2017/05/16 - Amazon Inspector - 1 new 2 updated api methods
Changes Adds ability to produce an assessment report that includes detailed and comprehensive results of a specified assessment run.
Produces an assessment report that includes detailed and comprehensive results of a specified assessment run.
See also: AWS API Documentation
Request Syntax
client.get_assessment_report(
assessmentRunArn='string',
reportFileFormat='HTML'|'PDF',
reportType='FINDING'|'FULL'
)
string
[REQUIRED]
The ARN that specifies the assessment run for which you want to generate a report.
string
[REQUIRED]
Specifies the file format (html or pdf) of the assessment report that you want to generate.
string
[REQUIRED]
Specifies the type of the assessment report that you want to generate. There are two types of assessment reports: a finding report and a full report. For more information, see Assessment Reports.
dict
Response Syntax
{
'status': 'WORK_IN_PROGRESS'|'FAILED'|'COMPLETED',
'url': 'string'
}
Response Structure
(dict) --
status (string) --
Specifies the status of the request to generate an assessment report.
url (string) --
Specifies the URL where you can find the generated assessment report. This parameter is only returned if the report is successfully generated.
{'assessmentRuns': {'findingCounts': {'Low | Medium | High | Informational | Undefined': 'integer'},
'state': {'START_EVALUATING_RULES_PENDING', 'ERROR'},
'stateChanges': {'state': {'ERROR',
'START_EVALUATING_RULES_PENDING'}}}}
Describes the assessment runs that are specified by the ARNs of the assessment runs.
See also: AWS API Documentation
Request Syntax
client.describe_assessment_runs(
assessmentRunArns=[
'string',
]
)
list
[REQUIRED]
The ARN that specifies the assessment run that you want to describe.
(string) --
dict
Response Syntax
{
'assessmentRuns': [
{
'arn': 'string',
'name': 'string',
'assessmentTemplateArn': 'string',
'state': 'CREATED'|'START_DATA_COLLECTION_PENDING'|'START_DATA_COLLECTION_IN_PROGRESS'|'COLLECTING_DATA'|'STOP_DATA_COLLECTION_PENDING'|'DATA_COLLECTED'|'START_EVALUATING_RULES_PENDING'|'EVALUATING_RULES'|'FAILED'|'ERROR'|'COMPLETED'|'COMPLETED_WITH_ERRORS',
'durationInSeconds': 123,
'rulesPackageArns': [
'string',
],
'userAttributesForFindings': [
{
'key': 'string',
'value': 'string'
},
],
'createdAt': datetime(2015, 1, 1),
'startedAt': datetime(2015, 1, 1),
'completedAt': datetime(2015, 1, 1),
'stateChangedAt': datetime(2015, 1, 1),
'dataCollected': True|False,
'stateChanges': [
{
'stateChangedAt': datetime(2015, 1, 1),
'state': 'CREATED'|'START_DATA_COLLECTION_PENDING'|'START_DATA_COLLECTION_IN_PROGRESS'|'COLLECTING_DATA'|'STOP_DATA_COLLECTION_PENDING'|'DATA_COLLECTED'|'START_EVALUATING_RULES_PENDING'|'EVALUATING_RULES'|'FAILED'|'ERROR'|'COMPLETED'|'COMPLETED_WITH_ERRORS'
},
],
'notifications': [
{
'date': datetime(2015, 1, 1),
'event': 'ASSESSMENT_RUN_STARTED'|'ASSESSMENT_RUN_COMPLETED'|'ASSESSMENT_RUN_STATE_CHANGED'|'FINDING_REPORTED'|'OTHER',
'message': 'string',
'error': True|False,
'snsTopicArn': 'string',
'snsPublishStatusCode': 'SUCCESS'|'TOPIC_DOES_NOT_EXIST'|'ACCESS_DENIED'|'INTERNAL_ERROR'
},
],
'findingCounts': {
'string': 123
}
},
],
'failedItems': {
'string': {
'failureCode': 'INVALID_ARN'|'DUPLICATE_ARN'|'ITEM_DOES_NOT_EXIST'|'ACCESS_DENIED'|'LIMIT_EXCEEDED'|'INTERNAL_ERROR',
'retryable': True|False
}
}
}
Response Structure
(dict) --
assessmentRuns (list) --
Information about the assessment run.
(dict) --
A snapshot of an Amazon Inspector assessment run that contains the findings of the assessment run .
Used as the response element in the DescribeAssessmentRuns action.
arn (string) --
The ARN of the assessment run.
name (string) --
The auto-generated name for the assessment run.
assessmentTemplateArn (string) --
The ARN of the assessment template that is associated with the assessment run.
state (string) --
The state of the assessment run.
durationInSeconds (integer) --
The duration of the assessment run.
rulesPackageArns (list) --
The rules packages selected for the assessment run.
(string) --
userAttributesForFindings (list) --
The user-defined attributes that are assigned to every generated finding.
(dict) --
This data type is used as a request parameter in the AddAttributesToFindings and CreateAssessmentTemplate actions.
key (string) --
The attribute key.
value (string) --
The value assigned to the attribute key.
createdAt (datetime) --
The time when StartAssessmentRun was called.
startedAt (datetime) --
The time when StartAssessmentRun was called.
completedAt (datetime) --
The assessment run completion time that corresponds to the rules packages evaluation completion time or failure.
stateChangedAt (datetime) --
The last time when the assessment run's state changed.
dataCollected (boolean) --
A Boolean value (true or false) that specifies whether the process of collecting data from the agents is completed.
stateChanges (list) --
A list of the assessment run state changes.
(dict) --
Used as one of the elements of the AssessmentRun data type.
stateChangedAt (datetime) --
The last time the assessment run state changed.
state (string) --
The assessment run state.
notifications (list) --
A list of notifications for the event subscriptions. A notification about a particular generated finding is added to this list only once.
(dict) --
Used as one of the elements of the AssessmentRun data type.
date (datetime) --
The date of the notification.
event (string) --
The event for which a notification is sent.
message (string) --
The message included in the notification.
error (boolean) --
The Boolean value that specifies whether the notification represents an error.
snsTopicArn (string) --
The SNS topic to which the SNS notification is sent.
snsPublishStatusCode (string) --
The status code of the SNS notification.
findingCounts (dict) --
Provides a total count of generated findings per severity.
(string) --
(integer) --
failedItems (dict) --
Assessment run details that cannot be described. An error code is provided for each failed item.
(string) --
(dict) --
Includes details about the failed items.
failureCode (string) --
The status code of a failed item.
retryable (boolean) --
Indicates whether you can immediately retry a request for this item for a specified resource.
{'filter': {'states': {'START_EVALUATING_RULES_PENDING', 'ERROR'}}}
Lists the assessment runs that correspond to the assessment templates that are specified by the ARNs of the assessment templates.
See also: AWS API Documentation
Request Syntax
client.list_assessment_runs(
assessmentTemplateArns=[
'string',
],
filter={
'namePattern': 'string',
'states': [
'CREATED'|'START_DATA_COLLECTION_PENDING'|'START_DATA_COLLECTION_IN_PROGRESS'|'COLLECTING_DATA'|'STOP_DATA_COLLECTION_PENDING'|'DATA_COLLECTED'|'START_EVALUATING_RULES_PENDING'|'EVALUATING_RULES'|'FAILED'|'ERROR'|'COMPLETED'|'COMPLETED_WITH_ERRORS',
],
'durationRange': {
'minSeconds': 123,
'maxSeconds': 123
},
'rulesPackageArns': [
'string',
],
'startTimeRange': {
'beginDate': datetime(2015, 1, 1),
'endDate': datetime(2015, 1, 1)
},
'completionTimeRange': {
'beginDate': datetime(2015, 1, 1),
'endDate': datetime(2015, 1, 1)
},
'stateChangeTimeRange': {
'beginDate': datetime(2015, 1, 1),
'endDate': datetime(2015, 1, 1)
}
},
nextToken='string',
maxResults=123
)
list
The ARNs that specify the assessment templates whose assessment runs you want to list.
(string) --
dict
You can use this parameter to specify a subset of data to be included in the action's response.
For a record to match a filter, all specified filter attributes must match. When multiple values are specified for a filter attribute, any of the values can match.
namePattern (string) --
For a record to match a filter, an explicit value or a string containing a wildcard that is specified for this data type property must match the value of the assessmentRunName property of the AssessmentRun data type.
states (list) --
For a record to match a filter, one of the values specified for this data type property must be the exact match of the value of the assessmentRunState property of the AssessmentRun data type.
(string) --
durationRange (dict) --
For a record to match a filter, the value that is specified for this data type property must inclusively match any value between the specified minimum and maximum values of the durationInSeconds property of the AssessmentRun data type.
minSeconds (integer) --
The minimum value of the duration range. Must be greater than zero.
maxSeconds (integer) --
The maximum value of the duration range. Must be less than or equal to 604800 seconds (1 week).
rulesPackageArns (list) --
For a record to match a filter, the value that is specified for this data type property must be contained in the list of values of the rulesPackages property of the AssessmentRun data type.
(string) --
startTimeRange (dict) --
For a record to match a filter, the value that is specified for this data type property must inclusively match any value between the specified minimum and maximum values of the startTime property of the AssessmentRun data type.
beginDate (datetime) --
The minimum value of the timestamp range.
endDate (datetime) --
The maximum value of the timestamp range.
completionTimeRange (dict) --
For a record to match a filter, the value that is specified for this data type property must inclusively match any value between the specified minimum and maximum values of the completedAt property of the AssessmentRun data type.
beginDate (datetime) --
The minimum value of the timestamp range.
endDate (datetime) --
The maximum value of the timestamp range.
stateChangeTimeRange (dict) --
For a record to match a filter, the value that is specified for this data type property must match the stateChangedAt property of the AssessmentRun data type.
beginDate (datetime) --
The minimum value of the timestamp range.
endDate (datetime) --
The maximum value of the timestamp range.
string
You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the ListAssessmentRuns action. Subsequent calls to the action fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
integer
You can use this parameter to indicate the maximum number of items that you want in the response. The default value is 10. The maximum value is 500.
dict
Response Syntax
{
'assessmentRunArns': [
'string',
],
'nextToken': 'string'
}
Response Structure
(dict) --
assessmentRunArns (list) --
A list of ARNs that specifies the assessment runs that are returned by the action.
(string) --
nextToken (string) --
When a response is generated, if there is more data to be listed, this parameter is present in the response and contains the value to use for the nextToken parameter in a subsequent pagination request. If there is no more data to be listed, this parameter is set to null.