AWS CloudFormation

{'ScanFilters': [{'Types': ['string']}]}

Describes details of a resource scan.

See also: AWS API Documentation

Request Syntax

client.describe_resource_scan(
    ResourceScanId='string'
)

type ResourceScanId:

string

param ResourceScanId:

[REQUIRED]

The Amazon Resource Name (ARN) of the resource scan.

rtype:

dict

returns:

Response Syntax

{
    'ResourceScanId': 'string',
    'Status': 'IN_PROGRESS'|'FAILED'|'COMPLETE'|'EXPIRED',
    'StatusReason': 'string',
    'StartTime': datetime(2015, 1, 1),
    'EndTime': datetime(2015, 1, 1),
    'PercentageCompleted': 123.0,
    'ResourceTypes': [
        'string',
    ],
    'ResourcesScanned': 123,
    'ResourcesRead': 123,
    'ScanFilters': [
        {
            'Types': [
                'string',
            ]
        },
    ]
}

Response Structure

• (dict) --

  • ResourceScanId (string) --

    The Amazon Resource Name (ARN) of the resource scan. The format is arn:${Partition}:cloudformation:${Region}:${Account}:resourceScan/${Id}. An example is ``arn:aws:cloudformation:us-east-1:123456789012:resourceScan/f5b490f7-7ed4-428a-aa06-31ff25db0772 ``.

  • Status (string) --

    Status of the resource scan.

    IN_PROGRESS

    The resource scan is still in progress.

    COMPLETE

    The resource scan is complete.

    EXPIRED

    The resource scan has expired.

    FAILED

    The resource scan has failed.

  • StatusReason (string) --

    The reason for the resource scan status, providing more information if a failure happened.

  • StartTime (datetime) --

    The time that the resource scan was started.

  • EndTime (datetime) --

    The time that the resource scan was finished.

  • PercentageCompleted (float) --

    The percentage of the resource scan that has been completed.

  • ResourceTypes (list) --

    The list of resource types for the specified scan. Resource types are only available for scans with a Status set to COMPLETE or ``FAILED ``.

    • (string) --

  • ResourcesScanned (integer) --

    The number of resources that were listed. This is only available for scans with a Status set to COMPLETE, EXPIRED, or ``FAILED ``.

  • ResourcesRead (integer) --

    The number of resources that were read. This is only available for scans with a Status set to COMPLETE, EXPIRED, or FAILED.

  • ScanFilters (list) --

    The scan filters that were used.

    • (dict) --

      A filter that is used to specify which resource types to scan.

      • Types (list) --

        An array of strings where each string represents an Amazon Web Services resource type you want to scan. Each string defines the resource type using the format AWS::ServiceName::ResourceType, for example, AWS::DynamoDB::Table. For the full list of supported resource types, see the Resource type support table in the CloudFormation User Guide.

        To scan all resource types within a service, you can use a wildcard, represented by an asterisk ( *). You can place a asterisk at only the end of the string, for example, AWS::S3::*.

        • (string) --

{'ScanTypeFilter': 'FULL | PARTIAL'}

{'ResourceScanSummaries': {'ScanType': 'FULL | PARTIAL'}}

List the resource scans from newest to oldest. By default it will return up to 10 resource scans.

See also: AWS API Documentation

Request Syntax

client.list_resource_scans(
    NextToken='string',
    MaxResults=123,
    ScanTypeFilter='FULL'|'PARTIAL'
)

type NextToken:

string

param NextToken:

A string that identifies the next page of resource scan results.

type MaxResults:

integer

param MaxResults:

If the number of available results exceeds this maximum, the response includes a NextToken value that you can use for the NextToken parameter to get the next set of results. The default value is 10. The maximum value is 100.

type ScanTypeFilter:

string

param ScanTypeFilter:

The scan type that you want to get summary information about. The default is FULL.

rtype:

dict

returns:

Response Syntax

{
    'ResourceScanSummaries': [
        {
            'ResourceScanId': 'string',
            'Status': 'IN_PROGRESS'|'FAILED'|'COMPLETE'|'EXPIRED',
            'StatusReason': 'string',
            'StartTime': datetime(2015, 1, 1),
            'EndTime': datetime(2015, 1, 1),
            'PercentageCompleted': 123.0,
            'ScanType': 'FULL'|'PARTIAL'
        },
    ],
    'NextToken': 'string'
}

Response Structure

• (dict) --

  • ResourceScanSummaries (list) --

    The list of scans returned.

    • (dict) --

      A summary of the resource scan. This is returned by the ListResourceScan API action.

      • ResourceScanId (string) --

        The Amazon Resource Name (ARN) of the resource scan.

      • Status (string) --

        Status of the resource scan.

        IN_PROGRESS

        The resource scan is still in progress.

        COMPLETE

        The resource scan is complete.

        EXPIRED

        The resource scan has expired.

        FAILED

        The resource scan has failed.

      • StatusReason (string) --

        The reason for the resource scan status, providing more information if a failure happened.

      • StartTime (datetime) --

        The time that the resource scan was started.

      • EndTime (datetime) --

        The time that the resource scan was finished.

      • PercentageCompleted (float) --

        The percentage of the resource scan that has been completed.

      • ScanType (string) --

        The scan type that has been completed.

  • NextToken (string) --

    If the request doesn't return all the remaining results, NextToken is set to a token. To retrieve the next set of results, call ListResourceScans again and use that value for the NextToken parameter. If the request returns all results, NextToken is set to an empty string.

{'ScanFilters': [{'Types': ['string']}]}

Starts a scan of the resources in this account in this Region. You can the status of a scan using the ListResourceScans API action.

See also: AWS API Documentation

Request Syntax

client.start_resource_scan(
    ClientRequestToken='string',
    ScanFilters=[
        {
            'Types': [
                'string',
            ]
        },
    ]
)

type ClientRequestToken:

string

param ClientRequestToken:

A unique identifier for this StartResourceScan request. Specify this token if you plan to retry requests so that CloudFormation knows that you're not attempting to start a new resource scan.

type ScanFilters:

list

param ScanFilters:

The scan filters to use.

• (dict) --

  A filter that is used to specify which resource types to scan.

  • Types (list) --

    An array of strings where each string represents an Amazon Web Services resource type you want to scan. Each string defines the resource type using the format AWS::ServiceName::ResourceType, for example, AWS::DynamoDB::Table. For the full list of supported resource types, see the Resource type support table in the CloudFormation User Guide.

    To scan all resource types within a service, you can use a wildcard, represented by an asterisk ( *). You can place a asterisk at only the end of the string, for example, AWS::S3::*.

    • (string) --

rtype:

dict

returns:

Response Syntax

{
    'ResourceScanId': 'string'
}

Response Structure

• (dict) --

  • ResourceScanId (string) --

    The Amazon Resource Name (ARN) of the resource scan. The format is arn:${Partition}:cloudformation:${Region}:${Account}:resourceScan/${Id}. An example is ``arn:aws:cloudformation:us-east-1:123456789012:resourceScan/f5b490f7-7ed4-428a-aa06-31ff25db0772 ``.