Inspector2 / Client / create_findings_report
create_findings_report#
- Inspector2.Client.create_findings_report(**kwargs)#
Creates a finding report. By default only
ACTIVE
findings are returned in the report. To seeSUPRESSED
orCLOSED
findings you must specify a value for thefindingStatus
filter criteria.See also: AWS API Documentation
Request Syntax
response = client.create_findings_report( filterCriteria={ 'awsAccountId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'componentId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'componentType': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ec2InstanceImageId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ec2InstanceSubnetId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ec2InstanceVpcId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ecrImageArchitecture': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ecrImageHash': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ecrImagePushedAt': [ { 'endInclusive': datetime(2015, 1, 1), 'startInclusive': datetime(2015, 1, 1) }, ], 'ecrImageRegistry': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ecrImageRepositoryName': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ecrImageTags': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'exploitAvailable': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'findingArn': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'findingStatus': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'findingType': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'firstObservedAt': [ { 'endInclusive': datetime(2015, 1, 1), 'startInclusive': datetime(2015, 1, 1) }, ], 'fixAvailable': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'inspectorScore': [ { 'lowerInclusive': 123.0, 'upperInclusive': 123.0 }, ], 'lambdaFunctionExecutionRoleArn': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'lambdaFunctionLastModifiedAt': [ { 'endInclusive': datetime(2015, 1, 1), 'startInclusive': datetime(2015, 1, 1) }, ], 'lambdaFunctionLayers': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'lambdaFunctionName': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'lambdaFunctionRuntime': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'lastObservedAt': [ { 'endInclusive': datetime(2015, 1, 1), 'startInclusive': datetime(2015, 1, 1) }, ], 'networkProtocol': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'portRange': [ { 'beginInclusive': 123, 'endInclusive': 123 }, ], 'relatedVulnerabilities': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'resourceId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'resourceTags': [ { 'comparison': 'EQUALS', 'key': 'string', 'value': 'string' }, ], 'resourceType': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'severity': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'title': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'updatedAt': [ { 'endInclusive': datetime(2015, 1, 1), 'startInclusive': datetime(2015, 1, 1) }, ], 'vendorSeverity': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'vulnerabilityId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'vulnerabilitySource': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'vulnerablePackages': [ { 'architecture': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, 'epoch': { 'lowerInclusive': 123.0, 'upperInclusive': 123.0 }, 'name': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, 'release': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, 'sourceLambdaLayerArn': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, 'sourceLayerHash': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, 'version': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' } }, ] }, reportFormat='CSV'|'JSON', s3Destination={ 'bucketName': 'string', 'keyPrefix': 'string', 'kmsKeyArn': 'string' } )
- Parameters:
filterCriteria (dict) –
The filter criteria to apply to the results of the finding report.
awsAccountId (list) –
Details of the Amazon Web Services account IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
componentId (list) –
Details of the component IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
componentType (list) –
Details of the component types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceImageId (list) –
Details of the Amazon EC2 instance image IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceSubnetId (list) –
Details of the Amazon EC2 instance subnet IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceVpcId (list) –
Details of the Amazon EC2 instance VPC IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ecrImageArchitecture (list) –
Details of the Amazon ECR image architecture types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ecrImageHash (list) –
Details of the Amazon ECR image hashes used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ecrImagePushedAt (list) –
Details on the Amazon ECR image push date and time used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
ecrImageRegistry (list) –
Details on the Amazon ECR registry used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ecrImageRepositoryName (list) –
Details on the name of the Amazon ECR repository used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ecrImageTags (list) –
The tags attached to the Amazon ECR container image.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
exploitAvailable (list) –
Filters the list of AWS Lambda findings by the availability of exploits.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
findingArn (list) –
Details on the finding ARNs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
findingStatus (list) –
Details on the finding status types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
findingType (list) –
Details on the finding types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
firstObservedAt (list) –
Details on the date and time a finding was first seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
fixAvailable (list) –
Details on whether a fix is available through a version update. This value can be
YES
,NO
, orPARTIAL
. APARTIAL
fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
inspectorScore (list) –
The Amazon Inspector score to filter on.
(dict) –
An object that describes the details of a number filter.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
lambdaFunctionExecutionRoleArn (list) –
Filters the list of AWS Lambda functions by execution role.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
lambdaFunctionLastModifiedAt (list) –
Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
lambdaFunctionLayers (list) –
Filters the list of AWS Lambda functions by the function’s layers. A Lambda function can have up to five layers.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
lambdaFunctionName (list) –
Filters the list of AWS Lambda functions by the name of the function.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
lambdaFunctionRuntime (list) –
Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
lastObservedAt (list) –
Details on the date and time a finding was last seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
networkProtocol (list) –
Details on the ingress source addresses used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
portRange (list) –
Details on the port ranges used to filter findings.
(dict) –
An object that describes the details of a port range filter.
beginInclusive (integer) –
The port number the port range begins at.
endInclusive (integer) –
The port number the port range ends at.
relatedVulnerabilities (list) –
Details on the related vulnerabilities used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
resourceId (list) –
Details on the resource IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
resourceTags (list) –
Details on the resource tags used to filter findings.
(dict) –
An object that describes details of a map filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
key (string) – [REQUIRED]
The tag key used in the filter.
value (string) –
The tag value used in the filter.
resourceType (list) –
Details on the resource types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
severity (list) –
Details on the severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
title (list) –
Details on the finding title used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
updatedAt (list) –
Details on the date and time a finding was last updated at used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
vendorSeverity (list) –
Details on the vendor severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
vulnerabilityId (list) –
Details on the vulnerability ID used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
vulnerabilitySource (list) –
Details on the vulnerability type used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
vulnerablePackages (list) –
Details on the vulnerable packages used to filter findings.
(dict) –
Contains information on the details of a package filter.
architecture (dict) –
An object that contains details on the package architecture type to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
epoch (dict) –
An object that contains details on the package epoch to filter on.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
name (dict) –
An object that contains details on the name of the package to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
release (dict) –
An object that contains details on the package release to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
sourceLambdaLayerArn (dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
sourceLayerHash (dict) –
An object that contains details on the source layer hash to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
version (dict) –
The package version to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
reportFormat (string) –
[REQUIRED]
The format to generate the report in.
s3Destination (dict) –
[REQUIRED]
The Amazon S3 export destination for the report.
bucketName (string) – [REQUIRED]
The name of the Amazon S3 bucket to export findings to.
keyPrefix (string) –
The prefix of the Amazon S3 bucket used to export findings.
kmsKeyArn (string) – [REQUIRED]
The ARN of the KMS key used to encrypt data when exporting findings.
- Return type:
dict
- Returns:
Response Syntax
{ 'reportId': 'string' }
Response Structure
(dict) –
reportId (string) –
The ID of the report.
Exceptions
Inspector2.Client.exceptions.ValidationException
Inspector2.Client.exceptions.AccessDeniedException
Inspector2.Client.exceptions.ResourceNotFoundException
Inspector2.Client.exceptions.ThrottlingException
Inspector2.Client.exceptions.InternalServerException