomItem(getSingleCloudBomItemInput: $getSingleCloudBomItemInput) {
id
assetName
service
resourceId
cbomId
cbomProvider
resourceType
resourceName
accountId
firstSeen
cloudProvider
serviceCategory
applications {
id
name
type
}
isExposed
isPermissiveIdentity
isHighPrivilege
isSensitiveData
contextFactors
imageSource
registryType
registryName
imageScanStatus
exposurePath {
type
name
cbomId
}
accountName
subService
region
resourceTags
resourceArn
images {
name
hashes {
hash
isFromRegistry
}
tags
}
relatedIssues {
info
low
medium
high
critical
appox
}
issueSeverityBreakdown {
name
severities {
info
low
medium
high
critical
appox
}
}
issuesStats {
totalIssues
sourceTools {
name
total
}
categories {
name
total
}
severities {
name
total
}
}
cluster
link
imageHash
workloads {
type
namespace
name
cluster
region
isExposed
consoleLink
exposurePath {
type
name
cbomId
}
}
artifactIds
attachedIdentities {
users
groups
servicePrincipals
serviceAccounts
iamPolicies
attachedResources
trustedBy
}
compliance {
checkId
status
frameworks
}
}
}
```
#### Variables
This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
```json
{
"getSingleCloudBomItemInput": {
"id": "example",
"scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99"
}
}
```
{% endtab %}
{% tab title="cURL" %}
```shell
curl -X POST \
https://api.cloud.ox.security/api/apollo-gateway \
-H 'Content-Type: application/json' \
-H 'Authorization: YOUR_API_TOKEN' \
-d '{
"query": "query GetSingleCloudBomItem($getSingleCloudBomItemInput: GetSingleCloudBomItem!) { getSingleCloudBomItem(getSingleCloudBomItemInput: $getSingleCloudBomItemInput) { id assetName service resourceId cbomId cbomProvider resourceType resourceName accountId firstSeen cloudProvider serviceCategory applications { id name type } isExposed isPermissiveIdentity isHighPrivilege isSensitiveData contextFactors imageSource registryType registryName imageScanStatus exposurePath { type name cbomId } accountName subService region resourceTags resourceArn images { name hashes { hash isFromRegistry } tags } relatedIssues { info low medium high critical appox } issueSeverityBreakdown { name severities { info low medium high critical appox } } issuesStats { totalIssues sourceTools { name total } categories { name total } severities { name total } } cluster link imageHash workloads { type namespace name cluster region isExposed consoleLink exposurePath { type name cbomId } } artifactIds attachedIdentities { users groups servicePrincipals serviceAccounts iamPolicies attachedResources trustedBy } compliance { checkId status frameworks } } }",
"variables": {
"getSingleCloudBomItemInput": {
"id": "example",
"scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99"
}
}
}'
```
{% endtab %}
{% tab title="Node.js" %}
```javascript
const query = 'query GetSingleCloudBomItem($getSingleCloudBomItemInput: GetSingleCloudBomItem!) { getSingleCloudBomItem(getSingleCloudBomItemInput: $getSingleCloudBomItemInput) { id assetName service resourceId cbomId cbomProvider resourceType resourceName accountId firstSeen cloudProvider serviceCategory applications { id name type } isExposed isPermissiveIdentity isHighPrivilege isSensitiveData contextFactors imageSource registryType registryName imageScanStatus exposurePath { type name cbomId } accountName subService region resourceTags resourceArn images { name hashes { hash isFromRegistry } tags } relatedIssues { info low medium high critical appox } issueSeverityBreakdown { name severities { info low medium high critical appox } } issuesStats { totalIssues sourceTools { name total } categories { name total } severities { name total } } cluster link imageHash workloads { type namespace name cluster region isExposed consoleLink exposurePath { type name cbomId } } artifactIds attachedIdentities { users groups servicePrincipals serviceAccounts iamPolicies attachedResources trustedBy } compliance { checkId status frameworks } } }';
fetch("https://api.cloud.ox.security/api/apollo-gateway", {
method: "POST",
headers: {
"Content-Type": "application/json",
"Authorization": "YOUR_API_TOKEN"
},
body: JSON.stringify({
query: query,
// This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
variables: {
getSingleCloudBomItemInput: {
id: "example",
scanId: "c9da693d-8906-4a32-93c9-2ffdb1cebb99"
}
}
})
})
.then(response => response.json())
.then(result => console.log(JSON.stringify(result, null, 2)))
.catch(error => console.error('Error:', error));
```
{% endtab %}
{% tab title="Python" %}
```python
import requests
query = 'query GetSingleCloudBomItem($getSingleCloudBomItemInput: GetSingleCloudBomItem!) { getSingleCloudBomItem(getSingleCloudBomItemInput: $getSingleCloudBomItemInput) { id assetName service resourceId cbomId cbomProvider resourceType resourceName accountId firstSeen cloudProvider serviceCategory applications { id name type } isExposed isPermissiveIdentity isHighPrivilege isSensitiveData contextFactors imageSource registryType registryName imageScanStatus exposurePath { type name cbomId } accountName subService region resourceTags resourceArn images { name hashes { hash isFromRegistry } tags } relatedIssues { info low medium high critical appox } issueSeverityBreakdown { name severities { info low medium high critical appox } } issuesStats { totalIssues sourceTools { name total } categories { name total } severities { name total } } cluster link imageHash workloads { type namespace name cluster region isExposed consoleLink exposurePath { type name cbomId } } artifactIds attachedIdentities { users groups servicePrincipals serviceAccounts iamPolicies attachedResources trustedBy } compliance { checkId status frameworks } } }'
response = requests.post(
"https://api.cloud.ox.security/api/apollo-gateway",
headers={
"Content-Type": "application/json",
"Authorization": "YOUR_API_TOKEN"
},
json={
"query": query,
# This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
"variables": {
"getSingleCloudBomItemInput": {
"id": "example",
"scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99"
}
}
}
)
if response.status_code == 200:
result = response.json()
print(result)
else:
print(f"Error: {response.status_code}")
print(response.text)
```
{% endtab %}
{% endtabs %}
### Arguments
You can use the following argument(s) to customize your `getSingleCloudBomItem` query.
| Argument | Description | Supported fields |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ------------------------------------------------------------ |
| getSingleCloudBomItemInput [`GetSingleCloudBomItem!`](/api-documentation/api-reference/api--cloud-security/types/inputs/get-single-cloud-bom-item.md) required | Parameters identifying which specific cloud BOM item to retrieve | id String!
scanId String
|
### Fields
Return type: [`CloudItem`](/api-documentation/api-reference/api--cloud-security/types/objects/cloud-item.md)
You can use the following field(s) to specify what information your `getSingleCloudBomItem` query will return. Please note that some fields may have their own subfields.
| Field | Description | Supported fields |
| -------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| id `String` | Unique identifier for the cloud item | |
| assetName `String` | Name of the cloud asset or resource | |
| service `String` | Cloud service type (EC2, S3, Lambda, etc.) | |
| resourceId `String` | Cloud provider's resource identifier | |
| cbomId `String` | Cloud Bill of Materials identifier | |
| cbomProvider `String` | Cloud provider name | |
| resourceType `String` | Type of cloud resource | |
| resourceName `String` | Name of the cloud resource | |
| accountId `String` | Cloud account identifier | |
| firstSeen `String` | Date when the resource was first discovered | |
| cloudProvider `String` | Cloud provider (AWS, Azure, GCP, etc.) | |
| serviceCategory `String` | Category of the cloud service | |
| applications [`[AppInfo]`](/api-documentation/api-reference/api--cloud-security/types/objects/app-info.md) | Applications associated with this cloud resource | id String
name String
type String
|
| isExposed `String` | Whether the resource is exposed to the internet | |
| isPermissiveIdentity `Boolean` | Whether the resource has a permissive (high-privilege) identity attached. | |
| isHighPrivilege `Boolean` | Whether the resource itself has high-privilege access. | |
| isSensitiveData `Boolean` | Whether the resource holds sensitive data (confirmed secrets or PII). | |
| contextFactors `[String]` | Severity-factor context labels for the asset. Set for runtime image assets. | |
| imageSource `String` | Source of the container image if applicable | |
| registryType `String` | Type of container registry | |
| registryName `String` | Name of the container registry | |
| imageScanStatus `String` | Status of the image security scan | |
| exposurePath [`[ExposurePathItem]`](/api-documentation/api-reference/api--cloud-security/types/objects/exposure-path-item.md) | Path showing how the resource is exposed | type String
name String
cbomId String
|
| accountName `String` | Human-readable name of the cloud account | |
| subService `String` | Sub-service or component within the main service | |
| region `String` | Cloud region where the resource is located | |
| resourceTags `JSON` | Tags associated with the cloud resource | |
| resourceArn `String` | Amazon Resource Name (ARN) for AWS resources | |
| images [`[CloudItemImage]`](/api-documentation/api-reference/api--cloud-security/types/objects/cloud-item-image.md) | Container images associated with this resource | name String
hashes \[CloudItemImageHash]
tags \[String]
|
| relatedIssues [`Severities`](/api-documentation/api-reference/api--application/types/objects/severities.md) | Security issues found in this resource, categorized by severity | info Int
low Int
medium Int
high Int
critical Int
appox Int
|
| issueSeverityBreakdown [`[CloudIssueSeverityBreakdown]`](/api-documentation/api-reference/api--cloud-security/types/objects/cloud-issue-severity-breakdown.md) | Breakdown of issues by policy category with severity details | name String
severities Severities
|
| issuesStats [`IssuesStats`](/api-documentation/api-reference/api--cloud-security/types/objects/issues-stats.md) | Statistics about security issues found | totalIssues Int
sourceTools \[IssueStat]
categories \[IssueStat]
severities \[IssueStat]
|
| cluster `String` | Kubernetes cluster name if applicable | |
| link `String` | URL link to view the resource in the cloud console | |
| imageHash `String` | Hash of the container image | |
| workloads [`[Workload]`](/api-documentation/api-reference/api--cloud-security/types/objects/workload.md) | Kubernetes workloads associated with this resource | type String
namespace String
name String
cluster String
region String
isExposed String
consoleLink String
exposurePath \[ExposurePathItem]
|
| artifactIds `[String]` | List of artifact identifiers associated with this resource | |
| attachedIdentities [`CbomAttachedIdentities`](/api-documentation/api-reference/api--cloud-security/types/objects/cbom-attached-identities.md) | CBOM asset related identities | users \[String]
groups \[String]
servicePrincipals \[String]
serviceAccounts \[String]
iamPolicies \[String]
attachedResources \[String]
trustedBy \[String]
|
| compliance [`[CloudItemCompliance]`](/api-documentation/api-reference/api--cloud-security/types/objects/cloud-item-compliance.md) | Per-asset compliance results: each entry is a single compliance check evaluated for this asset, with its status and the framework controls it maps to. | checkId String
status String
frameworks JSON
|
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.ox.security/api-documentation/api-reference/api--cloud-security/queries/get-single-cloud-bom-item.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.