CloudFormation / Client / list_resource_scan_resources



Lists the resources from a resource scan. The results can be filtered by resource identifier, resource type prefix, tag key, and tag value. Only resources that match all specified filters are returned. The response indicates whether each returned resource is already managed by CloudFormation.

See also: AWS API Documentation

Request Syntax

response = client.list_resource_scan_resources(
  • ResourceScanId (string) –


    The Amazon Resource Name (ARN) of the resource scan.

  • ResourceIdentifier (string) – If specified, the returned resources will have the specified resource identifier (or one of them in the case where the resource has multiple identifiers).

  • ResourceTypePrefix (string) – If specified, the returned resources will be of any of the resource types with the specified prefix.

  • TagKey (string) – If specified, the returned resources will have a matching tag key.

  • TagValue (string) – If specified, the returned resources will have a matching tag value.

  • NextToken (string) – A string that identifies the next page of resource scan results.

  • MaxResults (integer) – If the number of available results exceeds this maximum, the response includes a NextToken value that you can use for the NextToken parameter to get the next set of results. By default the ListResourceScanResources API action will return at most 100 results in each response. The maximum value is 100.

Return type:



Response Syntax

    'Resources': [
            'ResourceType': 'string',
            'ResourceIdentifier': {
                'string': 'string'
            'ManagedByStack': True|False
    'NextToken': 'string'

Response Structure

  • (dict) –

    • Resources (list) –

      List of up to MaxResults resources in the specified resource scan that match all of the specified filters.

      • (dict) –

        A scanned resource returned by ListResourceScanResources or ListResourceScanRelatedResources.

        • ResourceType (string) –

          The type of the resource, such as AWS::DynamoDB::Table. For the list of supported resources, see Resource type support In the CloudFormation User Guide

        • ResourceIdentifier (dict) –

          A list of up to 256 key-value pairs that identifies for the scanned resource. The key is the name of one of the primary identifiers for the resource. (Primary identifiers are specified in the primaryIdentifier list in the resource schema.) The value is the value of that primary identifier. For example, for a AWS::DynamoDB::Table resource, the primary identifiers is TableName so the key-value pair could be "TableName": "MyDDBTable". For more information, see primaryIdentifier in the CloudFormation Command Line Interface User guide for extension development.

          • (string) –

            • (string) –

        • ManagedByStack (boolean) –

          If true, the resource is managed by a CloudFormation stack.

    • NextToken (string) –

      If the request doesn’t return all the remaining results, NextToken is set to a token. To retrieve the next set of results, call ListResourceScanResources again and use that value for the NextToken parameter. If the request returns all results, NextToken is set to an empty string.


  • CloudFormation.Client.exceptions.ResourceScanNotFoundException

  • CloudFormation.Client.exceptions.ResourceScanInProgressException