Inspector2

2023/06/21 - Inspector2 - 7 new15 updated api methods

Changes  This release adds support for Software Bill of Materials (SBOM) export and the general availability of code scanning for AWS Lambda functions.

BatchGetCodeSnippet (new) Link ¶

Retrieves code snippets from findings that Amazon Inspector detected code vulnerabilities in.

See also: AWS API Documentation

Request Syntax

client.batch_get_code_snippet(
    findingArns=[
        'string',
    ]
)
type findingArns:

list

param findingArns:

[REQUIRED]

An array of finding ARNs for the findings you want to retrieve code snippets from.

  • (string) --

rtype:

dict

returns:

Response Syntax

{
    'codeSnippetResults': [
        {
            'codeSnippet': [
                {
                    'content': 'string',
                    'lineNumber': 123
                },
            ],
            'endLine': 123,
            'findingArn': 'string',
            'startLine': 123,
            'suggestedFixes': [
                {
                    'code': 'string',
                    'description': 'string'
                },
            ]
        },
    ],
    'errors': [
        {
            'errorCode': 'INTERNAL_ERROR'|'ACCESS_DENIED'|'CODE_SNIPPET_NOT_FOUND'|'INVALID_INPUT',
            'errorMessage': 'string',
            'findingArn': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • codeSnippetResults (list) --

      The retrieved code snippets associated with the provided finding ARNs.

      • (dict) --

        Contains information on a code snippet retrieved by Amazon Inspector from a code vulnerability finding.

        • codeSnippet (list) --

          Contains information on the retrieved code snippet.

          • (dict) --

            Contains information on the lines of code associated with a code snippet.

            • content (string) --

              The content of a line of code

            • lineNumber (integer) --

              The line number that a section of code is located at.

        • endLine (integer) --

          The line number of the last line of a code snippet.

        • findingArn (string) --

          The ARN of a finding that the code snippet is associated with.

        • startLine (integer) --

          The line number of the first line of a code snippet.

        • suggestedFixes (list) --

          Details of a suggested code fix.

          • (dict) --

            A suggested fix for a vulnerability in your Lambda function code.

            • code (string) --

              The fix's code.

            • description (string) --

              The fix's description.

    • errors (list) --

      Any errors Amazon Inspector encountered while trying to retrieve the requested code snippets.

      • (dict) --

        Contains information about any errors encountered while trying to retrieve a code snippet.

        • errorCode (string) --

          The error code for the error that prevented a code snippet from being retrieved.

        • errorMessage (string) --

          The error message received when Amazon Inspector failed to retrieve a code snippet.

        • findingArn (string) --

          The ARN of the finding that a code snippet couldn't be retrieved for.

UpdateEncryptionKey (new) Link ¶

Updates an encryption key. A ResourceNotFoundException means that an AWS owned key is being used for encryption.

See also: AWS API Documentation

Request Syntax

client.update_encryption_key(
    kmsKeyId='string',
    resourceType='AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY'|'AWS_LAMBDA_FUNCTION',
    scanType='NETWORK'|'PACKAGE'|'CODE'
)
type kmsKeyId:

string

param kmsKeyId:

[REQUIRED]

A KMS key ID for the encryption key.

type resourceType:

string

param resourceType:

[REQUIRED]

The resource type for the encryption key.

type scanType:

string

param scanType:

[REQUIRED]

The scan type for the encryption key.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

  • (dict) --

CancelSbomExport (new) Link ¶

Cancels a software bill of materials (SBOM) report.

See also: AWS API Documentation

Request Syntax

client.cancel_sbom_export(
    reportId='string'
)
type reportId:

string

param reportId:

[REQUIRED]

The report ID of the SBOM export to cancel.

rtype:

dict

returns:

Response Syntax

{
    'reportId': 'string'
}

Response Structure

  • (dict) --

    • reportId (string) --

      The report ID of the canceled SBOM export.

ResetEncryptionKey (new) Link ¶

Resets an encryption key. After the key is reset your resources will be encrypted by an Amazon Web Services owned key.

See also: AWS API Documentation

Request Syntax

client.reset_encryption_key(
    resourceType='AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY'|'AWS_LAMBDA_FUNCTION',
    scanType='NETWORK'|'PACKAGE'|'CODE'
)
type resourceType:

string

param resourceType:

[REQUIRED]

The resource type the key encrypts.

type scanType:

string

param scanType:

[REQUIRED]

The scan type the key encrypts.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

  • (dict) --

GetEncryptionKey (new) Link ¶

Gets an encryption key.

See also: AWS API Documentation

Request Syntax

client.get_encryption_key(
    resourceType='AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY'|'AWS_LAMBDA_FUNCTION',
    scanType='NETWORK'|'PACKAGE'|'CODE'
)
type resourceType:

string

param resourceType:

[REQUIRED]

The resource type the key encrypts.

type scanType:

string

param scanType:

[REQUIRED]

The scan type the key encrypts.

rtype:

dict

returns:

Response Syntax

{
    'kmsKeyId': 'string'
}

Response Structure

  • (dict) --

    • kmsKeyId (string) --

      A kms key ID.

GetSbomExport (new) Link ¶

Gets details of a software bill of materials (SBOM) report.

See also: AWS API Documentation

Request Syntax

client.get_sbom_export(
    reportId='string'
)
type reportId:

string

param reportId:

[REQUIRED]

The report ID of the SBOM export to get details for.

rtype:

dict

returns:

Response Syntax

{
    'errorCode': 'INTERNAL_ERROR'|'INVALID_PERMISSIONS'|'NO_FINDINGS_FOUND'|'BUCKET_NOT_FOUND'|'INCOMPATIBLE_BUCKET_REGION'|'MALFORMED_KMS_KEY',
    'errorMessage': 'string',
    'filterCriteria': {
        'accountId': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'ecrImageTags': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrRepositoryName': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionName': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'resourceId': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceType': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ]
    },
    'format': 'CYCLONEDX_1_4'|'SPDX_2_3',
    'reportId': 'string',
    's3Destination': {
        'bucketName': 'string',
        'keyPrefix': 'string',
        'kmsKeyArn': 'string'
    },
    'status': 'SUCCEEDED'|'IN_PROGRESS'|'CANCELLED'|'FAILED'
}

Response Structure

  • (dict) --

    • errorCode (string) --

      An error code.

    • errorMessage (string) --

      An error message.

    • filterCriteria (dict) --

      Contains details about the resource filter criteria used for the software bill of materials (SBOM) report.

      • accountId (list) --

        The account IDs used as resource filter criteria.

        • (dict) --

          A resource string filter for a software bill of materials report.

          • comparison (string) --

            The filter's comparison.

          • value (string) --

            The filter's value.

      • ec2InstanceTags (list) --

        The EC2 instance tags used as resource filter criteria.

        • (dict) --

          A resource map filter for a software bill of material report.

          • comparison (string) --

            The filter's comparison.

          • key (string) --

            The filter's key.

          • value (string) --

            The filter's value.

      • ecrImageTags (list) --

        The ECR image tags used as resource filter criteria.

        • (dict) --

          A resource string filter for a software bill of materials report.

          • comparison (string) --

            The filter's comparison.

          • value (string) --

            The filter's value.

      • ecrRepositoryName (list) --

        The ECR repository names used as resource filter criteria.

        • (dict) --

          A resource string filter for a software bill of materials report.

          • comparison (string) --

            The filter's comparison.

          • value (string) --

            The filter's value.

      • lambdaFunctionName (list) --

        The AWS Lambda function name used as resource filter criteria.

        • (dict) --

          A resource string filter for a software bill of materials report.

          • comparison (string) --

            The filter's comparison.

          • value (string) --

            The filter's value.

      • lambdaFunctionTags (list) --

        The AWS Lambda function tags used as resource filter criteria.

        • (dict) --

          A resource map filter for a software bill of material report.

          • comparison (string) --

            The filter's comparison.

          • key (string) --

            The filter's key.

          • value (string) --

            The filter's value.

      • resourceId (list) --

        The resource IDs used as resource filter criteria.

        • (dict) --

          A resource string filter for a software bill of materials report.

          • comparison (string) --

            The filter's comparison.

          • value (string) --

            The filter's value.

      • resourceType (list) --

        The resource types used as resource filter criteria.

        • (dict) --

          A resource string filter for a software bill of materials report.

          • comparison (string) --

            The filter's comparison.

          • value (string) --

            The filter's value.

    • format (string) --

      The format of the software bill of materials (SBOM) report.

    • reportId (string) --

      The report ID of the software bill of materials (SBOM) report.

    • s3Destination (dict) --

      Contains details of the Amazon S3 bucket and KMS key used to export findings.

      • bucketName (string) --

        The name of the Amazon S3 bucket to export findings to.

      • keyPrefix (string) --

        The prefix of the Amazon S3 bucket used to export findings.

      • kmsKeyArn (string) --

        The ARN of the KMS key used to encrypt data when exporting findings.

    • status (string) --

      The status of the software bill of materials (SBOM) report.

CreateSbomExport (new) Link ¶

Creates a software bill of materials (SBOM) report.

See also: AWS API Documentation

Request Syntax

client.create_sbom_export(
    reportFormat='CYCLONEDX_1_4'|'SPDX_2_3',
    resourceFilterCriteria={
        'accountId': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'ecrImageTags': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrRepositoryName': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionName': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'resourceId': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceType': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ]
    },
    s3Destination={
        'bucketName': 'string',
        'keyPrefix': 'string',
        'kmsKeyArn': 'string'
    }
)
type reportFormat:

string

param reportFormat:

[REQUIRED]

The output format for the software bill of materials (SBOM) report.

type resourceFilterCriteria:

dict

param resourceFilterCriteria:

The resource filter criteria for the software bill of materials (SBOM) report.

  • accountId (list) --

    The account IDs used as resource filter criteria.

    • (dict) --

      A resource string filter for a software bill of materials report.

      • comparison (string) -- [REQUIRED]

        The filter's comparison.

      • value (string) -- [REQUIRED]

        The filter's value.

  • ec2InstanceTags (list) --

    The EC2 instance tags used as resource filter criteria.

    • (dict) --

      A resource map filter for a software bill of material report.

      • comparison (string) -- [REQUIRED]

        The filter's comparison.

      • key (string) -- [REQUIRED]

        The filter's key.

      • value (string) --

        The filter's value.

  • ecrImageTags (list) --

    The ECR image tags used as resource filter criteria.

    • (dict) --

      A resource string filter for a software bill of materials report.

      • comparison (string) -- [REQUIRED]

        The filter's comparison.

      • value (string) -- [REQUIRED]

        The filter's value.

  • ecrRepositoryName (list) --

    The ECR repository names used as resource filter criteria.

    • (dict) --

      A resource string filter for a software bill of materials report.

      • comparison (string) -- [REQUIRED]

        The filter's comparison.

      • value (string) -- [REQUIRED]

        The filter's value.

  • lambdaFunctionName (list) --

    The AWS Lambda function name used as resource filter criteria.

    • (dict) --

      A resource string filter for a software bill of materials report.

      • comparison (string) -- [REQUIRED]

        The filter's comparison.

      • value (string) -- [REQUIRED]

        The filter's value.

  • lambdaFunctionTags (list) --

    The AWS Lambda function tags used as resource filter criteria.

    • (dict) --

      A resource map filter for a software bill of material report.

      • comparison (string) -- [REQUIRED]

        The filter's comparison.

      • key (string) -- [REQUIRED]

        The filter's key.

      • value (string) --

        The filter's value.

  • resourceId (list) --

    The resource IDs used as resource filter criteria.

    • (dict) --

      A resource string filter for a software bill of materials report.

      • comparison (string) -- [REQUIRED]

        The filter's comparison.

      • value (string) -- [REQUIRED]

        The filter's value.

  • resourceType (list) --

    The resource types used as resource filter criteria.

    • (dict) --

      A resource string filter for a software bill of materials report.

      • comparison (string) -- [REQUIRED]

        The filter's comparison.

      • value (string) -- [REQUIRED]

        The filter's value.

type s3Destination:

dict

param s3Destination:

[REQUIRED]

Contains details of the Amazon S3 bucket and KMS key used to export findings.

  • bucketName (string) -- [REQUIRED]

    The name of the Amazon S3 bucket to export findings to.

  • keyPrefix (string) --

    The prefix of the Amazon S3 bucket used to export findings.

  • kmsKeyArn (string) -- [REQUIRED]

    The ARN of the KMS key used to encrypt data when exporting findings.

rtype:

dict

returns:

Response Syntax

{
    'reportId': 'string'
}

Response Structure

  • (dict) --

    • reportId (string) --

      The report ID for the software bill of materials (SBOM) report.

BatchGetAccountStatus (updated) Link ¶
Changes (response)
{'accounts': {'resourceState': {'lambdaCode': {'errorCode': 'ALREADY_ENABLED | '
                                                            'ENABLE_IN_PROGRESS '
                                                            '| '
                                                            'DISABLE_IN_PROGRESS '
                                                            '| '
                                                            'SUSPEND_IN_PROGRESS '
                                                            '| '
                                                            'RESOURCE_NOT_FOUND '
                                                            '| ACCESS_DENIED | '
                                                            'INTERNAL_ERROR | '
                                                            'SSM_UNAVAILABLE | '
                                                            'SSM_THROTTLED | '
                                                            'EVENTBRIDGE_UNAVAILABLE '
                                                            '| '
                                                            'EVENTBRIDGE_THROTTLED '
                                                            '| '
                                                            'RESOURCE_SCAN_NOT_DISABLED '
                                                            '| '
                                                            'DISASSOCIATE_ALL_MEMBERS '
                                                            '| '
                                                            'ACCOUNT_IS_ISOLATED',
                                               'errorMessage': 'string',
                                               'status': 'ENABLING | ENABLED | '
                                                         'DISABLING | DISABLED '
                                                         '| SUSPENDING | '
                                                         'SUSPENDED'}}},
 'failedAccounts': {'resourceStatus': {'lambdaCode': 'ENABLING | ENABLED | '
                                                     'DISABLING | DISABLED | '
                                                     'SUSPENDING | SUSPENDED'}}}

Retrieves the Amazon Inspector status of multiple Amazon Web Services accounts within your environment.

See also: AWS API Documentation

Request Syntax

client.batch_get_account_status(
    accountIds=[
        'string',
    ]
)
type accountIds:

list

param accountIds:

The 12-digit Amazon Web Services account IDs of the accounts to retrieve Amazon Inspector status for.

  • (string) --

rtype:

dict

returns:

Response Syntax

{
    'accounts': [
        {
            'accountId': 'string',
            'resourceState': {
                'ec2': {
                    'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS'|'ACCOUNT_IS_ISOLATED',
                    'errorMessage': 'string',
                    'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
                },
                'ecr': {
                    'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS'|'ACCOUNT_IS_ISOLATED',
                    'errorMessage': 'string',
                    'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
                },
                'lambda': {
                    'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS'|'ACCOUNT_IS_ISOLATED',
                    'errorMessage': 'string',
                    'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
                },
                'lambdaCode': {
                    'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS'|'ACCOUNT_IS_ISOLATED',
                    'errorMessage': 'string',
                    'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
                }
            },
            'state': {
                'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS'|'ACCOUNT_IS_ISOLATED',
                'errorMessage': 'string',
                'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
            }
        },
    ],
    'failedAccounts': [
        {
            'accountId': 'string',
            'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS'|'ACCOUNT_IS_ISOLATED',
            'errorMessage': 'string',
            'resourceStatus': {
                'ec2': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'ecr': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'lambda': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'lambdaCode': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
            },
            'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
        },
    ]
}

Response Structure

  • (dict) --

    • accounts (list) --

      An array of objects that provide details on the status of Amazon Inspector for each of the requested accounts.

      • (dict) --

        An object with details the status of an Amazon Web Services account within your Amazon Inspector environment.

        • accountId (string) --

          The Amazon Web Services account ID.

        • resourceState (dict) --

          An object detailing which resources Amazon Inspector is enabled to scan for the account.

          • ec2 (dict) --

            An object detailing the state of Amazon Inspector scanning for Amazon EC2 resources.

            • errorCode (string) --

              The error code explaining why the account failed to enable Amazon Inspector.

            • errorMessage (string) --

              The error message received when the account failed to enable Amazon Inspector.

            • status (string) --

              The status of Amazon Inspector for the account.

          • ecr (dict) --

            An object detailing the state of Amazon Inspector scanning for Amazon ECR resources.

            • errorCode (string) --

              The error code explaining why the account failed to enable Amazon Inspector.

            • errorMessage (string) --

              The error message received when the account failed to enable Amazon Inspector.

            • status (string) --

              The status of Amazon Inspector for the account.

          • lambda (dict) --

            An object that described the state of Amazon Inspector scans for an account.

            • errorCode (string) --

              The error code explaining why the account failed to enable Amazon Inspector.

            • errorMessage (string) --

              The error message received when the account failed to enable Amazon Inspector.

            • status (string) --

              The status of Amazon Inspector for the account.

          • lambdaCode (dict) --

            An object that described the state of Amazon Inspector scans for an account.

            • errorCode (string) --

              The error code explaining why the account failed to enable Amazon Inspector.

            • errorMessage (string) --

              The error message received when the account failed to enable Amazon Inspector.

            • status (string) --

              The status of Amazon Inspector for the account.

        • state (dict) --

          An object detailing the status of Amazon Inspector for the account.

          • errorCode (string) --

            The error code explaining why the account failed to enable Amazon Inspector.

          • errorMessage (string) --

            The error message received when the account failed to enable Amazon Inspector.

          • status (string) --

            The status of Amazon Inspector for the account.

    • failedAccounts (list) --

      An array of objects detailing any accounts that failed to enable Amazon Inspector and why.

      • (dict) --

        An object with details on why an account failed to enable Amazon Inspector.

        • accountId (string) --

          The Amazon Web Services account ID.

        • errorCode (string) --

          The error code explaining why the account failed to enable Amazon Inspector.

        • errorMessage (string) --

          The error message received when the account failed to enable Amazon Inspector.

        • resourceStatus (dict) --

          An object detailing which resources Amazon Inspector is enabled to scan for the account.

          • ec2 (string) --

            The status of Amazon Inspector scanning for Amazon EC2 resources.

          • ecr (string) --

            The status of Amazon Inspector scanning for Amazon ECR resources.

          • lambda (string) --

            The status of Amazon Inspector scanning for AWS Lambda function.

          • lambdaCode (string) --

            The status of Amazon Inspector scanning for custom application code for Amazon Web Services Lambda functions.

        • status (string) --

          The status of Amazon Inspector for the account.

BatchGetFreeTrialInfo (updated) Link ¶
Changes (response)
{'accounts': {'freeTrialInfo': {'type': {'LAMBDA_CODE'}}}}

Gets free trial status for multiple Amazon Web Services accounts.

See also: AWS API Documentation

Request Syntax

client.batch_get_free_trial_info(
    accountIds=[
        'string',
    ]
)
type accountIds:

list

param accountIds:

[REQUIRED]

The account IDs to get free trial status for.

  • (string) --

rtype:

dict

returns:

Response Syntax

{
    'accounts': [
        {
            'accountId': 'string',
            'freeTrialInfo': [
                {
                    'end': datetime(2015, 1, 1),
                    'start': datetime(2015, 1, 1),
                    'status': 'ACTIVE'|'INACTIVE',
                    'type': 'EC2'|'ECR'|'LAMBDA'|'LAMBDA_CODE'
                },
            ]
        },
    ],
    'failedAccounts': [
        {
            'accountId': 'string',
            'code': 'ACCESS_DENIED'|'INTERNAL_ERROR',
            'message': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • accounts (list) --

      An array of objects that provide Amazon Inspector free trial details for each of the requested accounts.

      • (dict) --

        Information about the Amazon Inspector free trial for an account.

        • accountId (string) --

          The account associated with the Amazon Inspector free trial information.

        • freeTrialInfo (list) --

          Contains information about the Amazon Inspector free trial for an account.

          • (dict) --

            An object that contains information about the Amazon Inspector free trial for an account.

            • end (datetime) --

              The date and time that the Amazon Inspector free trail ends for a given account.

            • start (datetime) --

              The date and time that the Amazon Inspector free trail started for a given account.

            • status (string) --

              The order to sort results by.

            • type (string) --

              The type of scan covered by the Amazon Inspector free trail.

    • failedAccounts (list) --

      An array of objects detailing any accounts that free trial data could not be returned for.

      • (dict) --

        Information about an error received while accessing free trail data for an account.

        • accountId (string) --

          The account associated with the Amazon Inspector free trial information.

        • code (string) --

          The error code.

        • message (string) --

          The error message returned.

CreateFilter (updated) Link ¶
Changes (request)
{'filterCriteria': {'codeVulnerabilityDetectorName': [{'comparison': 'EQUALS | '
                                                                     'PREFIX | '
                                                                     'NOT_EQUALS',
                                                       'value': 'string'}],
                    'codeVulnerabilityDetectorTags': [{'comparison': 'EQUALS | '
                                                                     'PREFIX | '
                                                                     'NOT_EQUALS',
                                                       'value': 'string'}],
                    'codeVulnerabilityFilePath': [{'comparison': 'EQUALS | '
                                                                 'PREFIX | '
                                                                 'NOT_EQUALS',
                                                   'value': 'string'}],
                    'epssScore': [{'lowerInclusive': 'double',
                                   'upperInclusive': 'double'}]}}

Creates a filter resource using specified filter criteria.

See also: AWS API Documentation

Request Syntax

client.create_filter(
    action='NONE'|'SUPPRESS',
    description='string',
    filterCriteria={
        'awsAccountId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityFilePath': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceImageId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceSubnetId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceVpcId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageArchitecture': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageHash': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImagePushedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'ecrImageRegistry': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageRepositoryName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'epssScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'exploitAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingStatus': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'firstObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'fixAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'inspectorScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'lambdaFunctionExecutionRoleArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionLastModifiedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'lambdaFunctionLayers': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionRuntime': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lastObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'networkProtocol': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'portRange': [
            {
                'beginInclusive': 123,
                'endInclusive': 123
            },
        ],
        'relatedVulnerabilities': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'resourceType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'severity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'title': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'updatedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'vendorSeverity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilityId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilitySource': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerablePackages': [
            {
                'architecture': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'epoch': {
                    'lowerInclusive': 123.0,
                    'upperInclusive': 123.0
                },
                'name': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'release': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLambdaLayerArn': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLayerHash': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'version': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                }
            },
        ]
    },
    name='string',
    reason='string',
    tags={
        'string': 'string'
    }
)
type action:

string

param action:

[REQUIRED]

Defines the action that is to be applied to the findings that match the filter.

type description:

string

param description:

A description of the filter.

type filterCriteria:

dict

param filterCriteria:

[REQUIRED]

Defines the criteria to be used in the filter for querying findings.

  • awsAccountId (list) --

    Details of the Amazon Web Services account IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityDetectorName (list) --

    The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityDetectorTags (list) --

    The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityFilePath (list) --

    The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • componentId (list) --

    Details of the component IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • componentType (list) --

    Details of the component types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceImageId (list) --

    Details of the Amazon EC2 instance image IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceSubnetId (list) --

    Details of the Amazon EC2 instance subnet IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceVpcId (list) --

    Details of the Amazon EC2 instance VPC IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageArchitecture (list) --

    Details of the Amazon ECR image architecture types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageHash (list) --

    Details of the Amazon ECR image hashes used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImagePushedAt (list) --

    Details on the Amazon ECR image push date and time used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • ecrImageRegistry (list) --

    Details on the Amazon ECR registry used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageRepositoryName (list) --

    Details on the name of the Amazon ECR repository used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageTags (list) --

    The tags attached to the Amazon ECR container image.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • epssScore (list) --

    The EPSS score used to filter findings.

    • (dict) --

      An object that describes the details of a number filter.

      • lowerInclusive (float) --

        The lowest number to be included in the filter.

      • upperInclusive (float) --

        The highest number to be included in the filter.

  • exploitAvailable (list) --

    Filters the list of AWS Lambda findings by the availability of exploits.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingArn (list) --

    Details on the finding ARNs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingStatus (list) --

    Details on the finding status types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingType (list) --

    Details on the finding types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • firstObservedAt (list) --

    Details on the date and time a finding was first seen used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • fixAvailable (list) --

    Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • inspectorScore (list) --

    The Amazon Inspector score to filter on.

    • (dict) --

      An object that describes the details of a number filter.

      • lowerInclusive (float) --

        The lowest number to be included in the filter.

      • upperInclusive (float) --

        The highest number to be included in the filter.

  • lambdaFunctionExecutionRoleArn (list) --

    Filters the list of AWS Lambda functions by execution role.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionLastModifiedAt (list) --

    Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • lambdaFunctionLayers (list) --

    Filters the list of AWS Lambda functions by the function's layers. A Lambda function can have up to five layers.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionName (list) --

    Filters the list of AWS Lambda functions by the name of the function.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionRuntime (list) --

    Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lastObservedAt (list) --

    Details on the date and time a finding was last seen used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • networkProtocol (list) --

    Details on the ingress source addresses used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • portRange (list) --

    Details on the port ranges used to filter findings.

    • (dict) --

      An object that describes the details of a port range filter.

      • beginInclusive (integer) --

        The port number the port range begins at.

      • endInclusive (integer) --

        The port number the port range ends at.

  • relatedVulnerabilities (list) --

    Details on the related vulnerabilities used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • resourceId (list) --

    Details on the resource IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • resourceTags (list) --

    Details on the resource tags used to filter findings.

    • (dict) --

      An object that describes details of a map filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • key (string) -- [REQUIRED]

        The tag key used in the filter.

      • value (string) --

        The tag value used in the filter.

  • resourceType (list) --

    Details on the resource types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • severity (list) --

    Details on the severity used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • title (list) --

    Details on the finding title used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • updatedAt (list) --

    Details on the date and time a finding was last updated at used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • vendorSeverity (list) --

    Details on the vendor severity used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerabilityId (list) --

    Details on the vulnerability ID used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerabilitySource (list) --

    Details on the vulnerability type used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerablePackages (list) --

    Details on the vulnerable packages used to filter findings.

    • (dict) --

      Contains information on the details of a package filter.

      • architecture (dict) --

        An object that contains details on the package architecture type to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • epoch (dict) --

        An object that contains details on the package epoch to filter on.

        • lowerInclusive (float) --

          The lowest number to be included in the filter.

        • upperInclusive (float) --

          The highest number to be included in the filter.

      • name (dict) --

        An object that contains details on the name of the package to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • release (dict) --

        An object that contains details on the package release to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • sourceLambdaLayerArn (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • sourceLayerHash (dict) --

        An object that contains details on the source layer hash to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • version (dict) --

        The package version to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

type name:

string

param name:

[REQUIRED]

The name of the filter. Minimum length of 3. Maximum length of 64. Valid characters include alphanumeric characters, dot (.), underscore (_), and dash (-). Spaces are not allowed.

type reason:

string

param reason:

The reason for creating the filter.

type tags:

dict

param tags:

A list of tags for the filter.

  • (string) --

    • (string) --

rtype:

dict

returns:

Response Syntax

{
    'arn': 'string'
}

Response Structure

  • (dict) --

    • arn (string) --

      The Amazon Resource Number (ARN) of the successfully created filter.

CreateFindingsReport (updated) Link ¶
Changes (request)
{'filterCriteria': {'codeVulnerabilityDetectorName': [{'comparison': 'EQUALS | '
                                                                     'PREFIX | '
                                                                     'NOT_EQUALS',
                                                       'value': 'string'}],
                    'codeVulnerabilityDetectorTags': [{'comparison': 'EQUALS | '
                                                                     'PREFIX | '
                                                                     'NOT_EQUALS',
                                                       'value': 'string'}],
                    'codeVulnerabilityFilePath': [{'comparison': 'EQUALS | '
                                                                 'PREFIX | '
                                                                 'NOT_EQUALS',
                                                   'value': 'string'}],
                    'epssScore': [{'lowerInclusive': 'double',
                                   'upperInclusive': 'double'}]}}

Creates a finding report. By default only ACTIVE findings are returned in the report. To see SUPRESSED or CLOSED findings you must specify a value for the findingStatus filter criteria.

See also: AWS API Documentation

Request Syntax

client.create_findings_report(
    filterCriteria={
        'awsAccountId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityFilePath': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceImageId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceSubnetId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceVpcId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageArchitecture': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageHash': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImagePushedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'ecrImageRegistry': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageRepositoryName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'epssScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'exploitAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingStatus': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'firstObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'fixAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'inspectorScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'lambdaFunctionExecutionRoleArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionLastModifiedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'lambdaFunctionLayers': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionRuntime': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lastObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'networkProtocol': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'portRange': [
            {
                'beginInclusive': 123,
                'endInclusive': 123
            },
        ],
        'relatedVulnerabilities': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'resourceType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'severity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'title': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'updatedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'vendorSeverity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilityId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilitySource': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerablePackages': [
            {
                'architecture': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'epoch': {
                    'lowerInclusive': 123.0,
                    'upperInclusive': 123.0
                },
                'name': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'release': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLambdaLayerArn': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLayerHash': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'version': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                }
            },
        ]
    },
    reportFormat='CSV'|'JSON',
    s3Destination={
        'bucketName': 'string',
        'keyPrefix': 'string',
        'kmsKeyArn': 'string'
    }
)
type filterCriteria:

dict

param filterCriteria:

The filter criteria to apply to the results of the finding report.

  • awsAccountId (list) --

    Details of the Amazon Web Services account IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityDetectorName (list) --

    The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityDetectorTags (list) --

    The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityFilePath (list) --

    The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • componentId (list) --

    Details of the component IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • componentType (list) --

    Details of the component types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceImageId (list) --

    Details of the Amazon EC2 instance image IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceSubnetId (list) --

    Details of the Amazon EC2 instance subnet IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceVpcId (list) --

    Details of the Amazon EC2 instance VPC IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageArchitecture (list) --

    Details of the Amazon ECR image architecture types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageHash (list) --

    Details of the Amazon ECR image hashes used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImagePushedAt (list) --

    Details on the Amazon ECR image push date and time used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • ecrImageRegistry (list) --

    Details on the Amazon ECR registry used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageRepositoryName (list) --

    Details on the name of the Amazon ECR repository used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageTags (list) --

    The tags attached to the Amazon ECR container image.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • epssScore (list) --

    The EPSS score used to filter findings.

    • (dict) --

      An object that describes the details of a number filter.

      • lowerInclusive (float) --

        The lowest number to be included in the filter.

      • upperInclusive (float) --

        The highest number to be included in the filter.

  • exploitAvailable (list) --

    Filters the list of AWS Lambda findings by the availability of exploits.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingArn (list) --

    Details on the finding ARNs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingStatus (list) --

    Details on the finding status types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingType (list) --

    Details on the finding types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • firstObservedAt (list) --

    Details on the date and time a finding was first seen used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • fixAvailable (list) --

    Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • inspectorScore (list) --

    The Amazon Inspector score to filter on.

    • (dict) --

      An object that describes the details of a number filter.

      • lowerInclusive (float) --

        The lowest number to be included in the filter.

      • upperInclusive (float) --

        The highest number to be included in the filter.

  • lambdaFunctionExecutionRoleArn (list) --

    Filters the list of AWS Lambda functions by execution role.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionLastModifiedAt (list) --

    Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • lambdaFunctionLayers (list) --

    Filters the list of AWS Lambda functions by the function's layers. A Lambda function can have up to five layers.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionName (list) --

    Filters the list of AWS Lambda functions by the name of the function.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionRuntime (list) --

    Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lastObservedAt (list) --

    Details on the date and time a finding was last seen used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • networkProtocol (list) --

    Details on the ingress source addresses used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • portRange (list) --

    Details on the port ranges used to filter findings.

    • (dict) --

      An object that describes the details of a port range filter.

      • beginInclusive (integer) --

        The port number the port range begins at.

      • endInclusive (integer) --

        The port number the port range ends at.

  • relatedVulnerabilities (list) --

    Details on the related vulnerabilities used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • resourceId (list) --

    Details on the resource IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • resourceTags (list) --

    Details on the resource tags used to filter findings.

    • (dict) --

      An object that describes details of a map filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • key (string) -- [REQUIRED]

        The tag key used in the filter.

      • value (string) --

        The tag value used in the filter.

  • resourceType (list) --

    Details on the resource types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • severity (list) --

    Details on the severity used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • title (list) --

    Details on the finding title used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • updatedAt (list) --

    Details on the date and time a finding was last updated at used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • vendorSeverity (list) --

    Details on the vendor severity used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerabilityId (list) --

    Details on the vulnerability ID used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerabilitySource (list) --

    Details on the vulnerability type used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerablePackages (list) --

    Details on the vulnerable packages used to filter findings.

    • (dict) --

      Contains information on the details of a package filter.

      • architecture (dict) --

        An object that contains details on the package architecture type to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • epoch (dict) --

        An object that contains details on the package epoch to filter on.

        • lowerInclusive (float) --

          The lowest number to be included in the filter.

        • upperInclusive (float) --

          The highest number to be included in the filter.

      • name (dict) --

        An object that contains details on the name of the package to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • release (dict) --

        An object that contains details on the package release to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • sourceLambdaLayerArn (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • sourceLayerHash (dict) --

        An object that contains details on the source layer hash to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • version (dict) --

        The package version to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

type reportFormat:

string

param reportFormat:

[REQUIRED]

The format to generate the report in.

type s3Destination:

dict

param s3Destination:

[REQUIRED]

The Amazon S3 export destination for the report.

  • bucketName (string) -- [REQUIRED]

    The name of the Amazon S3 bucket to export findings to.

  • keyPrefix (string) --

    The prefix of the Amazon S3 bucket used to export findings.

  • kmsKeyArn (string) -- [REQUIRED]

    The ARN of the KMS key used to encrypt data when exporting findings.

rtype:

dict

returns:

Response Syntax

{
    'reportId': 'string'
}

Response Structure

  • (dict) --

    • reportId (string) --

      The ID of the report.

DescribeOrganizationConfiguration (updated) Link ¶
Changes (response)
{'autoEnable': {'lambdaCode': 'boolean'}}

Describe Amazon Inspector configuration settings for an Amazon Web Services organization.

See also: AWS API Documentation

Request Syntax

client.describe_organization_configuration()
rtype:

dict

returns:

Response Syntax

{
    'autoEnable': {
        'ec2': True|False,
        'ecr': True|False,
        'lambda': True|False,
        'lambdaCode': True|False
    },
    'maxAccountLimitReached': True|False
}

Response Structure

  • (dict) --

    • autoEnable (dict) --

      The scan types are automatically enabled for new members of your organization.

      • ec2 (boolean) --

        Represents whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.

      • ecr (boolean) --

        Represents whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.

      • lambda (boolean) --

        Represents whether AWS Lambda standard scans are automatically enabled for new members of your Amazon Inspector organization.

      • lambdaCode (boolean) --

        Represents whether AWS Lambda code scans are automatically enabled for new members of your Amazon Inspector organization. </p>

    • maxAccountLimitReached (boolean) --

      Represents whether your organization has reached the maximum Amazon Web Services account limit for Amazon Inspector.

Disable (updated) Link ¶
Changes (request, response)
Request
{'resourceTypes': {'LAMBDA_CODE'}}
Response
{'accounts': {'resourceStatus': {'lambdaCode': 'ENABLING | ENABLED | DISABLING '
                                               '| DISABLED | SUSPENDING | '
                                               'SUSPENDED'}},
 'failedAccounts': {'resourceStatus': {'lambdaCode': 'ENABLING | ENABLED | '
                                                     'DISABLING | DISABLED | '
                                                     'SUSPENDING | SUSPENDED'}}}

Disables Amazon Inspector scans for one or more Amazon Web Services accounts. Disabling all scan types in an account disables the Amazon Inspector service.

See also: AWS API Documentation

Request Syntax

client.disable(
    accountIds=[
        'string',
    ],
    resourceTypes=[
        'EC2'|'ECR'|'LAMBDA'|'LAMBDA_CODE',
    ]
)
type accountIds:

list

param accountIds:

An array of account IDs you want to disable Amazon Inspector scans for.

  • (string) --

type resourceTypes:

list

param resourceTypes:

The resource scan types you want to disable.

  • (string) --

rtype:

dict

returns:

Response Syntax

{
    'accounts': [
        {
            'accountId': 'string',
            'resourceStatus': {
                'ec2': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'ecr': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'lambda': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'lambdaCode': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
            },
            'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
        },
    ],
    'failedAccounts': [
        {
            'accountId': 'string',
            'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS'|'ACCOUNT_IS_ISOLATED',
            'errorMessage': 'string',
            'resourceStatus': {
                'ec2': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'ecr': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'lambda': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'lambdaCode': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
            },
            'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
        },
    ]
}

Response Structure

  • (dict) --

    • accounts (list) --

      Information on the accounts that have had Amazon Inspector scans successfully disabled. Details are provided for each account.

      • (dict) --

        An Amazon Web Services account within your environment that Amazon Inspector has been enabled for.

        • accountId (string) --

          The ID of the Amazon Web Services account.

        • resourceStatus (dict) --

          Details of the status of Amazon Inspector scans by resource type.

          • ec2 (string) --

            The status of Amazon Inspector scanning for Amazon EC2 resources.

          • ecr (string) --

            The status of Amazon Inspector scanning for Amazon ECR resources.

          • lambda (string) --

            The status of Amazon Inspector scanning for AWS Lambda function.

          • lambdaCode (string) --

            The status of Amazon Inspector scanning for custom application code for Amazon Web Services Lambda functions.

        • status (string) --

          The status of Amazon Inspector for the account.

    • failedAccounts (list) --

      Information on any accounts for which Amazon Inspector scans could not be disabled. Details are provided for each account.

      • (dict) --

        An object with details on why an account failed to enable Amazon Inspector.

        • accountId (string) --

          The Amazon Web Services account ID.

        • errorCode (string) --

          The error code explaining why the account failed to enable Amazon Inspector.

        • errorMessage (string) --

          The error message received when the account failed to enable Amazon Inspector.

        • resourceStatus (dict) --

          An object detailing which resources Amazon Inspector is enabled to scan for the account.

          • ec2 (string) --

            The status of Amazon Inspector scanning for Amazon EC2 resources.

          • ecr (string) --

            The status of Amazon Inspector scanning for Amazon ECR resources.

          • lambda (string) --

            The status of Amazon Inspector scanning for AWS Lambda function.

          • lambdaCode (string) --

            The status of Amazon Inspector scanning for custom application code for Amazon Web Services Lambda functions.

        • status (string) --

          The status of Amazon Inspector for the account.

Enable (updated) Link ¶
Changes (request, response)
Request
{'resourceTypes': {'LAMBDA_CODE'}}
Response
{'accounts': {'resourceStatus': {'lambdaCode': 'ENABLING | ENABLED | DISABLING '
                                               '| DISABLED | SUSPENDING | '
                                               'SUSPENDED'}},
 'failedAccounts': {'resourceStatus': {'lambdaCode': 'ENABLING | ENABLED | '
                                                     'DISABLING | DISABLED | '
                                                     'SUSPENDING | SUSPENDED'}}}

Enables Amazon Inspector scans for one or more Amazon Web Services accounts.

See also: AWS API Documentation

Request Syntax

client.enable(
    accountIds=[
        'string',
    ],
    clientToken='string',
    resourceTypes=[
        'EC2'|'ECR'|'LAMBDA'|'LAMBDA_CODE',
    ]
)
type accountIds:

list

param accountIds:

A list of account IDs you want to enable Amazon Inspector scans for.

  • (string) --

type clientToken:

string

param clientToken:

The idempotency token for the request.

This field is autopopulated if not provided.

type resourceTypes:

list

param resourceTypes:

[REQUIRED]

The resource scan types you want to enable.

  • (string) --

rtype:

dict

returns:

Response Syntax

{
    'accounts': [
        {
            'accountId': 'string',
            'resourceStatus': {
                'ec2': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'ecr': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'lambda': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'lambdaCode': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
            },
            'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
        },
    ],
    'failedAccounts': [
        {
            'accountId': 'string',
            'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS'|'ACCOUNT_IS_ISOLATED',
            'errorMessage': 'string',
            'resourceStatus': {
                'ec2': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'ecr': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'lambda': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
                'lambdaCode': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
            },
            'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
        },
    ]
}

Response Structure

  • (dict) --

    • accounts (list) --

      Information on the accounts that have had Amazon Inspector scans successfully enabled. Details are provided for each account.

      • (dict) --

        An Amazon Web Services account within your environment that Amazon Inspector has been enabled for.

        • accountId (string) --

          The ID of the Amazon Web Services account.

        • resourceStatus (dict) --

          Details of the status of Amazon Inspector scans by resource type.

          • ec2 (string) --

            The status of Amazon Inspector scanning for Amazon EC2 resources.

          • ecr (string) --

            The status of Amazon Inspector scanning for Amazon ECR resources.

          • lambda (string) --

            The status of Amazon Inspector scanning for AWS Lambda function.

          • lambdaCode (string) --

            The status of Amazon Inspector scanning for custom application code for Amazon Web Services Lambda functions.

        • status (string) --

          The status of Amazon Inspector for the account.

    • failedAccounts (list) --

      Information on any accounts for which Amazon Inspector scans could not be enabled. Details are provided for each account.

      • (dict) --

        An object with details on why an account failed to enable Amazon Inspector.

        • accountId (string) --

          The Amazon Web Services account ID.

        • errorCode (string) --

          The error code explaining why the account failed to enable Amazon Inspector.

        • errorMessage (string) --

          The error message received when the account failed to enable Amazon Inspector.

        • resourceStatus (dict) --

          An object detailing which resources Amazon Inspector is enabled to scan for the account.

          • ec2 (string) --

            The status of Amazon Inspector scanning for Amazon EC2 resources.

          • ecr (string) --

            The status of Amazon Inspector scanning for Amazon ECR resources.

          • lambda (string) --

            The status of Amazon Inspector scanning for AWS Lambda function.

          • lambdaCode (string) --

            The status of Amazon Inspector scanning for custom application code for Amazon Web Services Lambda functions.

        • status (string) --

          The status of Amazon Inspector for the account.

GetFindingsReportStatus (updated) Link ¶
Changes (response)
{'filterCriteria': {'codeVulnerabilityDetectorName': [{'comparison': 'EQUALS | '
                                                                     'PREFIX | '
                                                                     'NOT_EQUALS',
                                                       'value': 'string'}],
                    'codeVulnerabilityDetectorTags': [{'comparison': 'EQUALS | '
                                                                     'PREFIX | '
                                                                     'NOT_EQUALS',
                                                       'value': 'string'}],
                    'codeVulnerabilityFilePath': [{'comparison': 'EQUALS | '
                                                                 'PREFIX | '
                                                                 'NOT_EQUALS',
                                                   'value': 'string'}],
                    'epssScore': [{'lowerInclusive': 'double',
                                   'upperInclusive': 'double'}]}}

Gets the status of a findings report.

See also: AWS API Documentation

Request Syntax

client.get_findings_report_status(
    reportId='string'
)
type reportId:

string

param reportId:

The ID of the report to retrieve the status of.

rtype:

dict

returns:

Response Syntax

{
    'destination': {
        'bucketName': 'string',
        'keyPrefix': 'string',
        'kmsKeyArn': 'string'
    },
    'errorCode': 'INTERNAL_ERROR'|'INVALID_PERMISSIONS'|'NO_FINDINGS_FOUND'|'BUCKET_NOT_FOUND'|'INCOMPATIBLE_BUCKET_REGION'|'MALFORMED_KMS_KEY',
    'errorMessage': 'string',
    'filterCriteria': {
        'awsAccountId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityFilePath': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceImageId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceSubnetId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceVpcId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageArchitecture': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageHash': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImagePushedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'ecrImageRegistry': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageRepositoryName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'epssScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'exploitAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingStatus': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'firstObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'fixAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'inspectorScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'lambdaFunctionExecutionRoleArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionLastModifiedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'lambdaFunctionLayers': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionRuntime': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lastObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'networkProtocol': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'portRange': [
            {
                'beginInclusive': 123,
                'endInclusive': 123
            },
        ],
        'relatedVulnerabilities': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'resourceType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'severity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'title': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'updatedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'vendorSeverity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilityId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilitySource': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerablePackages': [
            {
                'architecture': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'epoch': {
                    'lowerInclusive': 123.0,
                    'upperInclusive': 123.0
                },
                'name': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'release': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLambdaLayerArn': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLayerHash': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'version': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                }
            },
        ]
    },
    'reportId': 'string',
    'status': 'SUCCEEDED'|'IN_PROGRESS'|'CANCELLED'|'FAILED'
}

Response Structure

  • (dict) --

    • destination (dict) --

      The destination of the report.

      • bucketName (string) --

        The name of the Amazon S3 bucket to export findings to.

      • keyPrefix (string) --

        The prefix of the Amazon S3 bucket used to export findings.

      • kmsKeyArn (string) --

        The ARN of the KMS key used to encrypt data when exporting findings.

    • errorCode (string) --

      The error code of the report.

    • errorMessage (string) --

      The error message of the report.

    • filterCriteria (dict) --

      The filter criteria associated with the report.

      • awsAccountId (list) --

        Details of the Amazon Web Services account IDs used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • codeVulnerabilityDetectorName (list) --

        The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • codeVulnerabilityDetectorTags (list) --

        The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • codeVulnerabilityFilePath (list) --

        The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • componentId (list) --

        Details of the component IDs used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • componentType (list) --

        Details of the component types used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • ec2InstanceImageId (list) --

        Details of the Amazon EC2 instance image IDs used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • ec2InstanceSubnetId (list) --

        Details of the Amazon EC2 instance subnet IDs used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • ec2InstanceVpcId (list) --

        Details of the Amazon EC2 instance VPC IDs used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • ecrImageArchitecture (list) --

        Details of the Amazon ECR image architecture types used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • ecrImageHash (list) --

        Details of the Amazon ECR image hashes used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • ecrImagePushedAt (list) --

        Details on the Amazon ECR image push date and time used to filter findings.

        • (dict) --

          Contains details on the time range used to filter findings.

          • endInclusive (datetime) --

            A timestamp representing the end of the time period filtered on.

          • startInclusive (datetime) --

            A timestamp representing the start of the time period filtered on.

      • ecrImageRegistry (list) --

        Details on the Amazon ECR registry used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • ecrImageRepositoryName (list) --

        Details on the name of the Amazon ECR repository used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • ecrImageTags (list) --

        The tags attached to the Amazon ECR container image.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • epssScore (list) --

        The EPSS score used to filter findings.

        • (dict) --

          An object that describes the details of a number filter.

          • lowerInclusive (float) --

            The lowest number to be included in the filter.

          • upperInclusive (float) --

            The highest number to be included in the filter.

      • exploitAvailable (list) --

        Filters the list of AWS Lambda findings by the availability of exploits.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • findingArn (list) --

        Details on the finding ARNs used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • findingStatus (list) --

        Details on the finding status types used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • findingType (list) --

        Details on the finding types used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • firstObservedAt (list) --

        Details on the date and time a finding was first seen used to filter findings.

        • (dict) --

          Contains details on the time range used to filter findings.

          • endInclusive (datetime) --

            A timestamp representing the end of the time period filtered on.

          • startInclusive (datetime) --

            A timestamp representing the start of the time period filtered on.

      • fixAvailable (list) --

        Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • inspectorScore (list) --

        The Amazon Inspector score to filter on.

        • (dict) --

          An object that describes the details of a number filter.

          • lowerInclusive (float) --

            The lowest number to be included in the filter.

          • upperInclusive (float) --

            The highest number to be included in the filter.

      • lambdaFunctionExecutionRoleArn (list) --

        Filters the list of AWS Lambda functions by execution role.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • lambdaFunctionLastModifiedAt (list) --

        Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format

        • (dict) --

          Contains details on the time range used to filter findings.

          • endInclusive (datetime) --

            A timestamp representing the end of the time period filtered on.

          • startInclusive (datetime) --

            A timestamp representing the start of the time period filtered on.

      • lambdaFunctionLayers (list) --

        Filters the list of AWS Lambda functions by the function's layers. A Lambda function can have up to five layers.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • lambdaFunctionName (list) --

        Filters the list of AWS Lambda functions by the name of the function.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • lambdaFunctionRuntime (list) --

        Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • lastObservedAt (list) --

        Details on the date and time a finding was last seen used to filter findings.

        • (dict) --

          Contains details on the time range used to filter findings.

          • endInclusive (datetime) --

            A timestamp representing the end of the time period filtered on.

          • startInclusive (datetime) --

            A timestamp representing the start of the time period filtered on.

      • networkProtocol (list) --

        Details on the ingress source addresses used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • portRange (list) --

        Details on the port ranges used to filter findings.

        • (dict) --

          An object that describes the details of a port range filter.

          • beginInclusive (integer) --

            The port number the port range begins at.

          • endInclusive (integer) --

            The port number the port range ends at.

      • relatedVulnerabilities (list) --

        Details on the related vulnerabilities used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • resourceId (list) --

        Details on the resource IDs used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • resourceTags (list) --

        Details on the resource tags used to filter findings.

        • (dict) --

          An object that describes details of a map filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • key (string) --

            The tag key used in the filter.

          • value (string) --

            The tag value used in the filter.

      • resourceType (list) --

        Details on the resource types used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • severity (list) --

        Details on the severity used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • title (list) --

        Details on the finding title used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • updatedAt (list) --

        Details on the date and time a finding was last updated at used to filter findings.

        • (dict) --

          Contains details on the time range used to filter findings.

          • endInclusive (datetime) --

            A timestamp representing the end of the time period filtered on.

          • startInclusive (datetime) --

            A timestamp representing the start of the time period filtered on.

      • vendorSeverity (list) --

        Details on the vendor severity used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • vulnerabilityId (list) --

        Details on the vulnerability ID used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • vulnerabilitySource (list) --

        Details on the vulnerability type used to filter findings.

        • (dict) --

          An object that describes the details of a string filter.

          • comparison (string) --

            The operator to use when comparing values in the filter.

          • value (string) --

            The value to filter on.

      • vulnerablePackages (list) --

        Details on the vulnerable packages used to filter findings.

        • (dict) --

          Contains information on the details of a package filter.

          • architecture (dict) --

            An object that contains details on the package architecture type to filter on.

            • comparison (string) --

              The operator to use when comparing values in the filter.

            • value (string) --

              The value to filter on.

          • epoch (dict) --

            An object that contains details on the package epoch to filter on.

            • lowerInclusive (float) --

              The lowest number to be included in the filter.

            • upperInclusive (float) --

              The highest number to be included in the filter.

          • name (dict) --

            An object that contains details on the name of the package to filter on.

            • comparison (string) --

              The operator to use when comparing values in the filter.

            • value (string) --

              The value to filter on.

          • release (dict) --

            An object that contains details on the package release to filter on.

            • comparison (string) --

              The operator to use when comparing values in the filter.

            • value (string) --

              The value to filter on.

          • sourceLambdaLayerArn (dict) --

            An object that describes the details of a string filter.

            • comparison (string) --

              The operator to use when comparing values in the filter.

            • value (string) --

              The value to filter on.

          • sourceLayerHash (dict) --

            An object that contains details on the source layer hash to filter on.

            • comparison (string) --

              The operator to use when comparing values in the filter.

            • value (string) --

              The value to filter on.

          • version (dict) --

            The package version to filter on.

            • comparison (string) --

              The operator to use when comparing values in the filter.

            • value (string) --

              The value to filter on.

    • reportId (string) --

      The ID of the report.

    • status (string) --

      The status of the report.

ListCoverage (updated) Link ¶
Changes (response)
{'coveredResources': {'resourceMetadata': {'lambdaFunction': {'runtime': {'JAVA_17',
                                                                          'PYTHON_3_10'}}},
                      'scanType': {'CODE'}}}

Lists coverage details for you environment.

See also: AWS API Documentation

Request Syntax

client.list_coverage(
    filterCriteria={
        'accountId': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'ecrImageTags': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrRepositoryName': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionName': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionRuntime': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'lastScannedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'resourceId': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceType': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'scanStatusCode': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'scanStatusReason': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'scanType': [
            {
                'comparison': 'EQUALS'|'NOT_EQUALS',
                'value': 'string'
            },
        ]
    },
    maxResults=123,
    nextToken='string'
)
type filterCriteria:

dict

param filterCriteria:

An object that contains details on the filters to apply to the coverage data for your environment.

  • accountId (list) --

    An array of Amazon Web Services account IDs to return coverage statistics for.

    • (dict) --

      Contains details of a coverage string filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare strings on.

      • value (string) -- [REQUIRED]

        The value to compare strings on.

  • ec2InstanceTags (list) --

    The Amazon EC2 instance tags to filter on.

    • (dict) --

      Contains details of a coverage map filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare coverage on.

      • key (string) -- [REQUIRED]

        The tag key associated with the coverage map filter.

      • value (string) --

        The tag value associated with the coverage map filter.

  • ecrImageTags (list) --

    The Amazon ECR image tags to filter on.

    • (dict) --

      Contains details of a coverage string filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare strings on.

      • value (string) -- [REQUIRED]

        The value to compare strings on.

  • ecrRepositoryName (list) --

    The Amazon ECR repository name to filter on.

    • (dict) --

      Contains details of a coverage string filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare strings on.

      • value (string) -- [REQUIRED]

        The value to compare strings on.

  • lambdaFunctionName (list) --

    Returns coverage statistics for AWS Lambda functions filtered by function names.

    • (dict) --

      Contains details of a coverage string filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare strings on.

      • value (string) -- [REQUIRED]

        The value to compare strings on.

  • lambdaFunctionRuntime (list) --

    Returns coverage statistics for AWS Lambda functions filtered by runtime.

    • (dict) --

      Contains details of a coverage string filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare strings on.

      • value (string) -- [REQUIRED]

        The value to compare strings on.

  • lambdaFunctionTags (list) --

    Returns coverage statistics for AWS Lambda functions filtered by tag.

    • (dict) --

      Contains details of a coverage map filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare coverage on.

      • key (string) -- [REQUIRED]

        The tag key associated with the coverage map filter.

      • value (string) --

        The tag value associated with the coverage map filter.

  • lastScannedAt (list) --

    Filters Amazon Web Services resources based on whether Amazon Inspector has checked them for vulnerabilities within the specified time range.

    • (dict) --

      Contains details of a coverage date filter.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period to filter results by.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period to filter results by.

  • resourceId (list) --

    An array of Amazon Web Services resource IDs to return coverage statistics for.

    • (dict) --

      Contains details of a coverage string filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare strings on.

      • value (string) -- [REQUIRED]

        The value to compare strings on.

  • resourceType (list) --

    An array of Amazon Web Services resource types to return coverage statistics for. The values can be AWS_EC2_INSTANCE, AWS_LAMBDA_FUNCTION or AWS_ECR_REPOSITORY.

    • (dict) --

      Contains details of a coverage string filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare strings on.

      • value (string) -- [REQUIRED]

        The value to compare strings on.

  • scanStatusCode (list) --

    The scan status code to filter on.

    • (dict) --

      Contains details of a coverage string filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare strings on.

      • value (string) -- [REQUIRED]

        The value to compare strings on.

  • scanStatusReason (list) --

    The scan status reason to filter on.

    • (dict) --

      Contains details of a coverage string filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare strings on.

      • value (string) -- [REQUIRED]

        The value to compare strings on.

  • scanType (list) --

    An array of Amazon Inspector scan types to return coverage statistics for.

    • (dict) --

      Contains details of a coverage string filter.

      • comparison (string) -- [REQUIRED]

        The operator to compare strings on.

      • value (string) -- [REQUIRED]

        The value to compare strings on.

type maxResults:

integer

param maxResults:

The maximum number of results to return in the response.

type nextToken:

string

param nextToken:

A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

rtype:

dict

returns:

Response Syntax

{
    'coveredResources': [
        {
            'accountId': 'string',
            'lastScannedAt': datetime(2015, 1, 1),
            'resourceId': 'string',
            'resourceMetadata': {
                'ec2': {
                    'amiId': 'string',
                    'platform': 'WINDOWS'|'LINUX'|'UNKNOWN',
                    'tags': {
                        'string': 'string'
                    }
                },
                'ecrImage': {
                    'tags': [
                        'string',
                    ]
                },
                'ecrRepository': {
                    'name': 'string',
                    'scanFrequency': 'MANUAL'|'SCAN_ON_PUSH'|'CONTINUOUS_SCAN'
                },
                'lambdaFunction': {
                    'functionName': 'string',
                    'functionTags': {
                        'string': 'string'
                    },
                    'layers': [
                        'string',
                    ],
                    'runtime': 'NODEJS'|'NODEJS_12_X'|'NODEJS_14_X'|'NODEJS_16_X'|'JAVA_8'|'JAVA_8_AL2'|'JAVA_11'|'PYTHON_3_7'|'PYTHON_3_8'|'PYTHON_3_9'|'UNSUPPORTED'|'NODEJS_18_X'|'GO_1_X'|'JAVA_17'|'PYTHON_3_10'
                }
            },
            'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY'|'AWS_LAMBDA_FUNCTION',
            'scanStatus': {
                'reason': 'PENDING_INITIAL_SCAN'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'UNMANAGED_EC2_INSTANCE'|'UNSUPPORTED_OS'|'SCAN_ELIGIBILITY_EXPIRED'|'RESOURCE_TERMINATED'|'SUCCESSFUL'|'NO_RESOURCES_FOUND'|'IMAGE_SIZE_EXCEEDED'|'SCAN_FREQUENCY_MANUAL'|'SCAN_FREQUENCY_SCAN_ON_PUSH'|'EC2_INSTANCE_STOPPED'|'PENDING_DISABLE'|'NO_INVENTORY'|'STALE_INVENTORY'|'EXCLUDED_BY_TAG'|'UNSUPPORTED_RUNTIME'|'UNSUPPORTED_MEDIA_TYPE'|'UNSUPPORTED_CONFIG_FILE'|'DEEP_INSPECTION_PACKAGE_COLLECTION_LIMIT_EXCEEDED'|'DEEP_INSPECTION_DAILY_SSM_INVENTORY_LIMIT_EXCEEDED'|'DEEP_INSPECTION_COLLECTION_TIME_LIMIT_EXCEEDED'|'DEEP_INSPECTION_NO_INVENTORY',
                'statusCode': 'ACTIVE'|'INACTIVE'
            },
            'scanType': 'NETWORK'|'PACKAGE'|'CODE'
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • coveredResources (list) --

      An object that contains details on the covered resources in your environment.

      • (dict) --

        An object that contains details about a resource covered by Amazon Inspector.

        • accountId (string) --

          The Amazon Web Services account ID of the covered resource.

        • lastScannedAt (datetime) --

          The date and time the resource was last checked for vulnerabilities.

        • resourceId (string) --

          The ID of the covered resource.

        • resourceMetadata (dict) --

          An object that contains details about the metadata.

          • ec2 (dict) --

            An object that contains metadata details for an Amazon EC2 instance.

            • amiId (string) --

              The ID of the Amazon Machine Image (AMI) used to launch the instance.

            • platform (string) --

              The platform of the instance.

            • tags (dict) --

              The tags attached to the instance.

              • (string) --

                • (string) --

          • ecrImage (dict) --

            An object that contains details about the container metadata for an Amazon ECR image.

            • tags (list) --

              Tags associated with the Amazon ECR image metadata.

              • (string) --

          • ecrRepository (dict) --

            An object that contains details about the repository an Amazon ECR image resides in.

            • name (string) --

              The name of the Amazon ECR repository.

            • scanFrequency (string) --

              The frequency of scans.

          • lambdaFunction (dict) --

            An object that contains metadata details for an AWS Lambda function.

            • functionName (string) --

              The name of a function.

            • functionTags (dict) --

              The resource tags on an AWS Lambda function.

              • (string) --

                • (string) --

            • layers (list) --

              The layers for an AWS Lambda function. A Lambda function can have up to five layers.

              • (string) --

            • runtime (string) --

              An AWS Lambda function's runtime.

        • resourceType (string) --

          The type of the covered resource.

        • scanStatus (dict) --

          The status of the scan covering the resource.

          • reason (string) --

            The reason for the scan.

          • statusCode (string) --

            The status code of the scan.

        • scanType (string) --

          The Amazon Inspector scan type covering the resource.

    • nextToken (string) --

      A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

ListFilters (updated) Link ¶
Changes (response)
{'filters': {'criteria': {'codeVulnerabilityDetectorName': [{'comparison': 'EQUALS '
                                                                           '| '
                                                                           'PREFIX '
                                                                           '| '
                                                                           'NOT_EQUALS',
                                                             'value': 'string'}],
                          'codeVulnerabilityDetectorTags': [{'comparison': 'EQUALS '
                                                                           '| '
                                                                           'PREFIX '
                                                                           '| '
                                                                           'NOT_EQUALS',
                                                             'value': 'string'}],
                          'codeVulnerabilityFilePath': [{'comparison': 'EQUALS '
                                                                       '| '
                                                                       'PREFIX '
                                                                       '| '
                                                                       'NOT_EQUALS',
                                                         'value': 'string'}],
                          'epssScore': [{'lowerInclusive': 'double',
                                         'upperInclusive': 'double'}]}}}

Lists the filters associated with your account.

See also: AWS API Documentation

Request Syntax

client.list_filters(
    action='NONE'|'SUPPRESS',
    arns=[
        'string',
    ],
    maxResults=123,
    nextToken='string'
)
type action:

string

param action:

The action the filter applies to matched findings.

type arns:

list

param arns:

The Amazon resource number (ARN) of the filter.

  • (string) --

type maxResults:

integer

param maxResults:

The maximum number of results to return in the response.

type nextToken:

string

param nextToken:

A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

rtype:

dict

returns:

Response Syntax

{
    'filters': [
        {
            'action': 'NONE'|'SUPPRESS',
            'arn': 'string',
            'createdAt': datetime(2015, 1, 1),
            'criteria': {
                'awsAccountId': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'codeVulnerabilityDetectorName': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'codeVulnerabilityDetectorTags': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'codeVulnerabilityFilePath': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'componentId': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'componentType': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'ec2InstanceImageId': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'ec2InstanceSubnetId': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'ec2InstanceVpcId': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'ecrImageArchitecture': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'ecrImageHash': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'ecrImagePushedAt': [
                    {
                        'endInclusive': datetime(2015, 1, 1),
                        'startInclusive': datetime(2015, 1, 1)
                    },
                ],
                'ecrImageRegistry': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'ecrImageRepositoryName': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'ecrImageTags': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'epssScore': [
                    {
                        'lowerInclusive': 123.0,
                        'upperInclusive': 123.0
                    },
                ],
                'exploitAvailable': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'findingArn': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'findingStatus': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'findingType': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'firstObservedAt': [
                    {
                        'endInclusive': datetime(2015, 1, 1),
                        'startInclusive': datetime(2015, 1, 1)
                    },
                ],
                'fixAvailable': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'inspectorScore': [
                    {
                        'lowerInclusive': 123.0,
                        'upperInclusive': 123.0
                    },
                ],
                'lambdaFunctionExecutionRoleArn': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'lambdaFunctionLastModifiedAt': [
                    {
                        'endInclusive': datetime(2015, 1, 1),
                        'startInclusive': datetime(2015, 1, 1)
                    },
                ],
                'lambdaFunctionLayers': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'lambdaFunctionName': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'lambdaFunctionRuntime': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'lastObservedAt': [
                    {
                        'endInclusive': datetime(2015, 1, 1),
                        'startInclusive': datetime(2015, 1, 1)
                    },
                ],
                'networkProtocol': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'portRange': [
                    {
                        'beginInclusive': 123,
                        'endInclusive': 123
                    },
                ],
                'relatedVulnerabilities': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'resourceId': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'resourceTags': [
                    {
                        'comparison': 'EQUALS',
                        'key': 'string',
                        'value': 'string'
                    },
                ],
                'resourceType': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'severity': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'title': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'updatedAt': [
                    {
                        'endInclusive': datetime(2015, 1, 1),
                        'startInclusive': datetime(2015, 1, 1)
                    },
                ],
                'vendorSeverity': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'vulnerabilityId': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'vulnerabilitySource': [
                    {
                        'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                        'value': 'string'
                    },
                ],
                'vulnerablePackages': [
                    {
                        'architecture': {
                            'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                            'value': 'string'
                        },
                        'epoch': {
                            'lowerInclusive': 123.0,
                            'upperInclusive': 123.0
                        },
                        'name': {
                            'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                            'value': 'string'
                        },
                        'release': {
                            'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                            'value': 'string'
                        },
                        'sourceLambdaLayerArn': {
                            'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                            'value': 'string'
                        },
                        'sourceLayerHash': {
                            'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                            'value': 'string'
                        },
                        'version': {
                            'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                            'value': 'string'
                        }
                    },
                ]
            },
            'description': 'string',
            'name': 'string',
            'ownerId': 'string',
            'reason': 'string',
            'tags': {
                'string': 'string'
            },
            'updatedAt': datetime(2015, 1, 1)
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • filters (list) --

      Contains details on the filters associated with your account.

      • (dict) --

        Details about a filter.

        • action (string) --

          The action that is to be applied to the findings that match the filter.

        • arn (string) --

          The Amazon Resource Number (ARN) associated with this filter.

        • createdAt (datetime) --

          The date and time this filter was created at.

        • criteria (dict) --

          Details on the filter criteria associated with this filter.

          • awsAccountId (list) --

            Details of the Amazon Web Services account IDs used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • codeVulnerabilityDetectorName (list) --

            The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • codeVulnerabilityDetectorTags (list) --

            The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • codeVulnerabilityFilePath (list) --

            The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • componentId (list) --

            Details of the component IDs used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • componentType (list) --

            Details of the component types used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • ec2InstanceImageId (list) --

            Details of the Amazon EC2 instance image IDs used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • ec2InstanceSubnetId (list) --

            Details of the Amazon EC2 instance subnet IDs used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • ec2InstanceVpcId (list) --

            Details of the Amazon EC2 instance VPC IDs used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • ecrImageArchitecture (list) --

            Details of the Amazon ECR image architecture types used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • ecrImageHash (list) --

            Details of the Amazon ECR image hashes used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • ecrImagePushedAt (list) --

            Details on the Amazon ECR image push date and time used to filter findings.

            • (dict) --

              Contains details on the time range used to filter findings.

              • endInclusive (datetime) --

                A timestamp representing the end of the time period filtered on.

              • startInclusive (datetime) --

                A timestamp representing the start of the time period filtered on.

          • ecrImageRegistry (list) --

            Details on the Amazon ECR registry used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • ecrImageRepositoryName (list) --

            Details on the name of the Amazon ECR repository used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • ecrImageTags (list) --

            The tags attached to the Amazon ECR container image.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • epssScore (list) --

            The EPSS score used to filter findings.

            • (dict) --

              An object that describes the details of a number filter.

              • lowerInclusive (float) --

                The lowest number to be included in the filter.

              • upperInclusive (float) --

                The highest number to be included in the filter.

          • exploitAvailable (list) --

            Filters the list of AWS Lambda findings by the availability of exploits.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • findingArn (list) --

            Details on the finding ARNs used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • findingStatus (list) --

            Details on the finding status types used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • findingType (list) --

            Details on the finding types used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • firstObservedAt (list) --

            Details on the date and time a finding was first seen used to filter findings.

            • (dict) --

              Contains details on the time range used to filter findings.

              • endInclusive (datetime) --

                A timestamp representing the end of the time period filtered on.

              • startInclusive (datetime) --

                A timestamp representing the start of the time period filtered on.

          • fixAvailable (list) --

            Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • inspectorScore (list) --

            The Amazon Inspector score to filter on.

            • (dict) --

              An object that describes the details of a number filter.

              • lowerInclusive (float) --

                The lowest number to be included in the filter.

              • upperInclusive (float) --

                The highest number to be included in the filter.

          • lambdaFunctionExecutionRoleArn (list) --

            Filters the list of AWS Lambda functions by execution role.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • lambdaFunctionLastModifiedAt (list) --

            Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format

            • (dict) --

              Contains details on the time range used to filter findings.

              • endInclusive (datetime) --

                A timestamp representing the end of the time period filtered on.

              • startInclusive (datetime) --

                A timestamp representing the start of the time period filtered on.

          • lambdaFunctionLayers (list) --

            Filters the list of AWS Lambda functions by the function's layers. A Lambda function can have up to five layers.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • lambdaFunctionName (list) --

            Filters the list of AWS Lambda functions by the name of the function.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • lambdaFunctionRuntime (list) --

            Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • lastObservedAt (list) --

            Details on the date and time a finding was last seen used to filter findings.

            • (dict) --

              Contains details on the time range used to filter findings.

              • endInclusive (datetime) --

                A timestamp representing the end of the time period filtered on.

              • startInclusive (datetime) --

                A timestamp representing the start of the time period filtered on.

          • networkProtocol (list) --

            Details on the ingress source addresses used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • portRange (list) --

            Details on the port ranges used to filter findings.

            • (dict) --

              An object that describes the details of a port range filter.

              • beginInclusive (integer) --

                The port number the port range begins at.

              • endInclusive (integer) --

                The port number the port range ends at.

          • relatedVulnerabilities (list) --

            Details on the related vulnerabilities used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • resourceId (list) --

            Details on the resource IDs used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • resourceTags (list) --

            Details on the resource tags used to filter findings.

            • (dict) --

              An object that describes details of a map filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • key (string) --

                The tag key used in the filter.

              • value (string) --

                The tag value used in the filter.

          • resourceType (list) --

            Details on the resource types used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • severity (list) --

            Details on the severity used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • title (list) --

            Details on the finding title used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • updatedAt (list) --

            Details on the date and time a finding was last updated at used to filter findings.

            • (dict) --

              Contains details on the time range used to filter findings.

              • endInclusive (datetime) --

                A timestamp representing the end of the time period filtered on.

              • startInclusive (datetime) --

                A timestamp representing the start of the time period filtered on.

          • vendorSeverity (list) --

            Details on the vendor severity used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • vulnerabilityId (list) --

            Details on the vulnerability ID used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • vulnerabilitySource (list) --

            Details on the vulnerability type used to filter findings.

            • (dict) --

              An object that describes the details of a string filter.

              • comparison (string) --

                The operator to use when comparing values in the filter.

              • value (string) --

                The value to filter on.

          • vulnerablePackages (list) --

            Details on the vulnerable packages used to filter findings.

            • (dict) --

              Contains information on the details of a package filter.

              • architecture (dict) --

                An object that contains details on the package architecture type to filter on.

                • comparison (string) --

                  The operator to use when comparing values in the filter.

                • value (string) --

                  The value to filter on.

              • epoch (dict) --

                An object that contains details on the package epoch to filter on.

                • lowerInclusive (float) --

                  The lowest number to be included in the filter.

                • upperInclusive (float) --

                  The highest number to be included in the filter.

              • name (dict) --

                An object that contains details on the name of the package to filter on.

                • comparison (string) --

                  The operator to use when comparing values in the filter.

                • value (string) --

                  The value to filter on.

              • release (dict) --

                An object that contains details on the package release to filter on.

                • comparison (string) --

                  The operator to use when comparing values in the filter.

                • value (string) --

                  The value to filter on.

              • sourceLambdaLayerArn (dict) --

                An object that describes the details of a string filter.

                • comparison (string) --

                  The operator to use when comparing values in the filter.

                • value (string) --

                  The value to filter on.

              • sourceLayerHash (dict) --

                An object that contains details on the source layer hash to filter on.

                • comparison (string) --

                  The operator to use when comparing values in the filter.

                • value (string) --

                  The value to filter on.

              • version (dict) --

                The package version to filter on.

                • comparison (string) --

                  The operator to use when comparing values in the filter.

                • value (string) --

                  The value to filter on.

        • description (string) --

          A description of the filter.

        • name (string) --

          The name of the filter.

        • ownerId (string) --

          The Amazon Web Services account ID of the account that created the filter.

        • reason (string) --

          The reason for the filter.

        • tags (dict) --

          The tags attached to the filter.

          • (string) --

            • (string) --

        • updatedAt (datetime) --

          The date and time the filter was last updated at.

    • nextToken (string) --

      A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

ListFindingAggregations (updated) Link ¶
Changes (request)
{'aggregationRequest': {'accountAggregation': {'findingType': {'CODE_VULNERABILITY'}},
                        'findingTypeAggregation': {'findingType': {'CODE_VULNERABILITY'}},
                        'titleAggregation': {'findingType': 'NETWORK_REACHABILITY '
                                                            '| '
                                                            'PACKAGE_VULNERABILITY '
                                                            '| '
                                                            'CODE_VULNERABILITY'}}}

Lists aggregated finding data for your environment based on specific criteria.

See also: AWS API Documentation

Request Syntax

client.list_finding_aggregations(
    accountIds=[
        {
            'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
            'value': 'string'
        },
    ],
    aggregationRequest={
        'accountAggregation': {
            'findingType': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY'|'CODE_VULNERABILITY',
            'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_LAMBDA_FUNCTION',
            'sortBy': 'CRITICAL'|'HIGH'|'ALL',
            'sortOrder': 'ASC'|'DESC'
        },
        'amiAggregation': {
            'amis': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'sortBy': 'CRITICAL'|'HIGH'|'ALL'|'AFFECTED_INSTANCES',
            'sortOrder': 'ASC'|'DESC'
        },
        'awsEcrContainerAggregation': {
            'architectures': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'imageShas': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'imageTags': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'repositories': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'resourceIds': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'sortBy': 'CRITICAL'|'HIGH'|'ALL',
            'sortOrder': 'ASC'|'DESC'
        },
        'ec2InstanceAggregation': {
            'amis': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'instanceIds': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'instanceTags': [
                {
                    'comparison': 'EQUALS',
                    'key': 'string',
                    'value': 'string'
                },
            ],
            'operatingSystems': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'sortBy': 'NETWORK_FINDINGS'|'CRITICAL'|'HIGH'|'ALL',
            'sortOrder': 'ASC'|'DESC'
        },
        'findingTypeAggregation': {
            'findingType': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY'|'CODE_VULNERABILITY',
            'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_LAMBDA_FUNCTION',
            'sortBy': 'CRITICAL'|'HIGH'|'ALL',
            'sortOrder': 'ASC'|'DESC'
        },
        'imageLayerAggregation': {
            'layerHashes': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'repositories': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'resourceIds': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'sortBy': 'CRITICAL'|'HIGH'|'ALL',
            'sortOrder': 'ASC'|'DESC'
        },
        'lambdaFunctionAggregation': {
            'functionNames': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'functionTags': [
                {
                    'comparison': 'EQUALS',
                    'key': 'string',
                    'value': 'string'
                },
            ],
            'resourceIds': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'runtimes': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'sortBy': 'CRITICAL'|'HIGH'|'ALL',
            'sortOrder': 'ASC'|'DESC'
        },
        'lambdaLayerAggregation': {
            'functionNames': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'layerArns': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'resourceIds': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'sortBy': 'CRITICAL'|'HIGH'|'ALL',
            'sortOrder': 'ASC'|'DESC'
        },
        'packageAggregation': {
            'packageNames': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'sortBy': 'CRITICAL'|'HIGH'|'ALL',
            'sortOrder': 'ASC'|'DESC'
        },
        'repositoryAggregation': {
            'repositories': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'sortBy': 'CRITICAL'|'HIGH'|'ALL'|'AFFECTED_IMAGES',
            'sortOrder': 'ASC'|'DESC'
        },
        'titleAggregation': {
            'findingType': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY'|'CODE_VULNERABILITY',
            'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_LAMBDA_FUNCTION',
            'sortBy': 'CRITICAL'|'HIGH'|'ALL',
            'sortOrder': 'ASC'|'DESC',
            'titles': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ],
            'vulnerabilityIds': [
                {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
            ]
        }
    },
    aggregationType='FINDING_TYPE'|'PACKAGE'|'TITLE'|'REPOSITORY'|'AMI'|'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER'|'IMAGE_LAYER'|'ACCOUNT'|'AWS_LAMBDA_FUNCTION'|'LAMBDA_LAYER',
    maxResults=123,
    nextToken='string'
)
type accountIds:

list

param accountIds:

The Amazon Web Services account IDs to retrieve finding aggregation data for.

  • (dict) --

    An object that describes the details of a string filter.

    • comparison (string) -- [REQUIRED]

      The operator to use when comparing values in the filter.

    • value (string) -- [REQUIRED]

      The value to filter on.

type aggregationRequest:

dict

param aggregationRequest:

Details of the aggregation request that is used to filter your aggregation results.

  • accountAggregation (dict) --

    An object that contains details about an aggregation request based on Amazon Web Services account IDs.

    • findingType (string) --

      The type of finding.

    • resourceType (string) --

      The type of resource.

    • sortBy (string) --

      The value to sort by.

    • sortOrder (string) --

      The sort order (ascending or descending).

  • amiAggregation (dict) --

    An object that contains details about an aggregation request based on Amazon Machine Images (AMIs).

    • amis (list) --

      The IDs of AMIs to aggregate findings for.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • sortBy (string) --

      The value to sort results by.

    • sortOrder (string) --

      The order to sort results by.

  • awsEcrContainerAggregation (dict) --

    An object that contains details about an aggregation request based on Amazon ECR container images.

    • architectures (list) --

      The architecture of the containers.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • imageShas (list) --

      The image SHA values.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • imageTags (list) --

      The image tags.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • repositories (list) --

      The container repositories.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • resourceIds (list) --

      The container resource IDs.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • sortBy (string) --

      The value to sort by.

    • sortOrder (string) --

      The sort order (ascending or descending).

  • ec2InstanceAggregation (dict) --

    An object that contains details about an aggregation request based on Amazon EC2 instances.

    • amis (list) --

      The AMI IDs associated with the Amazon EC2 instances to aggregate findings for.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • instanceIds (list) --

      The Amazon EC2 instance IDs to aggregate findings for.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • instanceTags (list) --

      The Amazon EC2 instance tags to aggregate findings for.

      • (dict) --

        An object that describes details of a map filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • key (string) -- [REQUIRED]

          The tag key used in the filter.

        • value (string) --

          The tag value used in the filter.

    • operatingSystems (list) --

      The operating system types to aggregate findings for. Valid values must be uppercase and underscore separated, examples are ORACLE_LINUX_7 and ALPINE_LINUX_3_8.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • sortBy (string) --

      The value to sort results by.

    • sortOrder (string) --

      The order to sort results by.

  • findingTypeAggregation (dict) --

    An object that contains details about an aggregation request based on finding types.

    • findingType (string) --

      The finding type to aggregate.

    • resourceType (string) --

      The resource type to aggregate.

    • sortBy (string) --

      The value to sort results by.

    • sortOrder (string) --

      The order to sort results by.

  • imageLayerAggregation (dict) --

    An object that contains details about an aggregation request based on container image layers.

    • layerHashes (list) --

      The hashes associated with the layers.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • repositories (list) --

      The repository associated with the container image hosting the layers.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • resourceIds (list) --

      The ID of the container image layer.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • sortBy (string) --

      The value to sort results by.

    • sortOrder (string) --

      The order to sort results by.

  • lambdaFunctionAggregation (dict) --

    Returns an object with findings aggregated by AWS Lambda function.

    • functionNames (list) --

      The AWS Lambda function names to include in the aggregation results.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • functionTags (list) --

      The tags to include in the aggregation results.

      • (dict) --

        An object that describes details of a map filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • key (string) -- [REQUIRED]

          The tag key used in the filter.

        • value (string) --

          The tag value used in the filter.

    • resourceIds (list) --

      The resource IDs to include in the aggregation results.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • runtimes (list) --

      Returns findings aggregated by AWS Lambda function runtime environments.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • sortBy (string) --

      The finding severity to use for sorting the results.

    • sortOrder (string) --

      The order to use for sorting the results.

  • lambdaLayerAggregation (dict) --

    Returns an object with findings aggregated by AWS Lambda layer.

    • functionNames (list) --

      The names of the AWS Lambda functions associated with the layers.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • layerArns (list) --

      The Amazon Resource Name (ARN) of the AWS Lambda function layer.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • resourceIds (list) --

      The resource IDs for the AWS Lambda function layers.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • sortBy (string) --

      The finding severity to use for sorting the results.

    • sortOrder (string) --

      The order to use for sorting the results.

  • packageAggregation (dict) --

    An object that contains details about an aggregation request based on operating system package type.

    • packageNames (list) --

      The names of packages to aggregate findings on.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • sortBy (string) --

      The value to sort results by.

    • sortOrder (string) --

      The order to sort results by.

  • repositoryAggregation (dict) --

    An object that contains details about an aggregation request based on Amazon ECR repositories.

    • repositories (list) --

      The names of repositories to aggregate findings on.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • sortBy (string) --

      The value to sort results by.

    • sortOrder (string) --

      The order to sort results by.

  • titleAggregation (dict) --

    An object that contains details about an aggregation request based on finding title.

    • findingType (string) --

      The type of finding to aggregate on.

    • resourceType (string) --

      The resource type to aggregate on.

    • sortBy (string) --

      The value to sort results by.

    • sortOrder (string) --

      The order to sort results by.

    • titles (list) --

      The finding titles to aggregate on.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

    • vulnerabilityIds (list) --

      The vulnerability IDs of the findings.

      • (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

type aggregationType:

string

param aggregationType:

[REQUIRED]

The type of the aggregation request.

type maxResults:

integer

param maxResults:

The maximum number of results to return in the response.

type nextToken:

string

param nextToken:

A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

rtype:

dict

returns:

Response Syntax

{
    'aggregationType': 'FINDING_TYPE'|'PACKAGE'|'TITLE'|'REPOSITORY'|'AMI'|'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER'|'IMAGE_LAYER'|'ACCOUNT'|'AWS_LAMBDA_FUNCTION'|'LAMBDA_LAYER',
    'nextToken': 'string',
    'responses': [
        {
            'accountAggregation': {
                'accountId': 'string',
                'severityCounts': {
                    'all': 123,
                    'critical': 123,
                    'high': 123,
                    'medium': 123
                }
            },
            'amiAggregation': {
                'accountId': 'string',
                'affectedInstances': 123,
                'ami': 'string',
                'severityCounts': {
                    'all': 123,
                    'critical': 123,
                    'high': 123,
                    'medium': 123
                }
            },
            'awsEcrContainerAggregation': {
                'accountId': 'string',
                'architecture': 'string',
                'imageSha': 'string',
                'imageTags': [
                    'string',
                ],
                'repository': 'string',
                'resourceId': 'string',
                'severityCounts': {
                    'all': 123,
                    'critical': 123,
                    'high': 123,
                    'medium': 123
                }
            },
            'ec2InstanceAggregation': {
                'accountId': 'string',
                'ami': 'string',
                'instanceId': 'string',
                'instanceTags': {
                    'string': 'string'
                },
                'networkFindings': 123,
                'operatingSystem': 'string',
                'severityCounts': {
                    'all': 123,
                    'critical': 123,
                    'high': 123,
                    'medium': 123
                }
            },
            'findingTypeAggregation': {
                'accountId': 'string',
                'severityCounts': {
                    'all': 123,
                    'critical': 123,
                    'high': 123,
                    'medium': 123
                }
            },
            'imageLayerAggregation': {
                'accountId': 'string',
                'layerHash': 'string',
                'repository': 'string',
                'resourceId': 'string',
                'severityCounts': {
                    'all': 123,
                    'critical': 123,
                    'high': 123,
                    'medium': 123
                }
            },
            'lambdaFunctionAggregation': {
                'accountId': 'string',
                'functionName': 'string',
                'lambdaTags': {
                    'string': 'string'
                },
                'lastModifiedAt': datetime(2015, 1, 1),
                'resourceId': 'string',
                'runtime': 'string',
                'severityCounts': {
                    'all': 123,
                    'critical': 123,
                    'high': 123,
                    'medium': 123
                }
            },
            'lambdaLayerAggregation': {
                'accountId': 'string',
                'functionName': 'string',
                'layerArn': 'string',
                'resourceId': 'string',
                'severityCounts': {
                    'all': 123,
                    'critical': 123,
                    'high': 123,
                    'medium': 123
                }
            },
            'packageAggregation': {
                'accountId': 'string',
                'packageName': 'string',
                'severityCounts': {
                    'all': 123,
                    'critical': 123,
                    'high': 123,
                    'medium': 123
                }
            },
            'repositoryAggregation': {
                'accountId': 'string',
                'affectedImages': 123,
                'repository': 'string',
                'severityCounts': {
                    'all': 123,
                    'critical': 123,
                    'high': 123,
                    'medium': 123
                }
            },
            'titleAggregation': {
                'accountId': 'string',
                'severityCounts': {
                    'all': 123,
                    'critical': 123,
                    'high': 123,
                    'medium': 123
                },
                'title': 'string',
                'vulnerabilityId': 'string'
            }
        },
    ]
}

Response Structure

  • (dict) --

    • aggregationType (string) --

      The type of aggregation to perform.

    • nextToken (string) --

      A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

    • responses (list) --

      Objects that contain the results of an aggregation operation.

      • (dict) --

        A structure that contains details about the results of an aggregation type.

        • accountAggregation (dict) --

          An object that contains details about an aggregation response based on Amazon Web Services account IDs.

          • accountId (string) --

            The Amazon Web Services account ID.

          • severityCounts (dict) --

            The number of findings by severity.

            • all (integer) --

              The total count of findings from all severities.

            • critical (integer) --

              The total count of critical severity findings.

            • high (integer) --

              The total count of high severity findings.

            • medium (integer) --

              The total count of medium severity findings.

        • amiAggregation (dict) --

          An object that contains details about an aggregation response based on Amazon Machine Images (AMIs).

          • accountId (string) --

            The Amazon Web Services account ID for the AMI.

          • affectedInstances (integer) --

            The IDs of Amazon EC2 instances using this AMI.

          • ami (string) --

            The ID of the AMI that findings were aggregated for.

          • severityCounts (dict) --

            An object that contains the count of matched findings per severity.

            • all (integer) --

              The total count of findings from all severities.

            • critical (integer) --

              The total count of critical severity findings.

            • high (integer) --

              The total count of high severity findings.

            • medium (integer) --

              The total count of medium severity findings.

        • awsEcrContainerAggregation (dict) --

          An object that contains details about an aggregation response based on Amazon ECR container images.

          • accountId (string) --

            The Amazon Web Services account ID of the account that owns the container.

          • architecture (string) --

            The architecture of the container.

          • imageSha (string) --

            The SHA value of the container image.

          • imageTags (list) --

            The container image stags.

            • (string) --

          • repository (string) --

            The container repository.

          • resourceId (string) --

            The resource ID of the container.

          • severityCounts (dict) --

            The number of finding by severity.

            • all (integer) --

              The total count of findings from all severities.

            • critical (integer) --

              The total count of critical severity findings.

            • high (integer) --

              The total count of high severity findings.

            • medium (integer) --

              The total count of medium severity findings.

        • ec2InstanceAggregation (dict) --

          An object that contains details about an aggregation response based on Amazon EC2 instances.

          • accountId (string) --

            The Amazon Web Services account for the Amazon EC2 instance.

          • ami (string) --

            The Amazon Machine Image (AMI) of the Amazon EC2 instance.

          • instanceId (string) --

            The Amazon EC2 instance ID.

          • instanceTags (dict) --

            The tags attached to the instance.

            • (string) --

              • (string) --

          • networkFindings (integer) --

            The number of network findings for the Amazon EC2 instance.

          • operatingSystem (string) --

            The operating system of the Amazon EC2 instance.

          • severityCounts (dict) --

            An object that contains the count of matched findings per severity.

            • all (integer) --

              The total count of findings from all severities.

            • critical (integer) --

              The total count of critical severity findings.

            • high (integer) --

              The total count of high severity findings.

            • medium (integer) --

              The total count of medium severity findings.

        • findingTypeAggregation (dict) --

          An object that contains details about an aggregation response based on finding types.

          • accountId (string) --

            The ID of the Amazon Web Services account associated with the findings.

          • severityCounts (dict) --

            The value to sort results by.

            • all (integer) --

              The total count of findings from all severities.

            • critical (integer) --

              The total count of critical severity findings.

            • high (integer) --

              The total count of high severity findings.

            • medium (integer) --

              The total count of medium severity findings.

        • imageLayerAggregation (dict) --

          An object that contains details about an aggregation response based on container image layers.

          • accountId (string) --

            The ID of the Amazon Web Services account that owns the container image hosting the layer image.

          • layerHash (string) --

            The layer hash.

          • repository (string) --

            The repository the layer resides in.

          • resourceId (string) --

            The resource ID of the container image layer.

          • severityCounts (dict) --

            An object that represents the count of matched findings per severity.

            • all (integer) --

              The total count of findings from all severities.

            • critical (integer) --

              The total count of critical severity findings.

            • high (integer) --

              The total count of high severity findings.

            • medium (integer) --

              The total count of medium severity findings.

        • lambdaFunctionAggregation (dict) --

          An aggregation of findings by AWS Lambda function.

          • accountId (string) --

            The ID of the AWS account that owns the AWS Lambda function.

          • functionName (string) --

            The AWS Lambda function names included in the aggregation results.

          • lambdaTags (dict) --

            The tags included in the aggregation results.

            • (string) --

              • (string) --

          • lastModifiedAt (datetime) --

            The date that the AWS Lambda function included in the aggregation results was last changed.

          • resourceId (string) --

            The resource IDs included in the aggregation results.

          • runtime (string) --

            The runtimes included in the aggregation results.

          • severityCounts (dict) --

            An object that contains the counts of aggregated finding per severity.

            • all (integer) --

              The total count of findings from all severities.

            • critical (integer) --

              The total count of critical severity findings.

            • high (integer) --

              The total count of high severity findings.

            • medium (integer) --

              The total count of medium severity findings.

        • lambdaLayerAggregation (dict) --

          An aggregation of findings by AWS Lambda layer.

          • accountId (string) --

            The account ID of the AWS Lambda function layer.

          • functionName (string) --

            The names of the AWS Lambda functions associated with the layers.

          • layerArn (string) --

            The Amazon Resource Name (ARN) of the AWS Lambda function layer.

          • resourceId (string) --

            The Resource ID of the AWS Lambda function layer.

          • severityCounts (dict) --

            An object that contains the counts of aggregated finding per severity.

            • all (integer) --

              The total count of findings from all severities.

            • critical (integer) --

              The total count of critical severity findings.

            • high (integer) --

              The total count of high severity findings.

            • medium (integer) --

              The total count of medium severity findings.

        • packageAggregation (dict) --

          An object that contains details about an aggregation response based on operating system package type.

          • accountId (string) --

            The ID of the Amazon Web Services account associated with the findings.

          • packageName (string) --

            The name of the operating system package.

          • severityCounts (dict) --

            An object that contains the count of matched findings per severity.

            • all (integer) --

              The total count of findings from all severities.

            • critical (integer) --

              The total count of critical severity findings.

            • high (integer) --

              The total count of high severity findings.

            • medium (integer) --

              The total count of medium severity findings.

        • repositoryAggregation (dict) --

          An object that contains details about an aggregation response based on Amazon ECR repositories.

          • accountId (string) --

            The ID of the Amazon Web Services account associated with the findings.

          • affectedImages (integer) --

            The number of container images impacted by the findings.

          • repository (string) --

            The name of the repository associated with the findings.

          • severityCounts (dict) --

            An object that represent the count of matched findings per severity.

            • all (integer) --

              The total count of findings from all severities.

            • critical (integer) --

              The total count of critical severity findings.

            • high (integer) --

              The total count of high severity findings.

            • medium (integer) --

              The total count of medium severity findings.

        • titleAggregation (dict) --

          An object that contains details about an aggregation response based on finding title.

          • accountId (string) --

            The ID of the Amazon Web Services account associated with the findings.

          • severityCounts (dict) --

            An object that represent the count of matched findings per severity.

            • all (integer) --

              The total count of findings from all severities.

            • critical (integer) --

              The total count of critical severity findings.

            • high (integer) --

              The total count of high severity findings.

            • medium (integer) --

              The total count of medium severity findings.

          • title (string) --

            The title that the findings were aggregated on.

          • vulnerabilityId (string) --

            The vulnerability ID of the finding.

ListFindings (updated) Link ¶
Changes (request, response)
Request
{'filterCriteria': {'codeVulnerabilityDetectorName': [{'comparison': 'EQUALS | '
                                                                     'PREFIX | '
                                                                     'NOT_EQUALS',
                                                       'value': 'string'}],
                    'codeVulnerabilityDetectorTags': [{'comparison': 'EQUALS | '
                                                                     'PREFIX | '
                                                                     'NOT_EQUALS',
                                                       'value': 'string'}],
                    'codeVulnerabilityFilePath': [{'comparison': 'EQUALS | '
                                                                 'PREFIX | '
                                                                 'NOT_EQUALS',
                                                   'value': 'string'}],
                    'epssScore': [{'lowerInclusive': 'double',
                                   'upperInclusive': 'double'}]},
 'sortCriteria': {'field': {'EPSS_SCORE'}}}
Response
{'findings': {'codeVulnerabilityDetails': {'cwes': ['string'],
                                           'detectorId': 'string',
                                           'detectorName': 'string',
                                           'detectorTags': ['string'],
                                           'filePath': {'endLine': 'integer',
                                                        'fileName': 'string',
                                                        'filePath': 'string',
                                                        'startLine': 'integer'},
                                           'referenceUrls': ['string'],
                                           'ruleId': 'string',
                                           'sourceLambdaLayerArn': 'string'},
              'epss': {'score': 'double'},
              'resources': {'details': {'awsLambdaFunction': {'runtime': {'JAVA_17',
                                                                          'PYTHON_3_10'}}}},
              'type': {'CODE_VULNERABILITY'}}}

Lists findings for your environment.

See also: AWS API Documentation

Request Syntax

client.list_findings(
    filterCriteria={
        'awsAccountId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityFilePath': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceImageId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceSubnetId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceVpcId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageArchitecture': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageHash': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImagePushedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'ecrImageRegistry': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageRepositoryName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'epssScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'exploitAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingStatus': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'firstObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'fixAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'inspectorScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'lambdaFunctionExecutionRoleArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionLastModifiedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'lambdaFunctionLayers': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionRuntime': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lastObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'networkProtocol': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'portRange': [
            {
                'beginInclusive': 123,
                'endInclusive': 123
            },
        ],
        'relatedVulnerabilities': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'resourceType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'severity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'title': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'updatedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'vendorSeverity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilityId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilitySource': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerablePackages': [
            {
                'architecture': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'epoch': {
                    'lowerInclusive': 123.0,
                    'upperInclusive': 123.0
                },
                'name': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'release': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLambdaLayerArn': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLayerHash': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'version': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                }
            },
        ]
    },
    maxResults=123,
    nextToken='string',
    sortCriteria={
        'field': 'AWS_ACCOUNT_ID'|'FINDING_TYPE'|'SEVERITY'|'FIRST_OBSERVED_AT'|'LAST_OBSERVED_AT'|'FINDING_STATUS'|'RESOURCE_TYPE'|'ECR_IMAGE_PUSHED_AT'|'ECR_IMAGE_REPOSITORY_NAME'|'ECR_IMAGE_REGISTRY'|'NETWORK_PROTOCOL'|'COMPONENT_TYPE'|'VULNERABILITY_ID'|'VULNERABILITY_SOURCE'|'INSPECTOR_SCORE'|'VENDOR_SEVERITY'|'EPSS_SCORE',
        'sortOrder': 'ASC'|'DESC'
    }
)
type filterCriteria:

dict

param filterCriteria:

Details on the filters to apply to your finding results.

  • awsAccountId (list) --

    Details of the Amazon Web Services account IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityDetectorName (list) --

    The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityDetectorTags (list) --

    The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityFilePath (list) --

    The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • componentId (list) --

    Details of the component IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • componentType (list) --

    Details of the component types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceImageId (list) --

    Details of the Amazon EC2 instance image IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceSubnetId (list) --

    Details of the Amazon EC2 instance subnet IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceVpcId (list) --

    Details of the Amazon EC2 instance VPC IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageArchitecture (list) --

    Details of the Amazon ECR image architecture types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageHash (list) --

    Details of the Amazon ECR image hashes used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImagePushedAt (list) --

    Details on the Amazon ECR image push date and time used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • ecrImageRegistry (list) --

    Details on the Amazon ECR registry used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageRepositoryName (list) --

    Details on the name of the Amazon ECR repository used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageTags (list) --

    The tags attached to the Amazon ECR container image.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • epssScore (list) --

    The EPSS score used to filter findings.

    • (dict) --

      An object that describes the details of a number filter.

      • lowerInclusive (float) --

        The lowest number to be included in the filter.

      • upperInclusive (float) --

        The highest number to be included in the filter.

  • exploitAvailable (list) --

    Filters the list of AWS Lambda findings by the availability of exploits.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingArn (list) --

    Details on the finding ARNs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingStatus (list) --

    Details on the finding status types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingType (list) --

    Details on the finding types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • firstObservedAt (list) --

    Details on the date and time a finding was first seen used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • fixAvailable (list) --

    Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • inspectorScore (list) --

    The Amazon Inspector score to filter on.

    • (dict) --

      An object that describes the details of a number filter.

      • lowerInclusive (float) --

        The lowest number to be included in the filter.

      • upperInclusive (float) --

        The highest number to be included in the filter.

  • lambdaFunctionExecutionRoleArn (list) --

    Filters the list of AWS Lambda functions by execution role.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionLastModifiedAt (list) --

    Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • lambdaFunctionLayers (list) --

    Filters the list of AWS Lambda functions by the function's layers. A Lambda function can have up to five layers.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionName (list) --

    Filters the list of AWS Lambda functions by the name of the function.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionRuntime (list) --

    Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lastObservedAt (list) --

    Details on the date and time a finding was last seen used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • networkProtocol (list) --

    Details on the ingress source addresses used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • portRange (list) --

    Details on the port ranges used to filter findings.

    • (dict) --

      An object that describes the details of a port range filter.

      • beginInclusive (integer) --

        The port number the port range begins at.

      • endInclusive (integer) --

        The port number the port range ends at.

  • relatedVulnerabilities (list) --

    Details on the related vulnerabilities used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • resourceId (list) --

    Details on the resource IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • resourceTags (list) --

    Details on the resource tags used to filter findings.

    • (dict) --

      An object that describes details of a map filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • key (string) -- [REQUIRED]

        The tag key used in the filter.

      • value (string) --

        The tag value used in the filter.

  • resourceType (list) --

    Details on the resource types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • severity (list) --

    Details on the severity used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • title (list) --

    Details on the finding title used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • updatedAt (list) --

    Details on the date and time a finding was last updated at used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • vendorSeverity (list) --

    Details on the vendor severity used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerabilityId (list) --

    Details on the vulnerability ID used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerabilitySource (list) --

    Details on the vulnerability type used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerablePackages (list) --

    Details on the vulnerable packages used to filter findings.

    • (dict) --

      Contains information on the details of a package filter.

      • architecture (dict) --

        An object that contains details on the package architecture type to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • epoch (dict) --

        An object that contains details on the package epoch to filter on.

        • lowerInclusive (float) --

          The lowest number to be included in the filter.

        • upperInclusive (float) --

          The highest number to be included in the filter.

      • name (dict) --

        An object that contains details on the name of the package to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • release (dict) --

        An object that contains details on the package release to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • sourceLambdaLayerArn (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • sourceLayerHash (dict) --

        An object that contains details on the source layer hash to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • version (dict) --

        The package version to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

type maxResults:

integer

param maxResults:

The maximum number of results to return in the response.

type nextToken:

string

param nextToken:

A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

type sortCriteria:

dict

param sortCriteria:

Details on the sort criteria to apply to your finding results.

  • field (string) -- [REQUIRED]

    The finding detail field by which results are sorted.

  • sortOrder (string) -- [REQUIRED]

    The order by which findings are sorted.

rtype:

dict

returns:

Response Syntax

{
    'findings': [
        {
            'awsAccountId': 'string',
            'codeVulnerabilityDetails': {
                'cwes': [
                    'string',
                ],
                'detectorId': 'string',
                'detectorName': 'string',
                'detectorTags': [
                    'string',
                ],
                'filePath': {
                    'endLine': 123,
                    'fileName': 'string',
                    'filePath': 'string',
                    'startLine': 123
                },
                'referenceUrls': [
                    'string',
                ],
                'ruleId': 'string',
                'sourceLambdaLayerArn': 'string'
            },
            'description': 'string',
            'epss': {
                'score': 123.0
            },
            'exploitAvailable': 'YES'|'NO',
            'exploitabilityDetails': {
                'lastKnownExploitAt': datetime(2015, 1, 1)
            },
            'findingArn': 'string',
            'firstObservedAt': datetime(2015, 1, 1),
            'fixAvailable': 'YES'|'NO'|'PARTIAL',
            'inspectorScore': 123.0,
            'inspectorScoreDetails': {
                'adjustedCvss': {
                    'adjustments': [
                        {
                            'metric': 'string',
                            'reason': 'string'
                        },
                    ],
                    'cvssSource': 'string',
                    'score': 123.0,
                    'scoreSource': 'string',
                    'scoringVector': 'string',
                    'version': 'string'
                }
            },
            'lastObservedAt': datetime(2015, 1, 1),
            'networkReachabilityDetails': {
                'networkPath': {
                    'steps': [
                        {
                            'componentId': 'string',
                            'componentType': 'string'
                        },
                    ]
                },
                'openPortRange': {
                    'begin': 123,
                    'end': 123
                },
                'protocol': 'TCP'|'UDP'
            },
            'packageVulnerabilityDetails': {
                'cvss': [
                    {
                        'baseScore': 123.0,
                        'scoringVector': 'string',
                        'source': 'string',
                        'version': 'string'
                    },
                ],
                'referenceUrls': [
                    'string',
                ],
                'relatedVulnerabilities': [
                    'string',
                ],
                'source': 'string',
                'sourceUrl': 'string',
                'vendorCreatedAt': datetime(2015, 1, 1),
                'vendorSeverity': 'string',
                'vendorUpdatedAt': datetime(2015, 1, 1),
                'vulnerabilityId': 'string',
                'vulnerablePackages': [
                    {
                        'arch': 'string',
                        'epoch': 123,
                        'filePath': 'string',
                        'fixedInVersion': 'string',
                        'name': 'string',
                        'packageManager': 'BUNDLER'|'CARGO'|'COMPOSER'|'NPM'|'NUGET'|'PIPENV'|'POETRY'|'YARN'|'GOBINARY'|'GOMOD'|'JAR'|'OS'|'PIP'|'PYTHONPKG'|'NODEPKG'|'POM'|'GEMSPEC',
                        'release': 'string',
                        'remediation': 'string',
                        'sourceLambdaLayerArn': 'string',
                        'sourceLayerHash': 'string',
                        'version': 'string'
                    },
                ]
            },
            'remediation': {
                'recommendation': {
                    'Url': 'string',
                    'text': 'string'
                }
            },
            'resources': [
                {
                    'details': {
                        'awsEc2Instance': {
                            'iamInstanceProfileArn': 'string',
                            'imageId': 'string',
                            'ipV4Addresses': [
                                'string',
                            ],
                            'ipV6Addresses': [
                                'string',
                            ],
                            'keyName': 'string',
                            'launchedAt': datetime(2015, 1, 1),
                            'platform': 'string',
                            'subnetId': 'string',
                            'type': 'string',
                            'vpcId': 'string'
                        },
                        'awsEcrContainerImage': {
                            'architecture': 'string',
                            'author': 'string',
                            'imageHash': 'string',
                            'imageTags': [
                                'string',
                            ],
                            'platform': 'string',
                            'pushedAt': datetime(2015, 1, 1),
                            'registry': 'string',
                            'repositoryName': 'string'
                        },
                        'awsLambdaFunction': {
                            'architectures': [
                                'X86_64'|'ARM64',
                            ],
                            'codeSha256': 'string',
                            'executionRoleArn': 'string',
                            'functionName': 'string',
                            'lastModifiedAt': datetime(2015, 1, 1),
                            'layers': [
                                'string',
                            ],
                            'packageType': 'IMAGE'|'ZIP',
                            'runtime': 'NODEJS'|'NODEJS_12_X'|'NODEJS_14_X'|'NODEJS_16_X'|'JAVA_8'|'JAVA_8_AL2'|'JAVA_11'|'PYTHON_3_7'|'PYTHON_3_8'|'PYTHON_3_9'|'UNSUPPORTED'|'NODEJS_18_X'|'GO_1_X'|'JAVA_17'|'PYTHON_3_10',
                            'version': 'string',
                            'vpcConfig': {
                                'securityGroupIds': [
                                    'string',
                                ],
                                'subnetIds': [
                                    'string',
                                ],
                                'vpcId': 'string'
                            }
                        }
                    },
                    'id': 'string',
                    'partition': 'string',
                    'region': 'string',
                    'tags': {
                        'string': 'string'
                    },
                    'type': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY'|'AWS_LAMBDA_FUNCTION'
                },
            ],
            'severity': 'INFORMATIONAL'|'LOW'|'MEDIUM'|'HIGH'|'CRITICAL'|'UNTRIAGED',
            'status': 'ACTIVE'|'SUPPRESSED'|'CLOSED',
            'title': 'string',
            'type': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY'|'CODE_VULNERABILITY',
            'updatedAt': datetime(2015, 1, 1)
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • findings (list) --

      Contains details on the findings in your environment.

      • (dict) --

        Details about an Amazon Inspector finding.

        • awsAccountId (string) --

          The Amazon Web Services account ID associated with the finding.

        • codeVulnerabilityDetails (dict) --

          Details about the code vulnerability identified in a Lambda function used to filter findings.

          • cwes (list) --

            The Common Weakness Enumeration (CWE) item associated with the detected vulnerability.

            • (string) --

          • detectorId (string) --

            The ID for the Amazon CodeGuru detector associated with the finding. For more information on detectors see Amazon CodeGuru Detector Library.

          • detectorName (string) --

            The name of the detector used to identify the code vulnerability. For more information on detectors see CodeGuru Detector Library.

          • detectorTags (list) --

            The detector tag associated with the vulnerability. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.

            • (string) --

          • filePath (dict) --

            Contains information on where the code vulnerability is located in your code.

            • endLine (integer) --

              The line number of the last line of code that a vulnerability was found in.

            • fileName (string) --

              The name of the file the code vulnerability was found in.

            • filePath (string) --

              The file path to the code that a vulnerability was found in.

            • startLine (integer) --

              The line number of the first line of code that a vulnerability was found in.

          • referenceUrls (list) --

            A URL containing supporting documentation about the code vulnerability detected.

            • (string) --

          • ruleId (string) --

            The identifier for a rule that was used to detect the code vulnerability.

          • sourceLambdaLayerArn (string) --

            The Amazon Resource Name (ARN) of the Lambda layer that the code vulnerability was detected in.

        • description (string) --

          The description of the finding.

        • epss (dict) --

          The finding's EPSS score.

          • score (float) --

            The EPSS score.

        • exploitAvailable (string) --

          If a finding discovered in your environment has an exploit available.

        • exploitabilityDetails (dict) --

          The details of an exploit available for a finding discovered in your environment.

          • lastKnownExploitAt (datetime) --

            The date and time of the last exploit associated with a finding discovered in your environment.

        • findingArn (string) --

          The Amazon Resource Number (ARN) of the finding.

        • firstObservedAt (datetime) --

          The date and time that the finding was first observed.

        • fixAvailable (string) --

          Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.

        • inspectorScore (float) --

          The Amazon Inspector score given to the finding.

        • inspectorScoreDetails (dict) --

          An object that contains details of the Amazon Inspector score.

          • adjustedCvss (dict) --

            An object that contains details about the CVSS score given to a finding.

            • adjustments (list) --

              An object that contains details about adjustment Amazon Inspector made to the CVSS score.

              • (dict) --

                Details on adjustments Amazon Inspector made to the CVSS score for a finding.

                • metric (string) --

                  The metric used to adjust the CVSS score.

                • reason (string) --

                  The reason the CVSS score has been adjustment.

            • cvssSource (string) --

              The source of the CVSS data.

            • score (float) --

              The CVSS score.

            • scoreSource (string) --

              The source for the CVSS score.

            • scoringVector (string) --

              The vector for the CVSS score.

            • version (string) --

              The CVSS version used in scoring.

        • lastObservedAt (datetime) --

          The date and time that the finding was last observed.

        • networkReachabilityDetails (dict) --

          An object that contains the details of a network reachability finding.

          • networkPath (dict) --

            An object that contains details about a network path associated with a finding.

            • steps (list) --

              The details on the steps in the network path.

              • (dict) --

                Details about the step associated with a finding.

                • componentId (string) --

                  The component ID.

                • componentType (string) --

                  The component type.

          • openPortRange (dict) --

            An object that contains details about the open port range associated with a finding.

            • begin (integer) --

              The beginning port in a port range.

            • end (integer) --

              The ending port in a port range.

          • protocol (string) --

            The protocol associated with a finding.

        • packageVulnerabilityDetails (dict) --

          An object that contains the details of a package vulnerability finding.

          • cvss (list) --

            An object that contains details about the CVSS score of a finding.

            • (dict) --

              The CVSS score for a finding.

              • baseScore (float) --

                The base CVSS score used for the finding.

              • scoringVector (string) --

                The vector string of the CVSS score.

              • source (string) --

                The source of the CVSS score.

              • version (string) --

                The version of CVSS used for the score.

          • referenceUrls (list) --

            One or more URLs that contain details about this vulnerability type.

            • (string) --

          • relatedVulnerabilities (list) --

            One or more vulnerabilities related to the one identified in this finding.

            • (string) --

          • source (string) --

            The source of the vulnerability information.

          • sourceUrl (string) --

            A URL to the source of the vulnerability information.

          • vendorCreatedAt (datetime) --

            The date and time that this vulnerability was first added to the vendor's database.

          • vendorSeverity (string) --

            The severity the vendor has given to this vulnerability type.

          • vendorUpdatedAt (datetime) --

            The date and time the vendor last updated this vulnerability in their database.

          • vulnerabilityId (string) --

            The ID given to this vulnerability.

          • vulnerablePackages (list) --

            The packages impacted by this vulnerability.

            • (dict) --

              Information on the vulnerable package identified by a finding.

              • arch (string) --

                The architecture of the vulnerable package.

              • epoch (integer) --

                The epoch of the vulnerable package.

              • filePath (string) --

                The file path of the vulnerable package.

              • fixedInVersion (string) --

                The version of the package that contains the vulnerability fix.

              • name (string) --

                The name of the vulnerable package.

              • packageManager (string) --

                The package manager of the vulnerable package.

              • release (string) --

                The release of the vulnerable package.

              • remediation (string) --

                The code to run in your environment to update packages with a fix available.

              • sourceLambdaLayerArn (string) --

                The Amazon Resource Number (ARN) of the AWS Lambda function affected by a finding.

              • sourceLayerHash (string) --

                The source layer hash of the vulnerable package.

              • version (string) --

                The version of the vulnerable package.

        • remediation (dict) --

          An object that contains the details about how to remediate a finding.

          • recommendation (dict) --

            An object that contains information about the recommended course of action to remediate the finding.

            • Url (string) --

              The URL address to the CVE remediation recommendations.

            • text (string) --

              The recommended course of action to remediate the finding.

        • resources (list) --

          Contains information on the resources involved in a finding.

          • (dict) --

            Details about the resource involved in a finding.

            • details (dict) --

              An object that contains details about the resource involved in a finding.

              • awsEc2Instance (dict) --

                An object that contains details about the Amazon EC2 instance involved in the finding.

                • iamInstanceProfileArn (string) --

                  The IAM instance profile ARN of the Amazon EC2 instance.

                • imageId (string) --

                  The image ID of the Amazon EC2 instance.

                • ipV4Addresses (list) --

                  The IPv4 addresses of the Amazon EC2 instance.

                  • (string) --

                • ipV6Addresses (list) --

                  The IPv6 addresses of the Amazon EC2 instance.

                  • (string) --

                • keyName (string) --

                  The name of the key pair used to launch the Amazon EC2 instance.

                • launchedAt (datetime) --

                  The date and time the Amazon EC2 instance was launched at.

                • platform (string) --

                  The platform of the Amazon EC2 instance.

                • subnetId (string) --

                  The subnet ID of the Amazon EC2 instance.

                • type (string) --

                  The type of the Amazon EC2 instance.

                • vpcId (string) --

                  The VPC ID of the Amazon EC2 instance.

              • awsEcrContainerImage (dict) --

                An object that contains details about the Amazon ECR container image involved in the finding.

                • architecture (string) --

                  The architecture of the Amazon ECR container image.

                • author (string) --

                  The image author of the Amazon ECR container image.

                • imageHash (string) --

                  The image hash of the Amazon ECR container image.

                • imageTags (list) --

                  The image tags attached to the Amazon ECR container image.

                  • (string) --

                • platform (string) --

                  The platform of the Amazon ECR container image.

                • pushedAt (datetime) --

                  The date and time the Amazon ECR container image was pushed.

                • registry (string) --

                  The registry for the Amazon ECR container image.

                • repositoryName (string) --

                  The name of the repository the Amazon ECR container image resides in.

              • awsLambdaFunction (dict) --

                A summary of the information about an AWS Lambda function affected by a finding.

                • architectures (list) --

                  The instruction set architecture that the AWS Lambda function supports. Architecture is a string array with one of the valid values. The default architecture value is x86_64.

                  • (string) --

                • codeSha256 (string) --

                  The SHA256 hash of the AWS Lambda function's deployment package.

                • executionRoleArn (string) --

                  The AWS Lambda function's execution role.

                • functionName (string) --

                  The name of the AWS Lambda function.

                • lastModifiedAt (datetime) --

                  The date and time that a user last updated the configuration, in ISO 8601 format

                • layers (list) --

                  The AWS Lambda function's layers. A Lambda function can have up to five layers.

                  • (string) --

                • packageType (string) --

                  The type of deployment package. Set to Image for container image and set Zip for .zip file archive.

                • runtime (string) --

                  The runtime environment for the AWS Lambda function.

                • version (string) --

                  The version of the AWS Lambda function.

                • vpcConfig (dict) --

                  The AWS Lambda function's networking configuration.

                  • securityGroupIds (list) --

                    The VPC security groups and subnets that are attached to an AWS Lambda function. For more information, see VPC Settings.

                    • (string) --

                  • subnetIds (list) --

                    A list of VPC subnet IDs.

                    • (string) --

                  • vpcId (string) --

                    The ID of the VPC.

            • id (string) --

              The ID of the resource.

            • partition (string) --

              The partition of the resource.

            • region (string) --

              The Amazon Web Services Region the impacted resource is located in.

            • tags (dict) --

              The tags attached to the resource.

              • (string) --

                • (string) --

            • type (string) --

              The type of resource.

        • severity (string) --

          The severity of the finding.

        • status (string) --

          The status of the finding.

        • title (string) --

          The title of the finding.

        • type (string) --

          The type of the finding.

        • updatedAt (datetime) --

          The date and time the finding was last updated at.

    • nextToken (string) --

      A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

ListUsageTotals (updated) Link ¶
Changes (response)
{'totals': {'usage': {'type': {'LAMBDA_FUNCTION_CODE_HOURS'}}}}

Lists the Amazon Inspector usage totals over the last 30 days.

See also: AWS API Documentation

Request Syntax

client.list_usage_totals(
    accountIds=[
        'string',
    ],
    maxResults=123,
    nextToken='string'
)
type accountIds:

list

param accountIds:

The Amazon Web Services account IDs to retrieve usage totals for.

  • (string) --

type maxResults:

integer

param maxResults:

The maximum number of results to return in the response.

type nextToken:

string

param nextToken:

A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

rtype:

dict

returns:

Response Syntax

{
    'nextToken': 'string',
    'totals': [
        {
            'accountId': 'string',
            'usage': [
                {
                    'currency': 'USD',
                    'estimatedMonthlyCost': 123.0,
                    'total': 123.0,
                    'type': 'EC2_INSTANCE_HOURS'|'ECR_INITIAL_SCAN'|'ECR_RESCAN'|'LAMBDA_FUNCTION_HOURS'|'LAMBDA_FUNCTION_CODE_HOURS'
                },
            ]
        },
    ]
}

Response Structure

  • (dict) --

    • nextToken (string) --

      The pagination parameter to be used on the next list operation to retrieve more items.

    • totals (list) --

      An object with details on the total usage for the requested account.

      • (dict) --

        The total of usage for an account ID.

        • accountId (string) --

          The account ID of the account that usage data was retrieved for.

        • usage (list) --

          An object representing the total usage for an account.

          • (dict) --

            Contains usage information about the cost of Amazon Inspector operation.

            • currency (string) --

              The currency type used when calculating usage data.

            • estimatedMonthlyCost (float) --

              The estimated monthly cost of Amazon Inspector.

            • total (float) --

              The total of usage.

            • type (string) --

              The type scan.

UpdateFilter (updated) Link ¶
Changes (request)
{'filterCriteria': {'codeVulnerabilityDetectorName': [{'comparison': 'EQUALS | '
                                                                     'PREFIX | '
                                                                     'NOT_EQUALS',
                                                       'value': 'string'}],
                    'codeVulnerabilityDetectorTags': [{'comparison': 'EQUALS | '
                                                                     'PREFIX | '
                                                                     'NOT_EQUALS',
                                                       'value': 'string'}],
                    'codeVulnerabilityFilePath': [{'comparison': 'EQUALS | '
                                                                 'PREFIX | '
                                                                 'NOT_EQUALS',
                                                   'value': 'string'}],
                    'epssScore': [{'lowerInclusive': 'double',
                                   'upperInclusive': 'double'}]}}

Specifies the action that is to be applied to the findings that match the filter.

See also: AWS API Documentation

Request Syntax

client.update_filter(
    action='NONE'|'SUPPRESS',
    description='string',
    filterArn='string',
    filterCriteria={
        'awsAccountId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityFilePath': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceImageId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceSubnetId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceVpcId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageArchitecture': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageHash': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImagePushedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'ecrImageRegistry': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageRepositoryName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'epssScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'exploitAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingStatus': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'firstObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'fixAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'inspectorScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'lambdaFunctionExecutionRoleArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionLastModifiedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'lambdaFunctionLayers': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionRuntime': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lastObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'networkProtocol': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'portRange': [
            {
                'beginInclusive': 123,
                'endInclusive': 123
            },
        ],
        'relatedVulnerabilities': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'resourceType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'severity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'title': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'updatedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'vendorSeverity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilityId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilitySource': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerablePackages': [
            {
                'architecture': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'epoch': {
                    'lowerInclusive': 123.0,
                    'upperInclusive': 123.0
                },
                'name': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'release': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLambdaLayerArn': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLayerHash': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'version': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                }
            },
        ]
    },
    name='string',
    reason='string'
)
type action:

string

param action:

Specifies the action that is to be applied to the findings that match the filter.

type description:

string

param description:

A description of the filter.

type filterArn:

string

param filterArn:

[REQUIRED]

The Amazon Resource Number (ARN) of the filter to update.

type filterCriteria:

dict

param filterCriteria:

Defines the criteria to be update in the filter.

  • awsAccountId (list) --

    Details of the Amazon Web Services account IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityDetectorName (list) --

    The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityDetectorTags (list) --

    The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityFilePath (list) --

    The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • componentId (list) --

    Details of the component IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • componentType (list) --

    Details of the component types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceImageId (list) --

    Details of the Amazon EC2 instance image IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceSubnetId (list) --

    Details of the Amazon EC2 instance subnet IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceVpcId (list) --

    Details of the Amazon EC2 instance VPC IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageArchitecture (list) --

    Details of the Amazon ECR image architecture types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageHash (list) --

    Details of the Amazon ECR image hashes used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImagePushedAt (list) --

    Details on the Amazon ECR image push date and time used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • ecrImageRegistry (list) --

    Details on the Amazon ECR registry used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageRepositoryName (list) --

    Details on the name of the Amazon ECR repository used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageTags (list) --

    The tags attached to the Amazon ECR container image.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • epssScore (list) --

    The EPSS score used to filter findings.

    • (dict) --

      An object that describes the details of a number filter.

      • lowerInclusive (float) --

        The lowest number to be included in the filter.

      • upperInclusive (float) --

        The highest number to be included in the filter.

  • exploitAvailable (list) --

    Filters the list of AWS Lambda findings by the availability of exploits.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingArn (list) --

    Details on the finding ARNs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingStatus (list) --

    Details on the finding status types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingType (list) --

    Details on the finding types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • firstObservedAt (list) --

    Details on the date and time a finding was first seen used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • fixAvailable (list) --

    Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • inspectorScore (list) --

    The Amazon Inspector score to filter on.

    • (dict) --

      An object that describes the details of a number filter.

      • lowerInclusive (float) --

        The lowest number to be included in the filter.

      • upperInclusive (float) --

        The highest number to be included in the filter.

  • lambdaFunctionExecutionRoleArn (list) --

    Filters the list of AWS Lambda functions by execution role.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionLastModifiedAt (list) --

    Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • lambdaFunctionLayers (list) --

    Filters the list of AWS Lambda functions by the function's layers. A Lambda function can have up to five layers.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionName (list) --

    Filters the list of AWS Lambda functions by the name of the function.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionRuntime (list) --

    Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lastObservedAt (list) --

    Details on the date and time a finding was last seen used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • networkProtocol (list) --

    Details on the ingress source addresses used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • portRange (list) --

    Details on the port ranges used to filter findings.

    • (dict) --

      An object that describes the details of a port range filter.

      • beginInclusive (integer) --

        The port number the port range begins at.

      • endInclusive (integer) --

        The port number the port range ends at.

  • relatedVulnerabilities (list) --

    Details on the related vulnerabilities used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • resourceId (list) --

    Details on the resource IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • resourceTags (list) --

    Details on the resource tags used to filter findings.

    • (dict) --

      An object that describes details of a map filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • key (string) -- [REQUIRED]

        The tag key used in the filter.

      • value (string) --

        The tag value used in the filter.

  • resourceType (list) --

    Details on the resource types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • severity (list) --

    Details on the severity used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • title (list) --

    Details on the finding title used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • updatedAt (list) --

    Details on the date and time a finding was last updated at used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • vendorSeverity (list) --

    Details on the vendor severity used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerabilityId (list) --

    Details on the vulnerability ID used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerabilitySource (list) --

    Details on the vulnerability type used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerablePackages (list) --

    Details on the vulnerable packages used to filter findings.

    • (dict) --

      Contains information on the details of a package filter.

      • architecture (dict) --

        An object that contains details on the package architecture type to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • epoch (dict) --

        An object that contains details on the package epoch to filter on.

        • lowerInclusive (float) --

          The lowest number to be included in the filter.

        • upperInclusive (float) --

          The highest number to be included in the filter.

      • name (dict) --

        An object that contains details on the name of the package to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • release (dict) --

        An object that contains details on the package release to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • sourceLambdaLayerArn (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • sourceLayerHash (dict) --

        An object that contains details on the source layer hash to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • version (dict) --

        The package version to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

type name:

string

param name:

The name of the filter.

type reason:

string

param reason:

The reason the filter was updated.

rtype:

dict

returns:

Response Syntax

{
    'arn': 'string'
}

Response Structure

  • (dict) --

    • arn (string) --

      The Amazon Resource Number (ARN) of the successfully updated filter.

UpdateOrganizationConfiguration (updated) Link ¶
Changes (both)
{'autoEnable': {'lambdaCode': 'boolean'}}

Updates the configurations for your Amazon Inspector organization.

See also: AWS API Documentation

Request Syntax

client.update_organization_configuration(
    autoEnable={
        'ec2': True|False,
        'ecr': True|False,
        'lambda': True|False,
        'lambdaCode': True|False
    }
)
type autoEnable:

dict

param autoEnable:

[REQUIRED]

Defines which scan types are enabled automatically for new members of your Amazon Inspector organization.

  • ec2 (boolean) -- [REQUIRED]

    Represents whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.

  • ecr (boolean) -- [REQUIRED]

    Represents whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.

  • lambda (boolean) --

    Represents whether AWS Lambda standard scans are automatically enabled for new members of your Amazon Inspector organization.

  • lambdaCode (boolean) --

    Represents whether AWS Lambda code scans are automatically enabled for new members of your Amazon Inspector organization. </p>

rtype:

dict

returns:

Response Syntax

{
    'autoEnable': {
        'ec2': True|False,
        'ecr': True|False,
        'lambda': True|False,
        'lambdaCode': True|False
    }
}

Response Structure

  • (dict) --

    • autoEnable (dict) --

      The updated status of scan types automatically enabled for new members of your Amazon Inspector organization.

      • ec2 (boolean) --

        Represents whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.

      • ecr (boolean) --

        Represents whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.

      • lambda (boolean) --

        Represents whether AWS Lambda standard scans are automatically enabled for new members of your Amazon Inspector organization.

      • lambdaCode (boolean) --

        Represents whether AWS Lambda code scans are automatically enabled for new members of your Amazon Inspector organization. </p>