IoT / Client / list_audit_findings
list_audit_findings#
- IoT.Client.list_audit_findings(**kwargs)#
Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period. (Findings are retained for 90 days.)
Requires permission to access the ListAuditFindings action.
See also: AWS API Documentation
Request Syntax
response = client.list_audit_findings( taskId='string', checkName='string', resourceIdentifier={ 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, maxResults=123, nextToken='string', startTime=datetime(2015, 1, 1), endTime=datetime(2015, 1, 1), listSuppressedFindings=True|False )
- Parameters:
taskId (string) – A filter to limit results to the audit with the specified ID. You must specify either the taskId or the startTime and endTime, but not both.
checkName (string) – A filter to limit results to the findings for the specified audit check.
resourceIdentifier (dict) –
Information identifying the noncompliant resource.
deviceCertificateId (string) –
The ID of the certificate attached to the resource.
caCertificateId (string) –
The ID of the CA certificate used to authorize the certificate.
cognitoIdentityPoolId (string) –
The ID of the Amazon Cognito identity pool.
clientId (string) –
The client ID.
policyVersionIdentifier (dict) –
The version of the policy associated with the resource.
policyName (string) –
The name of the policy.
policyVersionId (string) –
The ID of the version of the policy associated with the resource.
account (string) –
The account with which the resource is associated.
iamRoleArn (string) –
The ARN of the IAM role that has overly permissive actions.
roleAliasArn (string) –
The ARN of the role alias that has overly permissive actions.
issuerCertificateIdentifier (dict) –
The issuer certificate identifier.
issuerCertificateSubject (string) –
The subject of the issuer certificate.
issuerId (string) –
The issuer ID.
issuerCertificateSerialNumber (string) –
The issuer certificate serial number.
deviceCertificateArn (string) –
The ARN of the identified device certificate.
maxResults (integer) – The maximum number of results to return at one time. The default is 25.
nextToken (string) – The token for the next set of results.
startTime (datetime) – A filter to limit results to those found after the specified time. You must specify either the startTime and endTime or the taskId, but not both.
endTime (datetime) – A filter to limit results to those found before the specified time. You must specify either the startTime and endTime or the taskId, but not both.
listSuppressedFindings (boolean) – Boolean flag indicating whether only the suppressed findings or the unsuppressed findings should be listed. If this parameter isn’t provided, the response will list both suppressed and unsuppressed findings.
- Return type:
dict
- Returns:
Response Syntax
{ 'findings': [ { 'findingId': 'string', 'taskId': 'string', 'checkName': 'string', 'taskStartTime': datetime(2015, 1, 1), 'findingTime': datetime(2015, 1, 1), 'severity': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW', 'nonCompliantResource': { 'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE', 'resourceIdentifier': { 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, 'additionalInfo': { 'string': 'string' } }, 'relatedResources': [ { 'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE', 'resourceIdentifier': { 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, 'additionalInfo': { 'string': 'string' } }, ], 'reasonForNonCompliance': 'string', 'reasonForNonComplianceCode': 'string', 'isSuppressed': True|False }, ], 'nextToken': 'string' }
Response Structure
(dict) –
findings (list) –
The findings (results) of the audit.
(dict) –
The findings (results) of the audit.
findingId (string) –
A unique identifier for this set of audit findings. This identifier is used to apply mitigation tasks to one or more sets of findings.
taskId (string) –
The ID of the audit that generated this result (finding).
checkName (string) –
The audit check that generated this result.
taskStartTime (datetime) –
The time the audit started.
findingTime (datetime) –
The time the result (finding) was discovered.
severity (string) –
The severity of the result (finding).
nonCompliantResource (dict) –
The resource that was found to be noncompliant with the audit check.
resourceType (string) –
The type of the noncompliant resource.
resourceIdentifier (dict) –
Information that identifies the noncompliant resource.
deviceCertificateId (string) –
The ID of the certificate attached to the resource.
caCertificateId (string) –
The ID of the CA certificate used to authorize the certificate.
cognitoIdentityPoolId (string) –
The ID of the Amazon Cognito identity pool.
clientId (string) –
The client ID.
policyVersionIdentifier (dict) –
The version of the policy associated with the resource.
policyName (string) –
The name of the policy.
policyVersionId (string) –
The ID of the version of the policy associated with the resource.
account (string) –
The account with which the resource is associated.
iamRoleArn (string) –
The ARN of the IAM role that has overly permissive actions.
roleAliasArn (string) –
The ARN of the role alias that has overly permissive actions.
issuerCertificateIdentifier (dict) –
The issuer certificate identifier.
issuerCertificateSubject (string) –
The subject of the issuer certificate.
issuerId (string) –
The issuer ID.
issuerCertificateSerialNumber (string) –
The issuer certificate serial number.
deviceCertificateArn (string) –
The ARN of the identified device certificate.
additionalInfo (dict) –
Other information about the noncompliant resource.
(string) –
(string) –
relatedResources (list) –
The list of related resources.
(dict) –
Information about a related resource.
resourceType (string) –
The type of resource.
resourceIdentifier (dict) –
Information that identifies the resource.
deviceCertificateId (string) –
The ID of the certificate attached to the resource.
caCertificateId (string) –
The ID of the CA certificate used to authorize the certificate.
cognitoIdentityPoolId (string) –
The ID of the Amazon Cognito identity pool.
clientId (string) –
The client ID.
policyVersionIdentifier (dict) –
The version of the policy associated with the resource.
policyName (string) –
The name of the policy.
policyVersionId (string) –
The ID of the version of the policy associated with the resource.
account (string) –
The account with which the resource is associated.
iamRoleArn (string) –
The ARN of the IAM role that has overly permissive actions.
roleAliasArn (string) –
The ARN of the role alias that has overly permissive actions.
issuerCertificateIdentifier (dict) –
The issuer certificate identifier.
issuerCertificateSubject (string) –
The subject of the issuer certificate.
issuerId (string) –
The issuer ID.
issuerCertificateSerialNumber (string) –
The issuer certificate serial number.
deviceCertificateArn (string) –
The ARN of the identified device certificate.
additionalInfo (dict) –
Other information about the resource.
(string) –
(string) –
reasonForNonCompliance (string) –
The reason the resource was noncompliant.
reasonForNonComplianceCode (string) –
A code that indicates the reason that the resource was noncompliant.
isSuppressed (boolean) –
Indicates whether the audit finding was suppressed or not during reporting.
nextToken (string) –
A token that can be used to retrieve the next set of results, or
null
if there are no additional results.
Exceptions