IoT / Client / list_audit_suppressions
list_audit_suppressions#
- IoT.Client.list_audit_suppressions(**kwargs)#
- Lists your Device Defender audit listings. - Requires permission to access the ListAuditSuppressions action. - See also: AWS API Documentation - Request Syntax- response = client.list_audit_suppressions( checkName='string', resourceIdentifier={ 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, ascendingOrder=True|False, nextToken='string', maxResults=123 ) - Parameters:
- checkName (string) – An audit check name. Checks must be enabled for your account. (Use - DescribeAccountAuditConfigurationto see the list of all checks, including those that are enabled or use- UpdateAccountAuditConfigurationto select which checks are enabled.)
- resourceIdentifier (dict) – - Information that identifies the noncompliant resource. - deviceCertificateId (string) – - The ID of the certificate attached to the resource. 
- caCertificateId (string) – - The ID of the CA certificate used to authorize the certificate. 
- cognitoIdentityPoolId (string) – - The ID of the Amazon Cognito identity pool. 
- clientId (string) – - The client ID. 
- policyVersionIdentifier (dict) – - The version of the policy associated with the resource. - policyName (string) – - The name of the policy. 
- policyVersionId (string) – - The ID of the version of the policy associated with the resource. 
 
- account (string) – - The account with which the resource is associated. 
- iamRoleArn (string) – - The ARN of the IAM role that has overly permissive actions. 
- roleAliasArn (string) – - The ARN of the role alias that has overly permissive actions. 
- issuerCertificateIdentifier (dict) – - The issuer certificate identifier. - issuerCertificateSubject (string) – - The subject of the issuer certificate. 
- issuerId (string) – - The issuer ID. 
- issuerCertificateSerialNumber (string) – - The issuer certificate serial number. 
 
- deviceCertificateArn (string) – - The ARN of the identified device certificate. 
 
- ascendingOrder (boolean) – Determines whether suppressions are listed in ascending order by expiration date or not. If parameter isn’t provided, - ascendingOrder=true.
- nextToken (string) – The token for the next set of results. 
- maxResults (integer) – The maximum number of results to return at one time. The default is 25. 
 
- Return type:
- dict 
- Returns:
- Response Syntax- { 'suppressions': [ { 'checkName': 'string', 'resourceIdentifier': { 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, 'expirationDate': datetime(2015, 1, 1), 'suppressIndefinitely': True|False, 'description': 'string' }, ], 'nextToken': 'string' } - Response Structure- (dict) – - suppressions (list) – - List of audit suppressions. - (dict) – - Filters out specific findings of a Device Defender audit. - checkName (string) – - An audit check name. Checks must be enabled for your account. (Use - DescribeAccountAuditConfigurationto see the list of all checks, including those that are enabled or use- UpdateAccountAuditConfigurationto select which checks are enabled.)
- resourceIdentifier (dict) – - Information that identifies the noncompliant resource. - deviceCertificateId (string) – - The ID of the certificate attached to the resource. 
- caCertificateId (string) – - The ID of the CA certificate used to authorize the certificate. 
- cognitoIdentityPoolId (string) – - The ID of the Amazon Cognito identity pool. 
- clientId (string) – - The client ID. 
- policyVersionIdentifier (dict) – - The version of the policy associated with the resource. - policyName (string) – - The name of the policy. 
- policyVersionId (string) – - The ID of the version of the policy associated with the resource. 
 
- account (string) – - The account with which the resource is associated. 
- iamRoleArn (string) – - The ARN of the IAM role that has overly permissive actions. 
- roleAliasArn (string) – - The ARN of the role alias that has overly permissive actions. 
- issuerCertificateIdentifier (dict) – - The issuer certificate identifier. - issuerCertificateSubject (string) – - The subject of the issuer certificate. 
- issuerId (string) – - The issuer ID. 
- issuerCertificateSerialNumber (string) – - The issuer certificate serial number. 
 
- deviceCertificateArn (string) – - The ARN of the identified device certificate. 
 
- expirationDate (datetime) – - The expiration date (epoch timestamp in seconds) that you want the suppression to adhere to. 
- suppressIndefinitely (boolean) – - Indicates whether a suppression should exist indefinitely or not. 
- description (string) – - The description of the audit suppression. 
 
 
- nextToken (string) – - A token that can be used to retrieve the next set of results, or - nullif there are no additional results.
 
 
 - Exceptions- IoT.Client.exceptions.InvalidRequestException
- IoT.Client.exceptions.ThrottlingException
- IoT.Client.exceptions.InternalFailureException