Inspector2 / Client / list_findings
list_findings#
- Inspector2.Client.list_findings(**kwargs)#
Lists findings for your environment.
See also: AWS API Documentation
Request Syntax
response = client.list_findings( filterCriteria={ 'awsAccountId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'codeVulnerabilityDetectorName': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'codeVulnerabilityDetectorTags': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'codeVulnerabilityFilePath': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'componentId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'componentType': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ec2InstanceImageId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ec2InstanceSubnetId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ec2InstanceVpcId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ecrImageArchitecture': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ecrImageHash': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ecrImagePushedAt': [ { 'endInclusive': datetime(2015, 1, 1), 'startInclusive': datetime(2015, 1, 1) }, ], 'ecrImageRegistry': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ecrImageRepositoryName': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'ecrImageTags': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'epssScore': [ { 'lowerInclusive': 123.0, 'upperInclusive': 123.0 }, ], 'exploitAvailable': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'findingArn': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'findingStatus': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'findingType': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'firstObservedAt': [ { 'endInclusive': datetime(2015, 1, 1), 'startInclusive': datetime(2015, 1, 1) }, ], 'fixAvailable': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'inspectorScore': [ { 'lowerInclusive': 123.0, 'upperInclusive': 123.0 }, ], 'lambdaFunctionExecutionRoleArn': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'lambdaFunctionLastModifiedAt': [ { 'endInclusive': datetime(2015, 1, 1), 'startInclusive': datetime(2015, 1, 1) }, ], 'lambdaFunctionLayers': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'lambdaFunctionName': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'lambdaFunctionRuntime': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'lastObservedAt': [ { 'endInclusive': datetime(2015, 1, 1), 'startInclusive': datetime(2015, 1, 1) }, ], 'networkProtocol': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'portRange': [ { 'beginInclusive': 123, 'endInclusive': 123 }, ], 'relatedVulnerabilities': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'resourceId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'resourceTags': [ { 'comparison': 'EQUALS', 'key': 'string', 'value': 'string' }, ], 'resourceType': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'severity': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'title': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'updatedAt': [ { 'endInclusive': datetime(2015, 1, 1), 'startInclusive': datetime(2015, 1, 1) }, ], 'vendorSeverity': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'vulnerabilityId': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'vulnerabilitySource': [ { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, ], 'vulnerablePackages': [ { 'architecture': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, 'epoch': { 'lowerInclusive': 123.0, 'upperInclusive': 123.0 }, 'name': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, 'release': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, 'sourceLambdaLayerArn': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, 'sourceLayerHash': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' }, 'version': { 'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS', 'value': 'string' } }, ] }, maxResults=123, nextToken='string', sortCriteria={ 'field': 'AWS_ACCOUNT_ID'|'FINDING_TYPE'|'SEVERITY'|'FIRST_OBSERVED_AT'|'LAST_OBSERVED_AT'|'FINDING_STATUS'|'RESOURCE_TYPE'|'ECR_IMAGE_PUSHED_AT'|'ECR_IMAGE_REPOSITORY_NAME'|'ECR_IMAGE_REGISTRY'|'NETWORK_PROTOCOL'|'COMPONENT_TYPE'|'VULNERABILITY_ID'|'VULNERABILITY_SOURCE'|'INSPECTOR_SCORE'|'VENDOR_SEVERITY'|'EPSS_SCORE', 'sortOrder': 'ASC'|'DESC' } )
- Parameters:
filterCriteria (dict) –
Details on the filters to apply to your finding results.
awsAccountId (list) –
Details of the Amazon Web Services account IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
codeVulnerabilityDetectorName (list) –
The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
codeVulnerabilityDetectorTags (list) –
The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
codeVulnerabilityFilePath (list) –
The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
componentId (list) –
Details of the component IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
componentType (list) –
Details of the component types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceImageId (list) –
Details of the Amazon EC2 instance image IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceSubnetId (list) –
Details of the Amazon EC2 instance subnet IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceVpcId (list) –
Details of the Amazon EC2 instance VPC IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ecrImageArchitecture (list) –
Details of the Amazon ECR image architecture types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ecrImageHash (list) –
Details of the Amazon ECR image hashes used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ecrImagePushedAt (list) –
Details on the Amazon ECR image push date and time used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
ecrImageRegistry (list) –
Details on the Amazon ECR registry used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ecrImageRepositoryName (list) –
Details on the name of the Amazon ECR repository used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
ecrImageTags (list) –
The tags attached to the Amazon ECR container image.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
epssScore (list) –
The EPSS score used to filter findings.
(dict) –
An object that describes the details of a number filter.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
exploitAvailable (list) –
Filters the list of AWS Lambda findings by the availability of exploits.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
findingArn (list) –
Details on the finding ARNs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
findingStatus (list) –
Details on the finding status types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
findingType (list) –
Details on the finding types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
firstObservedAt (list) –
Details on the date and time a finding was first seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
fixAvailable (list) –
Details on whether a fix is available through a version update. This value can be
YES
,NO
, orPARTIAL
. APARTIAL
fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
inspectorScore (list) –
The Amazon Inspector score to filter on.
(dict) –
An object that describes the details of a number filter.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
lambdaFunctionExecutionRoleArn (list) –
Filters the list of AWS Lambda functions by execution role.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
lambdaFunctionLastModifiedAt (list) –
Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
lambdaFunctionLayers (list) –
Filters the list of AWS Lambda functions by the function’s layers. A Lambda function can have up to five layers.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
lambdaFunctionName (list) –
Filters the list of AWS Lambda functions by the name of the function.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
lambdaFunctionRuntime (list) –
Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
lastObservedAt (list) –
Details on the date and time a finding was last seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
networkProtocol (list) –
Details on the ingress source addresses used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
portRange (list) –
Details on the port ranges used to filter findings.
(dict) –
An object that describes the details of a port range filter.
beginInclusive (integer) –
The port number the port range begins at.
endInclusive (integer) –
The port number the port range ends at.
relatedVulnerabilities (list) –
Details on the related vulnerabilities used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
resourceId (list) –
Details on the resource IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
resourceTags (list) –
Details on the resource tags used to filter findings.
(dict) –
An object that describes details of a map filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
key (string) – [REQUIRED]
The tag key used in the filter.
value (string) –
The tag value used in the filter.
resourceType (list) –
Details on the resource types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
severity (list) –
Details on the severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
title (list) –
Details on the finding title used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
updatedAt (list) –
Details on the date and time a finding was last updated at used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
vendorSeverity (list) –
Details on the vendor severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
vulnerabilityId (list) –
Details on the vulnerability ID used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
vulnerabilitySource (list) –
Details on the vulnerability type used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
vulnerablePackages (list) –
Details on the vulnerable packages used to filter findings.
(dict) –
Contains information on the details of a package filter.
architecture (dict) –
An object that contains details on the package architecture type to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
epoch (dict) –
An object that contains details on the package epoch to filter on.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
name (dict) –
An object that contains details on the name of the package to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
release (dict) –
An object that contains details on the package release to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
sourceLambdaLayerArn (dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
sourceLayerHash (dict) –
An object that contains details on the source layer hash to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
version (dict) –
The package version to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
value (string) – [REQUIRED]
The value to filter on.
maxResults (integer) – The maximum number of results to return in the response.
nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextToken
value returned from the previous request to continue listing results after the first page.sortCriteria (dict) –
Details on the sort criteria to apply to your finding results.
field (string) – [REQUIRED]
The finding detail field by which results are sorted.
sortOrder (string) – [REQUIRED]
The order by which findings are sorted.
- Return type:
dict
- Returns:
Response Syntax
{ 'findings': [ { 'awsAccountId': 'string', 'codeVulnerabilityDetails': { 'cwes': [ 'string', ], 'detectorId': 'string', 'detectorName': 'string', 'detectorTags': [ 'string', ], 'filePath': { 'endLine': 123, 'fileName': 'string', 'filePath': 'string', 'startLine': 123 }, 'referenceUrls': [ 'string', ], 'ruleId': 'string', 'sourceLambdaLayerArn': 'string' }, 'description': 'string', 'epss': { 'score': 123.0 }, 'exploitAvailable': 'YES'|'NO', 'exploitabilityDetails': { 'lastKnownExploitAt': datetime(2015, 1, 1) }, 'findingArn': 'string', 'firstObservedAt': datetime(2015, 1, 1), 'fixAvailable': 'YES'|'NO'|'PARTIAL', 'inspectorScore': 123.0, 'inspectorScoreDetails': { 'adjustedCvss': { 'adjustments': [ { 'metric': 'string', 'reason': 'string' }, ], 'cvssSource': 'string', 'score': 123.0, 'scoreSource': 'string', 'scoringVector': 'string', 'version': 'string' } }, 'lastObservedAt': datetime(2015, 1, 1), 'networkReachabilityDetails': { 'networkPath': { 'steps': [ { 'componentId': 'string', 'componentType': 'string' }, ] }, 'openPortRange': { 'begin': 123, 'end': 123 }, 'protocol': 'TCP'|'UDP' }, 'packageVulnerabilityDetails': { 'cvss': [ { 'baseScore': 123.0, 'scoringVector': 'string', 'source': 'string', 'version': 'string' }, ], 'referenceUrls': [ 'string', ], 'relatedVulnerabilities': [ 'string', ], 'source': 'string', 'sourceUrl': 'string', 'vendorCreatedAt': datetime(2015, 1, 1), 'vendorSeverity': 'string', 'vendorUpdatedAt': datetime(2015, 1, 1), 'vulnerabilityId': 'string', 'vulnerablePackages': [ { 'arch': 'string', 'epoch': 123, 'filePath': 'string', 'fixedInVersion': 'string', 'name': 'string', 'packageManager': 'BUNDLER'|'CARGO'|'COMPOSER'|'NPM'|'NUGET'|'PIPENV'|'POETRY'|'YARN'|'GOBINARY'|'GOMOD'|'JAR'|'OS'|'PIP'|'PYTHONPKG'|'NODEPKG'|'POM'|'GEMSPEC', 'release': 'string', 'remediation': 'string', 'sourceLambdaLayerArn': 'string', 'sourceLayerHash': 'string', 'version': 'string' }, ] }, 'remediation': { 'recommendation': { 'Url': 'string', 'text': 'string' } }, 'resources': [ { 'details': { 'awsEc2Instance': { 'iamInstanceProfileArn': 'string', 'imageId': 'string', 'ipV4Addresses': [ 'string', ], 'ipV6Addresses': [ 'string', ], 'keyName': 'string', 'launchedAt': datetime(2015, 1, 1), 'platform': 'string', 'subnetId': 'string', 'type': 'string', 'vpcId': 'string' }, 'awsEcrContainerImage': { 'architecture': 'string', 'author': 'string', 'imageHash': 'string', 'imageTags': [ 'string', ], 'platform': 'string', 'pushedAt': datetime(2015, 1, 1), 'registry': 'string', 'repositoryName': 'string' }, 'awsLambdaFunction': { 'architectures': [ 'X86_64'|'ARM64', ], 'codeSha256': 'string', 'executionRoleArn': 'string', 'functionName': 'string', 'lastModifiedAt': datetime(2015, 1, 1), 'layers': [ 'string', ], 'packageType': 'IMAGE'|'ZIP', 'runtime': 'NODEJS'|'NODEJS_12_X'|'NODEJS_14_X'|'NODEJS_16_X'|'JAVA_8'|'JAVA_8_AL2'|'JAVA_11'|'PYTHON_3_7'|'PYTHON_3_8'|'PYTHON_3_9'|'UNSUPPORTED'|'NODEJS_18_X'|'GO_1_X'|'JAVA_17'|'PYTHON_3_10', 'version': 'string', 'vpcConfig': { 'securityGroupIds': [ 'string', ], 'subnetIds': [ 'string', ], 'vpcId': 'string' } } }, 'id': 'string', 'partition': 'string', 'region': 'string', 'tags': { 'string': 'string' }, 'type': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY'|'AWS_LAMBDA_FUNCTION' }, ], 'severity': 'INFORMATIONAL'|'LOW'|'MEDIUM'|'HIGH'|'CRITICAL'|'UNTRIAGED', 'status': 'ACTIVE'|'SUPPRESSED'|'CLOSED', 'title': 'string', 'type': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY'|'CODE_VULNERABILITY', 'updatedAt': datetime(2015, 1, 1) }, ], 'nextToken': 'string' }
Response Structure
(dict) –
findings (list) –
Contains details on the findings in your environment.
(dict) –
Details about an Amazon Inspector finding.
awsAccountId (string) –
The Amazon Web Services account ID associated with the finding.
codeVulnerabilityDetails (dict) –
Details about the code vulnerability identified in a Lambda function used to filter findings.
cwes (list) –
The Common Weakness Enumeration (CWE) item associated with the detected vulnerability.
(string) –
detectorId (string) –
The ID for the Amazon CodeGuru detector associated with the finding. For more information on detectors see Amazon CodeGuru Detector Library.
detectorName (string) –
The name of the detector used to identify the code vulnerability. For more information on detectors see CodeGuru Detector Library.
detectorTags (list) –
The detector tag associated with the vulnerability. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.
(string) –
filePath (dict) –
Contains information on where the code vulnerability is located in your code.
endLine (integer) –
The line number of the last line of code that a vulnerability was found in.
fileName (string) –
The name of the file the code vulnerability was found in.
filePath (string) –
The file path to the code that a vulnerability was found in.
startLine (integer) –
The line number of the first line of code that a vulnerability was found in.
referenceUrls (list) –
A URL containing supporting documentation about the code vulnerability detected.
(string) –
ruleId (string) –
The identifier for a rule that was used to detect the code vulnerability.
sourceLambdaLayerArn (string) –
The Amazon Resource Name (ARN) of the Lambda layer that the code vulnerability was detected in.
description (string) –
The description of the finding.
epss (dict) –
The finding’s EPSS score.
score (float) –
The EPSS score.
exploitAvailable (string) –
If a finding discovered in your environment has an exploit available.
exploitabilityDetails (dict) –
The details of an exploit available for a finding discovered in your environment.
lastKnownExploitAt (datetime) –
The date and time of the last exploit associated with a finding discovered in your environment.
findingArn (string) –
The Amazon Resource Number (ARN) of the finding.
firstObservedAt (datetime) –
The date and time that the finding was first observed.
fixAvailable (string) –
Details on whether a fix is available through a version update. This value can be
YES
,NO
, orPARTIAL
. APARTIAL
fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.inspectorScore (float) –
The Amazon Inspector score given to the finding.
inspectorScoreDetails (dict) –
An object that contains details of the Amazon Inspector score.
adjustedCvss (dict) –
An object that contains details about the CVSS score given to a finding.
adjustments (list) –
An object that contains details about adjustment Amazon Inspector made to the CVSS score.
(dict) –
Details on adjustments Amazon Inspector made to the CVSS score for a finding.
metric (string) –
The metric used to adjust the CVSS score.
reason (string) –
The reason the CVSS score has been adjustment.
cvssSource (string) –
The source of the CVSS data.
score (float) –
The CVSS score.
scoreSource (string) –
The source for the CVSS score.
scoringVector (string) –
The vector for the CVSS score.
version (string) –
The CVSS version used in scoring.
lastObservedAt (datetime) –
The date and time that the finding was last observed.
networkReachabilityDetails (dict) –
An object that contains the details of a network reachability finding.
networkPath (dict) –
An object that contains details about a network path associated with a finding.
steps (list) –
The details on the steps in the network path.
(dict) –
Details about the step associated with a finding.
componentId (string) –
The component ID.
componentType (string) –
The component type.
openPortRange (dict) –
An object that contains details about the open port range associated with a finding.
begin (integer) –
The beginning port in a port range.
end (integer) –
The ending port in a port range.
protocol (string) –
The protocol associated with a finding.
packageVulnerabilityDetails (dict) –
An object that contains the details of a package vulnerability finding.
cvss (list) –
An object that contains details about the CVSS score of a finding.
(dict) –
The CVSS score for a finding.
baseScore (float) –
The base CVSS score used for the finding.
scoringVector (string) –
The vector string of the CVSS score.
source (string) –
The source of the CVSS score.
version (string) –
The version of CVSS used for the score.
referenceUrls (list) –
One or more URLs that contain details about this vulnerability type.
(string) –
relatedVulnerabilities (list) –
One or more vulnerabilities related to the one identified in this finding.
(string) –
source (string) –
The source of the vulnerability information.
sourceUrl (string) –
A URL to the source of the vulnerability information.
vendorCreatedAt (datetime) –
The date and time that this vulnerability was first added to the vendor’s database.
vendorSeverity (string) –
The severity the vendor has given to this vulnerability type.
vendorUpdatedAt (datetime) –
The date and time the vendor last updated this vulnerability in their database.
vulnerabilityId (string) –
The ID given to this vulnerability.
vulnerablePackages (list) –
The packages impacted by this vulnerability.
(dict) –
Information on the vulnerable package identified by a finding.
arch (string) –
The architecture of the vulnerable package.
epoch (integer) –
The epoch of the vulnerable package.
filePath (string) –
The file path of the vulnerable package.
fixedInVersion (string) –
The version of the package that contains the vulnerability fix.
name (string) –
The name of the vulnerable package.
packageManager (string) –
The package manager of the vulnerable package.
release (string) –
The release of the vulnerable package.
remediation (string) –
The code to run in your environment to update packages with a fix available.
sourceLambdaLayerArn (string) –
The Amazon Resource Number (ARN) of the AWS Lambda function affected by a finding.
sourceLayerHash (string) –
The source layer hash of the vulnerable package.
version (string) –
The version of the vulnerable package.
remediation (dict) –
An object that contains the details about how to remediate a finding.
recommendation (dict) –
An object that contains information about the recommended course of action to remediate the finding.
Url (string) –
The URL address to the CVE remediation recommendations.
text (string) –
The recommended course of action to remediate the finding.
resources (list) –
Contains information on the resources involved in a finding.
(dict) –
Details about the resource involved in a finding.
details (dict) –
An object that contains details about the resource involved in a finding.
awsEc2Instance (dict) –
An object that contains details about the Amazon EC2 instance involved in the finding.
iamInstanceProfileArn (string) –
The IAM instance profile ARN of the Amazon EC2 instance.
imageId (string) –
The image ID of the Amazon EC2 instance.
ipV4Addresses (list) –
The IPv4 addresses of the Amazon EC2 instance.
(string) –
ipV6Addresses (list) –
The IPv6 addresses of the Amazon EC2 instance.
(string) –
keyName (string) –
The name of the key pair used to launch the Amazon EC2 instance.
launchedAt (datetime) –
The date and time the Amazon EC2 instance was launched at.
platform (string) –
The platform of the Amazon EC2 instance.
subnetId (string) –
The subnet ID of the Amazon EC2 instance.
type (string) –
The type of the Amazon EC2 instance.
vpcId (string) –
The VPC ID of the Amazon EC2 instance.
awsEcrContainerImage (dict) –
An object that contains details about the Amazon ECR container image involved in the finding.
architecture (string) –
The architecture of the Amazon ECR container image.
author (string) –
The image author of the Amazon ECR container image.
imageHash (string) –
The image hash of the Amazon ECR container image.
imageTags (list) –
The image tags attached to the Amazon ECR container image.
(string) –
platform (string) –
The platform of the Amazon ECR container image.
pushedAt (datetime) –
The date and time the Amazon ECR container image was pushed.
registry (string) –
The registry for the Amazon ECR container image.
repositoryName (string) –
The name of the repository the Amazon ECR container image resides in.
awsLambdaFunction (dict) –
A summary of the information about an AWS Lambda function affected by a finding.
architectures (list) –
The instruction set architecture that the AWS Lambda function supports. Architecture is a string array with one of the valid values. The default architecture value is
x86_64
.(string) –
codeSha256 (string) –
The SHA256 hash of the AWS Lambda function’s deployment package.
executionRoleArn (string) –
The AWS Lambda function’s execution role.
functionName (string) –
The name of the AWS Lambda function.
lastModifiedAt (datetime) –
The date and time that a user last updated the configuration, in ISO 8601 format
layers (list) –
The AWS Lambda function’s layers. A Lambda function can have up to five layers.
(string) –
packageType (string) –
The type of deployment package. Set to
Image
for container image and setZip
for .zip file archive.runtime (string) –
The runtime environment for the AWS Lambda function.
version (string) –
The version of the AWS Lambda function.
vpcConfig (dict) –
The AWS Lambda function’s networking configuration.
securityGroupIds (list) –
The VPC security groups and subnets that are attached to an AWS Lambda function. For more information, see VPC Settings.
(string) –
subnetIds (list) –
A list of VPC subnet IDs.
(string) –
vpcId (string) –
The ID of the VPC.
id (string) –
The ID of the resource.
partition (string) –
The partition of the resource.
region (string) –
The Amazon Web Services Region the impacted resource is located in.
tags (dict) –
The tags attached to the resource.
(string) –
(string) –
type (string) –
The type of resource.
severity (string) –
The severity of the finding.
status (string) –
The status of the finding.
title (string) –
The title of the finding.
type (string) –
The type of the finding.
updatedAt (datetime) –
The date and time the finding was last updated at.
nextToken (string) –
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextToken
value returned from the previous request to continue listing results after the first page.
Exceptions
Inspector2.Client.exceptions.ValidationException
Inspector2.Client.exceptions.ThrottlingException
Inspector2.Client.exceptions.InternalServerException