Inspector2

2025/03/11 - Inspector2 - 1 updated api methods

Changes  Adding componentArn to network reachability details

ListFindings (updated) Link ΒΆ
Changes (response)
{'findings': {'networkReachabilityDetails': {'networkPath': {'steps': {'componentArn': 'string'}}}}}

Lists findings for your environment.

See also: AWS API Documentation

Request Syntax

client.list_findings(
    filterCriteria={
        'awsAccountId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityFilePath': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceImageId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceSubnetId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceVpcId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageArchitecture': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageHash': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImagePushedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'ecrImageRegistry': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageRepositoryName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'epssScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'exploitAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingStatus': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'firstObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'fixAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'inspectorScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'lambdaFunctionExecutionRoleArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionLastModifiedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'lambdaFunctionLayers': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionRuntime': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lastObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'networkProtocol': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'portRange': [
            {
                'beginInclusive': 123,
                'endInclusive': 123
            },
        ],
        'relatedVulnerabilities': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'resourceType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'severity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'title': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'updatedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'vendorSeverity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilityId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilitySource': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerablePackages': [
            {
                'architecture': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'epoch': {
                    'lowerInclusive': 123.0,
                    'upperInclusive': 123.0
                },
                'filePath': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'name': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'release': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLambdaLayerArn': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLayerHash': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'version': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                }
            },
        ]
    },
    maxResults=123,
    nextToken='string',
    sortCriteria={
        'field': 'AWS_ACCOUNT_ID'|'FINDING_TYPE'|'SEVERITY'|'FIRST_OBSERVED_AT'|'LAST_OBSERVED_AT'|'FINDING_STATUS'|'RESOURCE_TYPE'|'ECR_IMAGE_PUSHED_AT'|'ECR_IMAGE_REPOSITORY_NAME'|'ECR_IMAGE_REGISTRY'|'NETWORK_PROTOCOL'|'COMPONENT_TYPE'|'VULNERABILITY_ID'|'VULNERABILITY_SOURCE'|'INSPECTOR_SCORE'|'VENDOR_SEVERITY'|'EPSS_SCORE',
        'sortOrder': 'ASC'|'DESC'
    }
)
type filterCriteria:

dict

param filterCriteria:

Details on the filters to apply to your finding results.

  • awsAccountId (list) --

    Details of the Amazon Web Services account IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityDetectorName (list) --

    The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityDetectorTags (list) --

    The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • codeVulnerabilityFilePath (list) --

    The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • componentId (list) --

    Details of the component IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • componentType (list) --

    Details of the component types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceImageId (list) --

    Details of the Amazon EC2 instance image IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceSubnetId (list) --

    Details of the Amazon EC2 instance subnet IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ec2InstanceVpcId (list) --

    Details of the Amazon EC2 instance VPC IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageArchitecture (list) --

    Details of the Amazon ECR image architecture types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageHash (list) --

    Details of the Amazon ECR image hashes used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImagePushedAt (list) --

    Details on the Amazon ECR image push date and time used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • ecrImageRegistry (list) --

    Details on the Amazon ECR registry used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageRepositoryName (list) --

    Details on the name of the Amazon ECR repository used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • ecrImageTags (list) --

    The tags attached to the Amazon ECR container image.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • epssScore (list) --

    The EPSS score used to filter findings.

    • (dict) --

      An object that describes the details of a number filter.

      • lowerInclusive (float) --

        The lowest number to be included in the filter.

      • upperInclusive (float) --

        The highest number to be included in the filter.

  • exploitAvailable (list) --

    Filters the list of Amazon Web Services Lambda findings by the availability of exploits.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingArn (list) --

    Details on the finding ARNs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingStatus (list) --

    Details on the finding status types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • findingType (list) --

    Details on the finding types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • firstObservedAt (list) --

    Details on the date and time a finding was first seen used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • fixAvailable (list) --

    Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • inspectorScore (list) --

    The Amazon Inspector score to filter on.

    • (dict) --

      An object that describes the details of a number filter.

      • lowerInclusive (float) --

        The lowest number to be included in the filter.

      • upperInclusive (float) --

        The highest number to be included in the filter.

  • lambdaFunctionExecutionRoleArn (list) --

    Filters the list of Amazon Web Services Lambda functions by execution role.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionLastModifiedAt (list) --

    Filters the list of Amazon Web Services Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • lambdaFunctionLayers (list) --

    Filters the list of Amazon Web Services Lambda functions by the function's layers. A Lambda function can have up to five layers.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionName (list) --

    Filters the list of Amazon Web Services Lambda functions by the name of the function.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lambdaFunctionRuntime (list) --

    Filters the list of Amazon Web Services Lambda functions by the runtime environment for the Lambda function.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • lastObservedAt (list) --

    Details on the date and time a finding was last seen used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • networkProtocol (list) --

    Details on network protocol used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • portRange (list) --

    Details on the port ranges used to filter findings.

    • (dict) --

      An object that describes the details of a port range filter.

      • beginInclusive (integer) --

        The port number the port range begins at.

      • endInclusive (integer) --

        The port number the port range ends at.

  • relatedVulnerabilities (list) --

    Details on the related vulnerabilities used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • resourceId (list) --

    Details on the resource IDs used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • resourceTags (list) --

    Details on the resource tags used to filter findings.

    • (dict) --

      An object that describes details of a map filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • key (string) -- [REQUIRED]

        The tag key used in the filter.

      • value (string) --

        The tag value used in the filter.

  • resourceType (list) --

    Details on the resource types used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • severity (list) --

    Details on the severity used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • title (list) --

    Details on the finding title used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • updatedAt (list) --

    Details on the date and time a finding was last updated at used to filter findings.

    • (dict) --

      Contains details on the time range used to filter findings.

      • endInclusive (datetime) --

        A timestamp representing the end of the time period filtered on.

      • startInclusive (datetime) --

        A timestamp representing the start of the time period filtered on.

  • vendorSeverity (list) --

    Details on the vendor severity used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerabilityId (list) --

    Details on the vulnerability ID used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerabilitySource (list) --

    Details on the vulnerability type used to filter findings.

    • (dict) --

      An object that describes the details of a string filter.

      • comparison (string) -- [REQUIRED]

        The operator to use when comparing values in the filter.

      • value (string) -- [REQUIRED]

        The value to filter on.

  • vulnerablePackages (list) --

    Details on the vulnerable packages used to filter findings.

    • (dict) --

      Contains information on the details of a package filter.

      • architecture (dict) --

        An object that contains details on the package architecture type to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • epoch (dict) --

        An object that contains details on the package epoch to filter on.

        • lowerInclusive (float) --

          The lowest number to be included in the filter.

        • upperInclusive (float) --

          The highest number to be included in the filter.

      • filePath (dict) --

        An object that contains details on the package file path to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • name (dict) --

        An object that contains details on the name of the package to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • release (dict) --

        An object that contains details on the package release to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • sourceLambdaLayerArn (dict) --

        An object that describes the details of a string filter.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • sourceLayerHash (dict) --

        An object that contains details on the source layer hash to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

      • version (dict) --

        The package version to filter on.

        • comparison (string) -- [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) -- [REQUIRED]

          The value to filter on.

type maxResults:

integer

param maxResults:

The maximum number of results the response can return. If your request would return more than the maximum the response will return a nextToken value, use this value when you call the action again to get the remaining results.

type nextToken:

string

param nextToken:

A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. If your response returns more than the maxResults maximum value it will also return a nextToken value. For subsequent calls, use the nextToken value returned from the previous request to continue listing results after the first page.

type sortCriteria:

dict

param sortCriteria:

Details on the sort criteria to apply to your finding results.

  • field (string) -- [REQUIRED]

    The finding detail field by which results are sorted.

  • sortOrder (string) -- [REQUIRED]

    The order by which findings are sorted.

rtype:

dict

returns:

Response Syntax

{
    'findings': [
        {
            'awsAccountId': 'string',
            'codeVulnerabilityDetails': {
                'cwes': [
                    'string',
                ],
                'detectorId': 'string',
                'detectorName': 'string',
                'detectorTags': [
                    'string',
                ],
                'filePath': {
                    'endLine': 123,
                    'fileName': 'string',
                    'filePath': 'string',
                    'startLine': 123
                },
                'referenceUrls': [
                    'string',
                ],
                'ruleId': 'string',
                'sourceLambdaLayerArn': 'string'
            },
            'description': 'string',
            'epss': {
                'score': 123.0
            },
            'exploitAvailable': 'YES'|'NO',
            'exploitabilityDetails': {
                'lastKnownExploitAt': datetime(2015, 1, 1)
            },
            'findingArn': 'string',
            'firstObservedAt': datetime(2015, 1, 1),
            'fixAvailable': 'YES'|'NO'|'PARTIAL',
            'inspectorScore': 123.0,
            'inspectorScoreDetails': {
                'adjustedCvss': {
                    'adjustments': [
                        {
                            'metric': 'string',
                            'reason': 'string'
                        },
                    ],
                    'cvssSource': 'string',
                    'score': 123.0,
                    'scoreSource': 'string',
                    'scoringVector': 'string',
                    'version': 'string'
                }
            },
            'lastObservedAt': datetime(2015, 1, 1),
            'networkReachabilityDetails': {
                'networkPath': {
                    'steps': [
                        {
                            'componentArn': 'string',
                            'componentId': 'string',
                            'componentType': 'string'
                        },
                    ]
                },
                'openPortRange': {
                    'begin': 123,
                    'end': 123
                },
                'protocol': 'TCP'|'UDP'
            },
            'packageVulnerabilityDetails': {
                'cvss': [
                    {
                        'baseScore': 123.0,
                        'scoringVector': 'string',
                        'source': 'string',
                        'version': 'string'
                    },
                ],
                'referenceUrls': [
                    'string',
                ],
                'relatedVulnerabilities': [
                    'string',
                ],
                'source': 'string',
                'sourceUrl': 'string',
                'vendorCreatedAt': datetime(2015, 1, 1),
                'vendorSeverity': 'string',
                'vendorUpdatedAt': datetime(2015, 1, 1),
                'vulnerabilityId': 'string',
                'vulnerablePackages': [
                    {
                        'arch': 'string',
                        'epoch': 123,
                        'filePath': 'string',
                        'fixedInVersion': 'string',
                        'name': 'string',
                        'packageManager': 'BUNDLER'|'CARGO'|'COMPOSER'|'NPM'|'NUGET'|'PIPENV'|'POETRY'|'YARN'|'GOBINARY'|'GOMOD'|'JAR'|'OS'|'PIP'|'PYTHONPKG'|'NODEPKG'|'POM'|'GEMSPEC'|'DOTNET_CORE',
                        'release': 'string',
                        'remediation': 'string',
                        'sourceLambdaLayerArn': 'string',
                        'sourceLayerHash': 'string',
                        'version': 'string'
                    },
                ]
            },
            'remediation': {
                'recommendation': {
                    'Url': 'string',
                    'text': 'string'
                }
            },
            'resources': [
                {
                    'details': {
                        'awsEc2Instance': {
                            'iamInstanceProfileArn': 'string',
                            'imageId': 'string',
                            'ipV4Addresses': [
                                'string',
                            ],
                            'ipV6Addresses': [
                                'string',
                            ],
                            'keyName': 'string',
                            'launchedAt': datetime(2015, 1, 1),
                            'platform': 'string',
                            'subnetId': 'string',
                            'type': 'string',
                            'vpcId': 'string'
                        },
                        'awsEcrContainerImage': {
                            'architecture': 'string',
                            'author': 'string',
                            'imageHash': 'string',
                            'imageTags': [
                                'string',
                            ],
                            'platform': 'string',
                            'pushedAt': datetime(2015, 1, 1),
                            'registry': 'string',
                            'repositoryName': 'string'
                        },
                        'awsLambdaFunction': {
                            'architectures': [
                                'X86_64'|'ARM64',
                            ],
                            'codeSha256': 'string',
                            'executionRoleArn': 'string',
                            'functionName': 'string',
                            'lastModifiedAt': datetime(2015, 1, 1),
                            'layers': [
                                'string',
                            ],
                            'packageType': 'IMAGE'|'ZIP',
                            'runtime': 'NODEJS'|'NODEJS_12_X'|'NODEJS_14_X'|'NODEJS_16_X'|'JAVA_8'|'JAVA_8_AL2'|'JAVA_11'|'PYTHON_3_7'|'PYTHON_3_8'|'PYTHON_3_9'|'UNSUPPORTED'|'NODEJS_18_X'|'GO_1_X'|'JAVA_17'|'PYTHON_3_10'|'PYTHON_3_11'|'DOTNETCORE_3_1'|'DOTNET_6'|'DOTNET_7'|'RUBY_2_7'|'RUBY_3_2',
                            'version': 'string',
                            'vpcConfig': {
                                'securityGroupIds': [
                                    'string',
                                ],
                                'subnetIds': [
                                    'string',
                                ],
                                'vpcId': 'string'
                            }
                        }
                    },
                    'id': 'string',
                    'partition': 'string',
                    'region': 'string',
                    'tags': {
                        'string': 'string'
                    },
                    'type': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY'|'AWS_LAMBDA_FUNCTION'
                },
            ],
            'severity': 'INFORMATIONAL'|'LOW'|'MEDIUM'|'HIGH'|'CRITICAL'|'UNTRIAGED',
            'status': 'ACTIVE'|'SUPPRESSED'|'CLOSED',
            'title': 'string',
            'type': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY'|'CODE_VULNERABILITY',
            'updatedAt': datetime(2015, 1, 1)
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • findings (list) --

      Contains details on the findings in your environment.

      • (dict) --

        Details about an Amazon Inspector finding.

        • awsAccountId (string) --

          The Amazon Web Services account ID associated with the finding.

        • codeVulnerabilityDetails (dict) --

          Details about the code vulnerability identified in a Lambda function used to filter findings.

          • cwes (list) --

            The Common Weakness Enumeration (CWE) item associated with the detected vulnerability.

            • (string) --

          • detectorId (string) --

            The ID for the Amazon CodeGuru detector associated with the finding. For more information on detectors see Amazon CodeGuru Detector Library.

          • detectorName (string) --

            The name of the detector used to identify the code vulnerability. For more information on detectors see CodeGuru Detector Library.

          • detectorTags (list) --

            The detector tag associated with the vulnerability. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.

            • (string) --

          • filePath (dict) --

            Contains information on where the code vulnerability is located in your code.

            • endLine (integer) --

              The line number of the last line of code that a vulnerability was found in.

            • fileName (string) --

              The name of the file the code vulnerability was found in.

            • filePath (string) --

              The file path to the code that a vulnerability was found in.

            • startLine (integer) --

              The line number of the first line of code that a vulnerability was found in.

          • referenceUrls (list) --

            A URL containing supporting documentation about the code vulnerability detected.

            • (string) --

          • ruleId (string) --

            The identifier for a rule that was used to detect the code vulnerability.

          • sourceLambdaLayerArn (string) --

            The Amazon Resource Name (ARN) of the Lambda layer that the code vulnerability was detected in.

        • description (string) --

          The description of the finding.

        • epss (dict) --

          The finding's EPSS score.

          • score (float) --

            The EPSS score.

        • exploitAvailable (string) --

          If a finding discovered in your environment has an exploit available.

        • exploitabilityDetails (dict) --

          The details of an exploit available for a finding discovered in your environment.

          • lastKnownExploitAt (datetime) --

            The date and time of the last exploit associated with a finding discovered in your environment.

        • findingArn (string) --

          The Amazon Resource Number (ARN) of the finding.

        • firstObservedAt (datetime) --

          The date and time that the finding was first observed.

        • fixAvailable (string) --

          Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.

        • inspectorScore (float) --

          The Amazon Inspector score given to the finding.

        • inspectorScoreDetails (dict) --

          An object that contains details of the Amazon Inspector score.

          • adjustedCvss (dict) --

            An object that contains details about the CVSS score given to a finding.

            • adjustments (list) --

              An object that contains details about adjustment Amazon Inspector made to the CVSS score.

              • (dict) --

                Details on adjustments Amazon Inspector made to the CVSS score for a finding.

                • metric (string) --

                  The metric used to adjust the CVSS score.

                • reason (string) --

                  The reason the CVSS score has been adjustment.

            • cvssSource (string) --

              The source of the CVSS data.

            • score (float) --

              The CVSS score.

            • scoreSource (string) --

              The source for the CVSS score.

            • scoringVector (string) --

              The vector for the CVSS score.

            • version (string) --

              The CVSS version used in scoring.

        • lastObservedAt (datetime) --

          The date and time the finding was last observed. This timestamp for this field remains unchanged until a finding is updated.

        • networkReachabilityDetails (dict) --

          An object that contains the details of a network reachability finding.

          • networkPath (dict) --

            An object that contains details about a network path associated with a finding.

            • steps (list) --

              The details on the steps in the network path.

              • (dict) --

                Details about the step associated with a finding.

                • componentArn (string) --

                  The component ARN. The ARN can be null and is not displayed in the Amazon Web Services console.

                • componentId (string) --

                  The component ID.

                • componentType (string) --

                  The component type.

          • openPortRange (dict) --

            An object that contains details about the open port range associated with a finding.

            • begin (integer) --

              The beginning port in a port range.

            • end (integer) --

              The ending port in a port range.

          • protocol (string) --

            The protocol associated with a finding.

        • packageVulnerabilityDetails (dict) --

          An object that contains the details of a package vulnerability finding.

          • cvss (list) --

            An object that contains details about the CVSS score of a finding.

            • (dict) --

              The CVSS score for a finding.

              • baseScore (float) --

                The base CVSS score used for the finding.

              • scoringVector (string) --

                The vector string of the CVSS score.

              • source (string) --

                The source of the CVSS score.

              • version (string) --

                The version of CVSS used for the score.

          • referenceUrls (list) --

            One or more URLs that contain details about this vulnerability type.

            • (string) --

          • relatedVulnerabilities (list) --

            One or more vulnerabilities related to the one identified in this finding.

            • (string) --

          • source (string) --

            The source of the vulnerability information.

          • sourceUrl (string) --

            A URL to the source of the vulnerability information.

          • vendorCreatedAt (datetime) --

            The date and time that this vulnerability was first added to the vendor's database.

          • vendorSeverity (string) --

            The severity the vendor has given to this vulnerability type.

          • vendorUpdatedAt (datetime) --

            The date and time the vendor last updated this vulnerability in their database.

          • vulnerabilityId (string) --

            The ID given to this vulnerability.

          • vulnerablePackages (list) --

            The packages impacted by this vulnerability.

            • (dict) --

              Information on the vulnerable package identified by a finding.

              • arch (string) --

                The architecture of the vulnerable package.

              • epoch (integer) --

                The epoch of the vulnerable package.

              • filePath (string) --

                The file path of the vulnerable package.

              • fixedInVersion (string) --

                The version of the package that contains the vulnerability fix.

              • name (string) --

                The name of the vulnerable package.

              • packageManager (string) --

                The package manager of the vulnerable package.

              • release (string) --

                The release of the vulnerable package.

              • remediation (string) --

                The code to run in your environment to update packages with a fix available.

              • sourceLambdaLayerArn (string) --

                The Amazon Resource Number (ARN) of the Amazon Web Services Lambda function affected by a finding.

              • sourceLayerHash (string) --

                The source layer hash of the vulnerable package.

              • version (string) --

                The version of the vulnerable package.

        • remediation (dict) --

          An object that contains the details about how to remediate a finding.

          • recommendation (dict) --

            An object that contains information about the recommended course of action to remediate the finding.

            • Url (string) --

              The URL address to the CVE remediation recommendations.

            • text (string) --

              The recommended course of action to remediate the finding.

        • resources (list) --

          Contains information on the resources involved in a finding. The resource value determines the valid values for type in your request. For more information, see Finding types in the Amazon Inspector user guide.

          • (dict) --

            Details about the resource involved in a finding.

            • details (dict) --

              An object that contains details about the resource involved in a finding.

              • awsEc2Instance (dict) --

                An object that contains details about the Amazon EC2 instance involved in the finding.

                • iamInstanceProfileArn (string) --

                  The IAM instance profile ARN of the Amazon EC2 instance.

                • imageId (string) --

                  The image ID of the Amazon EC2 instance.

                • ipV4Addresses (list) --

                  The IPv4 addresses of the Amazon EC2 instance.

                  • (string) --

                • ipV6Addresses (list) --

                  The IPv6 addresses of the Amazon EC2 instance.

                  • (string) --

                • keyName (string) --

                  The name of the key pair used to launch the Amazon EC2 instance.

                • launchedAt (datetime) --

                  The date and time the Amazon EC2 instance was launched at.

                • platform (string) --

                  The platform of the Amazon EC2 instance.

                • subnetId (string) --

                  The subnet ID of the Amazon EC2 instance.

                • type (string) --

                  The type of the Amazon EC2 instance.

                • vpcId (string) --

                  The VPC ID of the Amazon EC2 instance.

              • awsEcrContainerImage (dict) --

                An object that contains details about the Amazon ECR container image involved in the finding.

                • architecture (string) --

                  The architecture of the Amazon ECR container image.

                • author (string) --

                  The image author of the Amazon ECR container image.

                • imageHash (string) --

                  The image hash of the Amazon ECR container image.

                • imageTags (list) --

                  The image tags attached to the Amazon ECR container image.

                  • (string) --

                • platform (string) --

                  The platform of the Amazon ECR container image.

                • pushedAt (datetime) --

                  The date and time the Amazon ECR container image was pushed.

                • registry (string) --

                  The registry for the Amazon ECR container image.

                • repositoryName (string) --

                  The name of the repository the Amazon ECR container image resides in.

              • awsLambdaFunction (dict) --

                A summary of the information about an Amazon Web Services Lambda function affected by a finding.

                • architectures (list) --

                  The instruction set architecture that the Amazon Web Services Lambda function supports. Architecture is a string array with one of the valid values. The default architecture value is x86_64.

                  • (string) --

                • codeSha256 (string) --

                  The SHA256 hash of the Amazon Web Services Lambda function's deployment package.

                • executionRoleArn (string) --

                  The Amazon Web Services Lambda function's execution role.

                • functionName (string) --

                  The name of the Amazon Web Services Lambda function.

                • lastModifiedAt (datetime) --

                  The date and time that a user last updated the configuration, in ISO 8601 format

                • layers (list) --

                  The Amazon Web Services Lambda function's layers. A Lambda function can have up to five layers.

                  • (string) --

                • packageType (string) --

                  The type of deployment package. Set to Image for container image and set Zip for .zip file archive.

                • runtime (string) --

                  The runtime environment for the Amazon Web Services Lambda function.

                • version (string) --

                  The version of the Amazon Web Services Lambda function.

                • vpcConfig (dict) --

                  The Amazon Web Services Lambda function's networking configuration.

                  • securityGroupIds (list) --

                    The VPC security groups and subnets that are attached to an Amazon Web Services Lambda function. For more information, see VPC Settings.

                    • (string) --

                  • subnetIds (list) --

                    A list of VPC subnet IDs.

                    • (string) --

                  • vpcId (string) --

                    The ID of the VPC.

            • id (string) --

              The ID of the resource.

            • partition (string) --

              The partition of the resource.

            • region (string) --

              The Amazon Web Services Region the impacted resource is located in.

            • tags (dict) --

              The tags attached to the resource.

              • (string) --

                • (string) --

            • type (string) --

              The type of resource.

        • severity (string) --

          The severity of the finding. UNTRIAGED applies to PACKAGE_VULNERABILITY type findings that the vendor has not assigned a severity yet. For more information, see Severity levels for findings in the Amazon Inspector user guide.

        • status (string) --

          The status of the finding.

        • title (string) --

          The title of the finding.

        • type (string) --

          The type of the finding. The type value determines the valid values for resource in your request. For more information, see Finding types in the Amazon Inspector user guide.

        • updatedAt (datetime) --

          The date and time the finding was last updated at.

    • nextToken (string) --

      A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.