IoT / Paginator / ListAuditFindings

ListAuditFindings#

class IoT.Paginator.ListAuditFindings#
paginator = client.get_paginator('list_audit_findings')
paginate(**kwargs)#

Creates an iterator that will paginate through responses from IoT.Client.list_audit_findings().

See also: AWS API Documentation

Request Syntax

response_iterator = paginator.paginate(
    taskId='string',
    checkName='string',
    resourceIdentifier={
        'deviceCertificateId': 'string',
        'caCertificateId': 'string',
        'cognitoIdentityPoolId': 'string',
        'clientId': 'string',
        'policyVersionIdentifier': {
            'policyName': 'string',
            'policyVersionId': 'string'
        },
        'account': 'string',
        'iamRoleArn': 'string',
        'roleAliasArn': 'string',
        'issuerCertificateIdentifier': {
            'issuerCertificateSubject': 'string',
            'issuerId': 'string',
            'issuerCertificateSerialNumber': 'string'
        },
        'deviceCertificateArn': 'string'
    },
    startTime=datetime(2015, 1, 1),
    endTime=datetime(2015, 1, 1),
    listSuppressedFindings=True|False,
    PaginationConfig={
        'MaxItems': 123,
        'PageSize': 123,
        'StartingToken': 'string'
    }
)
Parameters:
  • taskId (string) – A filter to limit results to the audit with the specified ID. You must specify either the taskId or the startTime and endTime, but not both.

  • checkName (string) – A filter to limit results to the findings for the specified audit check.

  • resourceIdentifier (dict) –

    Information identifying the noncompliant resource.

    • deviceCertificateId (string) –

      The ID of the certificate attached to the resource.

    • caCertificateId (string) –

      The ID of the CA certificate used to authorize the certificate.

    • cognitoIdentityPoolId (string) –

      The ID of the Amazon Cognito identity pool.

    • clientId (string) –

      The client ID.

    • policyVersionIdentifier (dict) –

      The version of the policy associated with the resource.

      • policyName (string) –

        The name of the policy.

      • policyVersionId (string) –

        The ID of the version of the policy associated with the resource.

    • account (string) –

      The account with which the resource is associated.

    • iamRoleArn (string) –

      The ARN of the IAM role that has overly permissive actions.

    • roleAliasArn (string) –

      The ARN of the role alias that has overly permissive actions.

    • issuerCertificateIdentifier (dict) –

      The issuer certificate identifier.

      • issuerCertificateSubject (string) –

        The subject of the issuer certificate.

      • issuerId (string) –

        The issuer ID.

      • issuerCertificateSerialNumber (string) –

        The issuer certificate serial number.

    • deviceCertificateArn (string) –

      The ARN of the identified device certificate.

  • startTime (datetime) – A filter to limit results to those found after the specified time. You must specify either the startTime and endTime or the taskId, but not both.

  • endTime (datetime) – A filter to limit results to those found before the specified time. You must specify either the startTime and endTime or the taskId, but not both.

  • listSuppressedFindings (boolean) – Boolean flag indicating whether only the suppressed findings or the unsuppressed findings should be listed. If this parameter isn’t provided, the response will list both suppressed and unsuppressed findings.

  • PaginationConfig (dict) –

    A dictionary that provides parameters to control pagination.

    • MaxItems (integer) –

      The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.

    • PageSize (integer) –

      The size of each page.

    • StartingToken (string) –

      A token to specify where to start paginating. This is the NextToken from a previous response.

Return type:

dict

Returns:

Response Syntax

{
    'findings': [
        {
            'findingId': 'string',
            'taskId': 'string',
            'checkName': 'string',
            'taskStartTime': datetime(2015, 1, 1),
            'findingTime': datetime(2015, 1, 1),
            'severity': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW',
            'nonCompliantResource': {
                'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE',
                'resourceIdentifier': {
                    'deviceCertificateId': 'string',
                    'caCertificateId': 'string',
                    'cognitoIdentityPoolId': 'string',
                    'clientId': 'string',
                    'policyVersionIdentifier': {
                        'policyName': 'string',
                        'policyVersionId': 'string'
                    },
                    'account': 'string',
                    'iamRoleArn': 'string',
                    'roleAliasArn': 'string',
                    'issuerCertificateIdentifier': {
                        'issuerCertificateSubject': 'string',
                        'issuerId': 'string',
                        'issuerCertificateSerialNumber': 'string'
                    },
                    'deviceCertificateArn': 'string'
                },
                'additionalInfo': {
                    'string': 'string'
                }
            },
            'relatedResources': [
                {
                    'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE',
                    'resourceIdentifier': {
                        'deviceCertificateId': 'string',
                        'caCertificateId': 'string',
                        'cognitoIdentityPoolId': 'string',
                        'clientId': 'string',
                        'policyVersionIdentifier': {
                            'policyName': 'string',
                            'policyVersionId': 'string'
                        },
                        'account': 'string',
                        'iamRoleArn': 'string',
                        'roleAliasArn': 'string',
                        'issuerCertificateIdentifier': {
                            'issuerCertificateSubject': 'string',
                            'issuerId': 'string',
                            'issuerCertificateSerialNumber': 'string'
                        },
                        'deviceCertificateArn': 'string'
                    },
                    'additionalInfo': {
                        'string': 'string'
                    }
                },
            ],
            'reasonForNonCompliance': 'string',
            'reasonForNonComplianceCode': 'string',
            'isSuppressed': True|False
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) –

    • findings (list) –

      The findings (results) of the audit.

      • (dict) –

        The findings (results) of the audit.

        • findingId (string) –

          A unique identifier for this set of audit findings. This identifier is used to apply mitigation tasks to one or more sets of findings.

        • taskId (string) –

          The ID of the audit that generated this result (finding).

        • checkName (string) –

          The audit check that generated this result.

        • taskStartTime (datetime) –

          The time the audit started.

        • findingTime (datetime) –

          The time the result (finding) was discovered.

        • severity (string) –

          The severity of the result (finding).

        • nonCompliantResource (dict) –

          The resource that was found to be noncompliant with the audit check.

          • resourceType (string) –

            The type of the noncompliant resource.

          • resourceIdentifier (dict) –

            Information that identifies the noncompliant resource.

            • deviceCertificateId (string) –

              The ID of the certificate attached to the resource.

            • caCertificateId (string) –

              The ID of the CA certificate used to authorize the certificate.

            • cognitoIdentityPoolId (string) –

              The ID of the Amazon Cognito identity pool.

            • clientId (string) –

              The client ID.

            • policyVersionIdentifier (dict) –

              The version of the policy associated with the resource.

              • policyName (string) –

                The name of the policy.

              • policyVersionId (string) –

                The ID of the version of the policy associated with the resource.

            • account (string) –

              The account with which the resource is associated.

            • iamRoleArn (string) –

              The ARN of the IAM role that has overly permissive actions.

            • roleAliasArn (string) –

              The ARN of the role alias that has overly permissive actions.

            • issuerCertificateIdentifier (dict) –

              The issuer certificate identifier.

              • issuerCertificateSubject (string) –

                The subject of the issuer certificate.

              • issuerId (string) –

                The issuer ID.

              • issuerCertificateSerialNumber (string) –

                The issuer certificate serial number.

            • deviceCertificateArn (string) –

              The ARN of the identified device certificate.

          • additionalInfo (dict) –

            Other information about the noncompliant resource.

            • (string) –

              • (string) –

        • relatedResources (list) –

          The list of related resources.

          • (dict) –

            Information about a related resource.

            • resourceType (string) –

              The type of resource.

            • resourceIdentifier (dict) –

              Information that identifies the resource.

              • deviceCertificateId (string) –

                The ID of the certificate attached to the resource.

              • caCertificateId (string) –

                The ID of the CA certificate used to authorize the certificate.

              • cognitoIdentityPoolId (string) –

                The ID of the Amazon Cognito identity pool.

              • clientId (string) –

                The client ID.

              • policyVersionIdentifier (dict) –

                The version of the policy associated with the resource.

                • policyName (string) –

                  The name of the policy.

                • policyVersionId (string) –

                  The ID of the version of the policy associated with the resource.

              • account (string) –

                The account with which the resource is associated.

              • iamRoleArn (string) –

                The ARN of the IAM role that has overly permissive actions.

              • roleAliasArn (string) –

                The ARN of the role alias that has overly permissive actions.

              • issuerCertificateIdentifier (dict) –

                The issuer certificate identifier.

                • issuerCertificateSubject (string) –

                  The subject of the issuer certificate.

                • issuerId (string) –

                  The issuer ID.

                • issuerCertificateSerialNumber (string) –

                  The issuer certificate serial number.

              • deviceCertificateArn (string) –

                The ARN of the identified device certificate.

            • additionalInfo (dict) –

              Other information about the resource.

              • (string) –

                • (string) –

        • reasonForNonCompliance (string) –

          The reason the resource was noncompliant.

        • reasonForNonComplianceCode (string) –

          A code that indicates the reason that the resource was noncompliant.

        • isSuppressed (boolean) –

          Indicates whether the audit finding was suppressed or not during reporting.

    • NextToken (string) –

      A token to resume pagination.