AccessAnalyzer / Client / get_finding_recommendation
get_finding_recommendation#
- AccessAnalyzer.Client.get_finding_recommendation(**kwargs)#
Retrieves information about a finding recommendation for the specified analyzer.
See also: AWS API Documentation
Request Syntax
response = client.get_finding_recommendation( analyzerArn='string', id='string', maxResults=123, nextToken='string' )
- Parameters:
analyzerArn (string) –
[REQUIRED]
The ARN of the analyzer used to generate the finding recommendation.
id (string) –
[REQUIRED]
The unique ID for the finding recommendation.
maxResults (integer) – The maximum number of results to return in the response.
nextToken (string) – A token used for pagination of results returned.
- Return type:
dict
- Returns:
Response Syntax
{ 'startedAt': datetime(2015, 1, 1), 'completedAt': datetime(2015, 1, 1), 'nextToken': 'string', 'error': { 'code': 'string', 'message': 'string' }, 'resourceArn': 'string', 'recommendedSteps': [ { 'unusedPermissionsRecommendedStep': { 'policyUpdatedAt': datetime(2015, 1, 1), 'recommendedAction': 'CREATE_POLICY'|'DETACH_POLICY', 'recommendedPolicy': 'string', 'existingPolicyId': 'string' } }, ], 'recommendationType': 'UnusedPermissionRecommendation', 'status': 'SUCCEEDED'|'FAILED'|'IN_PROGRESS' }
Response Structure
(dict) –
startedAt (datetime) –
The time at which the retrieval of the finding recommendation was started.
completedAt (datetime) –
The time at which the retrieval of the finding recommendation was completed.
nextToken (string) –
A token used for pagination of results returned.
error (dict) –
Detailed information about the reason that the retrieval of a recommendation for the finding failed.
code (string) –
The error code for a failed retrieval of a recommendation for a finding.
message (string) –
The error message for a failed retrieval of a recommendation for a finding.
resourceArn (string) –
The ARN of the resource of the finding.
recommendedSteps (list) –
A group of recommended steps for the finding.
(dict) –
Contains information about a recommended step for an unused access analyzer finding.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
unusedPermissionsRecommendedStep
. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBER
is as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
unusedPermissionsRecommendedStep (dict) –
A recommended step for an unused permissions finding.
policyUpdatedAt (datetime) –
The time at which the existing policy for the unused permissions finding was last updated.
recommendedAction (string) –
A recommendation of whether to create or detach a policy for an unused permissions finding.
recommendedPolicy (string) –
If the recommended action for the unused permissions finding is to replace the existing policy, the contents of the recommended policy to replace the policy specified in the
existingPolicyId
field.existingPolicyId (string) –
If the recommended action for the unused permissions finding is to detach a policy, the ID of an existing policy to be detached.
recommendationType (string) –
The type of recommendation for the finding.
status (string) –
The status of the retrieval of the finding recommendation.
Exceptions
AccessAnalyzer.Client.exceptions.ResourceNotFoundException
AccessAnalyzer.Client.exceptions.ValidationException
AccessAnalyzer.Client.exceptions.InternalServerException
AccessAnalyzer.Client.exceptions.ThrottlingException
AccessAnalyzer.Client.exceptions.AccessDeniedException