EC2.Client.
get_network_insights_access_scope_analysis_findings
(**kwargs)¶Gets the findings for the specified Network Access Scope analysis.
See also: AWS API Documentation
Request Syntax
response = client.get_network_insights_access_scope_analysis_findings(
NetworkInsightsAccessScopeAnalysisId='string',
MaxResults=123,
NextToken='string',
DryRun=True|False
)
[REQUIRED]
The ID of the Network Access Scope analysis.
nextToken
value.DryRunOperation
. Otherwise, it is UnauthorizedOperation
.dict
Response Syntax
{
'NetworkInsightsAccessScopeAnalysisId': 'string',
'AnalysisStatus': 'running'|'succeeded'|'failed',
'AnalysisFindings': [
{
'NetworkInsightsAccessScopeAnalysisId': 'string',
'NetworkInsightsAccessScopeId': 'string',
'FindingId': 'string',
'FindingComponents': [
{
'SequenceNumber': 123,
'AclRule': {
'Cidr': 'string',
'Egress': True|False,
'PortRange': {
'From': 123,
'To': 123
},
'Protocol': 'string',
'RuleAction': 'string',
'RuleNumber': 123
},
'AttachedTo': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'Component': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'DestinationVpc': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'OutboundHeader': {
'DestinationAddresses': [
'string',
],
'DestinationPortRanges': [
{
'From': 123,
'To': 123
},
],
'Protocol': 'string',
'SourceAddresses': [
'string',
],
'SourcePortRanges': [
{
'From': 123,
'To': 123
},
]
},
'InboundHeader': {
'DestinationAddresses': [
'string',
],
'DestinationPortRanges': [
{
'From': 123,
'To': 123
},
],
'Protocol': 'string',
'SourceAddresses': [
'string',
],
'SourcePortRanges': [
{
'From': 123,
'To': 123
},
]
},
'RouteTableRoute': {
'DestinationCidr': 'string',
'DestinationPrefixListId': 'string',
'EgressOnlyInternetGatewayId': 'string',
'GatewayId': 'string',
'InstanceId': 'string',
'NatGatewayId': 'string',
'NetworkInterfaceId': 'string',
'Origin': 'string',
'TransitGatewayId': 'string',
'VpcPeeringConnectionId': 'string',
'State': 'string'
},
'SecurityGroupRule': {
'Cidr': 'string',
'Direction': 'string',
'SecurityGroupId': 'string',
'PortRange': {
'From': 123,
'To': 123
},
'PrefixListId': 'string',
'Protocol': 'string'
},
'SourceVpc': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'Subnet': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'Vpc': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'AdditionalDetails': [
{
'AdditionalDetailType': 'string',
'Component': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
}
},
],
'TransitGateway': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'TransitGatewayRouteTableRoute': {
'DestinationCidr': 'string',
'State': 'string',
'RouteOrigin': 'string',
'PrefixListId': 'string',
'AttachmentId': 'string',
'ResourceId': 'string',
'ResourceType': 'string'
},
'Explanations': [
{
'Acl': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'AclRule': {
'Cidr': 'string',
'Egress': True|False,
'PortRange': {
'From': 123,
'To': 123
},
'Protocol': 'string',
'RuleAction': 'string',
'RuleNumber': 123
},
'Address': 'string',
'Addresses': [
'string',
],
'AttachedTo': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'AvailabilityZones': [
'string',
],
'Cidrs': [
'string',
],
'Component': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'CustomerGateway': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'Destination': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'DestinationVpc': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'Direction': 'string',
'ExplanationCode': 'string',
'IngressRouteTable': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'InternetGateway': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'LoadBalancerArn': 'string',
'ClassicLoadBalancerListener': {
'LoadBalancerPort': 123,
'InstancePort': 123
},
'LoadBalancerListenerPort': 123,
'LoadBalancerTarget': {
'Address': 'string',
'AvailabilityZone': 'string',
'Instance': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'Port': 123
},
'LoadBalancerTargetGroup': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'LoadBalancerTargetGroups': [
{
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
],
'LoadBalancerTargetPort': 123,
'ElasticLoadBalancerListener': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'MissingComponent': 'string',
'NatGateway': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'NetworkInterface': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'PacketField': 'string',
'VpcPeeringConnection': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'Port': 123,
'PortRanges': [
{
'From': 123,
'To': 123
},
],
'PrefixList': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'Protocols': [
'string',
],
'RouteTableRoute': {
'DestinationCidr': 'string',
'DestinationPrefixListId': 'string',
'EgressOnlyInternetGatewayId': 'string',
'GatewayId': 'string',
'InstanceId': 'string',
'NatGatewayId': 'string',
'NetworkInterfaceId': 'string',
'Origin': 'string',
'TransitGatewayId': 'string',
'VpcPeeringConnectionId': 'string',
'State': 'string'
},
'RouteTable': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'SecurityGroup': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'SecurityGroupRule': {
'Cidr': 'string',
'Direction': 'string',
'SecurityGroupId': 'string',
'PortRange': {
'From': 123,
'To': 123
},
'PrefixListId': 'string',
'Protocol': 'string'
},
'SecurityGroups': [
{
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
],
'SourceVpc': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'State': 'string',
'Subnet': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'SubnetRouteTable': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'Vpc': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'VpcEndpoint': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'VpnConnection': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'VpnGateway': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'TransitGateway': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'TransitGatewayRouteTable': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'TransitGatewayRouteTableRoute': {
'DestinationCidr': 'string',
'State': 'string',
'RouteOrigin': 'string',
'PrefixListId': 'string',
'AttachmentId': 'string',
'ResourceId': 'string',
'ResourceType': 'string'
},
'TransitGatewayAttachment': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
},
'ComponentAccount': 'string',
'ComponentRegion': 'string'
},
],
'ElasticLoadBalancerListener': {
'Id': 'string',
'Arn': 'string',
'Name': 'string'
}
},
]
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
NetworkInsightsAccessScopeAnalysisId (string) --
The ID of the Network Access Scope analysis.
AnalysisStatus (string) --
The status of Network Access Scope Analysis.
AnalysisFindings (list) --
The findings associated with Network Access Scope Analysis.
(dict) --
Describes a finding for a Network Access Scope.
NetworkInsightsAccessScopeAnalysisId (string) --
The ID of the Network Access Scope analysis.
NetworkInsightsAccessScopeId (string) --
The ID of the Network Access Scope.
FindingId (string) --
The ID of the finding.
FindingComponents (list) --
The finding components.
(dict) --
Describes a path component.
SequenceNumber (integer) --
The sequence number.
AclRule (dict) --
The network ACL rule.
Cidr (string) --
The IPv4 address range, in CIDR notation.
Egress (boolean) --
Indicates whether the rule is an outbound rule.
PortRange (dict) --
The range of ports.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
Protocol (string) --
The protocol.
RuleAction (string) --
Indicates whether to allow or deny traffic that matches the rule.
RuleNumber (integer) --
The rule number.
AttachedTo (dict) --
The resource to which the path component is attached.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
Component (dict) --
The component.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
DestinationVpc (dict) --
The destination VPC.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
OutboundHeader (dict) --
The outbound header.
DestinationAddresses (list) --
The destination addresses.
DestinationPortRanges (list) --
The destination port ranges.
(dict) --
Describes a range of ports.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
Protocol (string) --
The protocol.
SourceAddresses (list) --
The source addresses.
SourcePortRanges (list) --
The source port ranges.
(dict) --
Describes a range of ports.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
InboundHeader (dict) --
The inbound header.
DestinationAddresses (list) --
The destination addresses.
DestinationPortRanges (list) --
The destination port ranges.
(dict) --
Describes a range of ports.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
Protocol (string) --
The protocol.
SourceAddresses (list) --
The source addresses.
SourcePortRanges (list) --
The source port ranges.
(dict) --
Describes a range of ports.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
RouteTableRoute (dict) --
The route table route.
DestinationCidr (string) --
The destination IPv4 address, in CIDR notation.
DestinationPrefixListId (string) --
The prefix of the Amazon Web Service.
EgressOnlyInternetGatewayId (string) --
The ID of an egress-only internet gateway.
GatewayId (string) --
The ID of the gateway, such as an internet gateway or virtual private gateway.
InstanceId (string) --
The ID of the instance, such as a NAT instance.
NatGatewayId (string) --
The ID of a NAT gateway.
NetworkInterfaceId (string) --
The ID of a network interface.
Origin (string) --
Describes how the route was created. The following are the possible values:
TransitGatewayId (string) --
The ID of a transit gateway.
VpcPeeringConnectionId (string) --
The ID of a VPC peering connection.
State (string) --
The state. The following are the possible values:
SecurityGroupRule (dict) --
The security group rule.
Cidr (string) --
The IPv4 address range, in CIDR notation.
Direction (string) --
The direction. The following are the possible values:
SecurityGroupId (string) --
The security group ID.
PortRange (dict) --
The port range.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
PrefixListId (string) --
The prefix list ID.
Protocol (string) --
The protocol name.
SourceVpc (dict) --
The source VPC.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
Subnet (dict) --
The subnet.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
Vpc (dict) --
The component VPC.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
AdditionalDetails (list) --
The additional details.
(dict) --
Describes an additional detail for a path analysis.
AdditionalDetailType (string) --
The information type.
Component (dict) --
The path component.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
TransitGateway (dict) --
The transit gateway.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
TransitGatewayRouteTableRoute (dict) --
The route in a transit gateway route table.
DestinationCidr (string) --
The CIDR block used for destination matches.
State (string) --
The state of the route.
RouteOrigin (string) --
The route origin. The following are the possible values:
PrefixListId (string) --
The ID of the prefix list.
AttachmentId (string) --
The ID of the route attachment.
ResourceId (string) --
The ID of the resource for the route attachment.
ResourceType (string) --
The resource type for the route attachment.
Explanations (list) --
The explanation codes.
(dict) --
Describes an explanation code for an unreachable path. For more information, see Reachability Analyzer explanation codes.
Acl (dict) --
The network ACL.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
AclRule (dict) --
The network ACL rule.
Cidr (string) --
The IPv4 address range, in CIDR notation.
Egress (boolean) --
Indicates whether the rule is an outbound rule.
PortRange (dict) --
The range of ports.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
Protocol (string) --
The protocol.
RuleAction (string) --
Indicates whether to allow or deny traffic that matches the rule.
RuleNumber (integer) --
The rule number.
Address (string) --
The IPv4 address, in CIDR notation.
Addresses (list) --
The IPv4 addresses, in CIDR notation.
AttachedTo (dict) --
The resource to which the component is attached.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
AvailabilityZones (list) --
The Availability Zones.
Cidrs (list) --
The CIDR ranges.
Component (dict) --
The component.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
CustomerGateway (dict) --
The customer gateway.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
Destination (dict) --
The destination.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
DestinationVpc (dict) --
The destination VPC.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
Direction (string) --
The direction. The following are the possible values:
ExplanationCode (string) --
The explanation code.
IngressRouteTable (dict) --
The route table.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
InternetGateway (dict) --
The internet gateway.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
LoadBalancerArn (string) --
The Amazon Resource Name (ARN) of the load balancer.
ClassicLoadBalancerListener (dict) --
The listener for a Classic Load Balancer.
LoadBalancerPort (integer) --
The port on which the load balancer is listening.
InstancePort (integer) --
[Classic Load Balancers] The back-end port for the listener.
LoadBalancerListenerPort (integer) --
The listener port of the load balancer.
LoadBalancerTarget (dict) --
The target.
Address (string) --
The IP address.
AvailabilityZone (string) --
The Availability Zone.
Instance (dict) --
Information about the instance.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
Port (integer) --
The port on which the target is listening.
LoadBalancerTargetGroup (dict) --
The target group.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
LoadBalancerTargetGroups (list) --
The target groups.
(dict) --
Describes a path component.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
LoadBalancerTargetPort (integer) --
The target port.
ElasticLoadBalancerListener (dict) --
The load balancer listener.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
MissingComponent (string) --
The missing component.
NatGateway (dict) --
The NAT gateway.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
NetworkInterface (dict) --
The network interface.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
PacketField (string) --
The packet field.
VpcPeeringConnection (dict) --
The VPC peering connection.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
Port (integer) --
The port.
PortRanges (list) --
The port ranges.
(dict) --
Describes a range of ports.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
PrefixList (dict) --
The prefix list.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
Protocols (list) --
The protocols.
RouteTableRoute (dict) --
The route table route.
DestinationCidr (string) --
The destination IPv4 address, in CIDR notation.
DestinationPrefixListId (string) --
The prefix of the Amazon Web Service.
EgressOnlyInternetGatewayId (string) --
The ID of an egress-only internet gateway.
GatewayId (string) --
The ID of the gateway, such as an internet gateway or virtual private gateway.
InstanceId (string) --
The ID of the instance, such as a NAT instance.
NatGatewayId (string) --
The ID of a NAT gateway.
NetworkInterfaceId (string) --
The ID of a network interface.
Origin (string) --
Describes how the route was created. The following are the possible values:
TransitGatewayId (string) --
The ID of a transit gateway.
VpcPeeringConnectionId (string) --
The ID of a VPC peering connection.
State (string) --
The state. The following are the possible values:
RouteTable (dict) --
The route table.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
SecurityGroup (dict) --
The security group.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
SecurityGroupRule (dict) --
The security group rule.
Cidr (string) --
The IPv4 address range, in CIDR notation.
Direction (string) --
The direction. The following are the possible values:
SecurityGroupId (string) --
The security group ID.
PortRange (dict) --
The port range.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
PrefixListId (string) --
The prefix list ID.
Protocol (string) --
The protocol name.
SecurityGroups (list) --
The security groups.
(dict) --
Describes a path component.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
SourceVpc (dict) --
The source VPC.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
State (string) --
The state.
Subnet (dict) --
The subnet.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
SubnetRouteTable (dict) --
The route table for the subnet.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
Vpc (dict) --
The component VPC.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
VpcEndpoint (dict) --
The VPC endpoint.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
VpnConnection (dict) --
The VPN connection.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
VpnGateway (dict) --
The VPN gateway.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
TransitGateway (dict) --
The transit gateway.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
TransitGatewayRouteTable (dict) --
The transit gateway route table.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
TransitGatewayRouteTableRoute (dict) --
The transit gateway route table route.
DestinationCidr (string) --
The CIDR block used for destination matches.
State (string) --
The state of the route.
RouteOrigin (string) --
The route origin. The following are the possible values:
PrefixListId (string) --
The ID of the prefix list.
AttachmentId (string) --
The ID of the route attachment.
ResourceId (string) --
The ID of the resource for the route attachment.
ResourceType (string) --
The resource type for the route attachment.
TransitGatewayAttachment (dict) --
The transit gateway attachment.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
ComponentAccount (string) --
The Amazon Web Services account for the component.
ComponentRegion (string) --
The Region for the component.
ElasticLoadBalancerListener (dict) --
The load balancer listener.
Id (string) --
The ID of the component.
Arn (string) --
The Amazon Resource Name (ARN) of the component.
Name (string) --
The name of the analysis component.
NextToken (string) --
The token to use to retrieve the next page of results. This value is null
when there are no more results to return.