Inspector2 / Client / list_findings

list_findings#

Inspector2.Client.list_findings(**kwargs)#

Lists findings for your environment.

See also: AWS API Documentation

Request Syntax

response = client.list_findings(
    filterCriteria={
        'awsAccountId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityDetectorTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'codeVulnerabilityFilePath': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'componentType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceImageId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceSubnetId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ec2InstanceVpcId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageArchitecture': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageHash': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImagePushedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'ecrImageRegistry': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageRepositoryName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'ecrImageTags': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'epssScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'exploitAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingStatus': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'findingType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'firstObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'fixAvailable': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'inspectorScore': [
            {
                'lowerInclusive': 123.0,
                'upperInclusive': 123.0
            },
        ],
        'lambdaFunctionExecutionRoleArn': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionLastModifiedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'lambdaFunctionLayers': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionName': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lambdaFunctionRuntime': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'lastObservedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'networkProtocol': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'portRange': [
            {
                'beginInclusive': 123,
                'endInclusive': 123
            },
        ],
        'relatedVulnerabilities': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'resourceTags': [
            {
                'comparison': 'EQUALS',
                'key': 'string',
                'value': 'string'
            },
        ],
        'resourceType': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'severity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'title': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'updatedAt': [
            {
                'endInclusive': datetime(2015, 1, 1),
                'startInclusive': datetime(2015, 1, 1)
            },
        ],
        'vendorSeverity': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilityId': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerabilitySource': [
            {
                'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                'value': 'string'
            },
        ],
        'vulnerablePackages': [
            {
                'architecture': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'epoch': {
                    'lowerInclusive': 123.0,
                    'upperInclusive': 123.0
                },
                'name': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'release': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLambdaLayerArn': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'sourceLayerHash': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                },
                'version': {
                    'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
                    'value': 'string'
                }
            },
        ]
    },
    maxResults=123,
    nextToken='string',
    sortCriteria={
        'field': 'AWS_ACCOUNT_ID'|'FINDING_TYPE'|'SEVERITY'|'FIRST_OBSERVED_AT'|'LAST_OBSERVED_AT'|'FINDING_STATUS'|'RESOURCE_TYPE'|'ECR_IMAGE_PUSHED_AT'|'ECR_IMAGE_REPOSITORY_NAME'|'ECR_IMAGE_REGISTRY'|'NETWORK_PROTOCOL'|'COMPONENT_TYPE'|'VULNERABILITY_ID'|'VULNERABILITY_SOURCE'|'INSPECTOR_SCORE'|'VENDOR_SEVERITY'|'EPSS_SCORE',
        'sortOrder': 'ASC'|'DESC'
    }
)
Parameters:
  • filterCriteria (dict) –

    Details on the filters to apply to your finding results.

    • awsAccountId (list) –

      Details of the Amazon Web Services account IDs used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • codeVulnerabilityDetectorName (list) –

      The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • codeVulnerabilityDetectorTags (list) –

      The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • codeVulnerabilityFilePath (list) –

      The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • componentId (list) –

      Details of the component IDs used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • componentType (list) –

      Details of the component types used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • ec2InstanceImageId (list) –

      Details of the Amazon EC2 instance image IDs used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • ec2InstanceSubnetId (list) –

      Details of the Amazon EC2 instance subnet IDs used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • ec2InstanceVpcId (list) –

      Details of the Amazon EC2 instance VPC IDs used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • ecrImageArchitecture (list) –

      Details of the Amazon ECR image architecture types used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • ecrImageHash (list) –

      Details of the Amazon ECR image hashes used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • ecrImagePushedAt (list) –

      Details on the Amazon ECR image push date and time used to filter findings.

      • (dict) –

        Contains details on the time range used to filter findings.

        • endInclusive (datetime) –

          A timestamp representing the end of the time period filtered on.

        • startInclusive (datetime) –

          A timestamp representing the start of the time period filtered on.

    • ecrImageRegistry (list) –

      Details on the Amazon ECR registry used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • ecrImageRepositoryName (list) –

      Details on the name of the Amazon ECR repository used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • ecrImageTags (list) –

      The tags attached to the Amazon ECR container image.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • epssScore (list) –

      The EPSS score used to filter findings.

      • (dict) –

        An object that describes the details of a number filter.

        • lowerInclusive (float) –

          The lowest number to be included in the filter.

        • upperInclusive (float) –

          The highest number to be included in the filter.

    • exploitAvailable (list) –

      Filters the list of Amazon Web Services Lambda findings by the availability of exploits.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • findingArn (list) –

      Details on the finding ARNs used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • findingStatus (list) –

      Details on the finding status types used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • findingType (list) –

      Details on the finding types used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • firstObservedAt (list) –

      Details on the date and time a finding was first seen used to filter findings.

      • (dict) –

        Contains details on the time range used to filter findings.

        • endInclusive (datetime) –

          A timestamp representing the end of the time period filtered on.

        • startInclusive (datetime) –

          A timestamp representing the start of the time period filtered on.

    • fixAvailable (list) –

      Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • inspectorScore (list) –

      The Amazon Inspector score to filter on.

      • (dict) –

        An object that describes the details of a number filter.

        • lowerInclusive (float) –

          The lowest number to be included in the filter.

        • upperInclusive (float) –

          The highest number to be included in the filter.

    • lambdaFunctionExecutionRoleArn (list) –

      Filters the list of Amazon Web Services Lambda functions by execution role.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • lambdaFunctionLastModifiedAt (list) –

      Filters the list of Amazon Web Services Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format

      • (dict) –

        Contains details on the time range used to filter findings.

        • endInclusive (datetime) –

          A timestamp representing the end of the time period filtered on.

        • startInclusive (datetime) –

          A timestamp representing the start of the time period filtered on.

    • lambdaFunctionLayers (list) –

      Filters the list of Amazon Web Services Lambda functions by the function’s layers. A Lambda function can have up to five layers.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • lambdaFunctionName (list) –

      Filters the list of Amazon Web Services Lambda functions by the name of the function.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • lambdaFunctionRuntime (list) –

      Filters the list of Amazon Web Services Lambda functions by the runtime environment for the Lambda function.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • lastObservedAt (list) –

      Details on the date and time a finding was last seen used to filter findings.

      • (dict) –

        Contains details on the time range used to filter findings.

        • endInclusive (datetime) –

          A timestamp representing the end of the time period filtered on.

        • startInclusive (datetime) –

          A timestamp representing the start of the time period filtered on.

    • networkProtocol (list) –

      Details on network protocol used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • portRange (list) –

      Details on the port ranges used to filter findings.

      • (dict) –

        An object that describes the details of a port range filter.

        • beginInclusive (integer) –

          The port number the port range begins at.

        • endInclusive (integer) –

          The port number the port range ends at.

    • relatedVulnerabilities (list) –

      Details on the related vulnerabilities used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • resourceId (list) –

      Details on the resource IDs used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • resourceTags (list) –

      Details on the resource tags used to filter findings.

      • (dict) –

        An object that describes details of a map filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • key (string) – [REQUIRED]

          The tag key used in the filter.

        • value (string) –

          The tag value used in the filter.

    • resourceType (list) –

      Details on the resource types used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • severity (list) –

      Details on the severity used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • title (list) –

      Details on the finding title used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • updatedAt (list) –

      Details on the date and time a finding was last updated at used to filter findings.

      • (dict) –

        Contains details on the time range used to filter findings.

        • endInclusive (datetime) –

          A timestamp representing the end of the time period filtered on.

        • startInclusive (datetime) –

          A timestamp representing the start of the time period filtered on.

    • vendorSeverity (list) –

      Details on the vendor severity used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • vulnerabilityId (list) –

      Details on the vulnerability ID used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • vulnerabilitySource (list) –

      Details on the vulnerability type used to filter findings.

      • (dict) –

        An object that describes the details of a string filter.

        • comparison (string) – [REQUIRED]

          The operator to use when comparing values in the filter.

        • value (string) – [REQUIRED]

          The value to filter on.

    • vulnerablePackages (list) –

      Details on the vulnerable packages used to filter findings.

      • (dict) –

        Contains information on the details of a package filter.

        • architecture (dict) –

          An object that contains details on the package architecture type to filter on.

          • comparison (string) – [REQUIRED]

            The operator to use when comparing values in the filter.

          • value (string) – [REQUIRED]

            The value to filter on.

        • epoch (dict) –

          An object that contains details on the package epoch to filter on.

          • lowerInclusive (float) –

            The lowest number to be included in the filter.

          • upperInclusive (float) –

            The highest number to be included in the filter.

        • name (dict) –

          An object that contains details on the name of the package to filter on.

          • comparison (string) – [REQUIRED]

            The operator to use when comparing values in the filter.

          • value (string) – [REQUIRED]

            The value to filter on.

        • release (dict) –

          An object that contains details on the package release to filter on.

          • comparison (string) – [REQUIRED]

            The operator to use when comparing values in the filter.

          • value (string) – [REQUIRED]

            The value to filter on.

        • sourceLambdaLayerArn (dict) –

          An object that describes the details of a string filter.

          • comparison (string) – [REQUIRED]

            The operator to use when comparing values in the filter.

          • value (string) – [REQUIRED]

            The value to filter on.

        • sourceLayerHash (dict) –

          An object that contains details on the source layer hash to filter on.

          • comparison (string) – [REQUIRED]

            The operator to use when comparing values in the filter.

          • value (string) – [REQUIRED]

            The value to filter on.

        • version (dict) –

          The package version to filter on.

          • comparison (string) – [REQUIRED]

            The operator to use when comparing values in the filter.

          • value (string) – [REQUIRED]

            The value to filter on.

  • maxResults (integer) – The maximum number of results the response can return. If your request would return more than the maximum the response will return a nextToken value, use this value when you call the action again to get the remaining results.

  • nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. If your response returns more than the maxResults maximum value it will also return a nextToken value. For subsequent calls, use the nextToken value returned from the previous request to continue listing results after the first page.

  • sortCriteria (dict) –

    Details on the sort criteria to apply to your finding results.

    • field (string) – [REQUIRED]

      The finding detail field by which results are sorted.

    • sortOrder (string) – [REQUIRED]

      The order by which findings are sorted.

Return type:

dict

Returns:

Response Syntax

{
    'findings': [
        {
            'awsAccountId': 'string',
            'codeVulnerabilityDetails': {
                'cwes': [
                    'string',
                ],
                'detectorId': 'string',
                'detectorName': 'string',
                'detectorTags': [
                    'string',
                ],
                'filePath': {
                    'endLine': 123,
                    'fileName': 'string',
                    'filePath': 'string',
                    'startLine': 123
                },
                'referenceUrls': [
                    'string',
                ],
                'ruleId': 'string',
                'sourceLambdaLayerArn': 'string'
            },
            'description': 'string',
            'epss': {
                'score': 123.0
            },
            'exploitAvailable': 'YES'|'NO',
            'exploitabilityDetails': {
                'lastKnownExploitAt': datetime(2015, 1, 1)
            },
            'findingArn': 'string',
            'firstObservedAt': datetime(2015, 1, 1),
            'fixAvailable': 'YES'|'NO'|'PARTIAL',
            'inspectorScore': 123.0,
            'inspectorScoreDetails': {
                'adjustedCvss': {
                    'adjustments': [
                        {
                            'metric': 'string',
                            'reason': 'string'
                        },
                    ],
                    'cvssSource': 'string',
                    'score': 123.0,
                    'scoreSource': 'string',
                    'scoringVector': 'string',
                    'version': 'string'
                }
            },
            'lastObservedAt': datetime(2015, 1, 1),
            'networkReachabilityDetails': {
                'networkPath': {
                    'steps': [
                        {
                            'componentId': 'string',
                            'componentType': 'string'
                        },
                    ]
                },
                'openPortRange': {
                    'begin': 123,
                    'end': 123
                },
                'protocol': 'TCP'|'UDP'
            },
            'packageVulnerabilityDetails': {
                'cvss': [
                    {
                        'baseScore': 123.0,
                        'scoringVector': 'string',
                        'source': 'string',
                        'version': 'string'
                    },
                ],
                'referenceUrls': [
                    'string',
                ],
                'relatedVulnerabilities': [
                    'string',
                ],
                'source': 'string',
                'sourceUrl': 'string',
                'vendorCreatedAt': datetime(2015, 1, 1),
                'vendorSeverity': 'string',
                'vendorUpdatedAt': datetime(2015, 1, 1),
                'vulnerabilityId': 'string',
                'vulnerablePackages': [
                    {
                        'arch': 'string',
                        'epoch': 123,
                        'filePath': 'string',
                        'fixedInVersion': 'string',
                        'name': 'string',
                        'packageManager': 'BUNDLER'|'CARGO'|'COMPOSER'|'NPM'|'NUGET'|'PIPENV'|'POETRY'|'YARN'|'GOBINARY'|'GOMOD'|'JAR'|'OS'|'PIP'|'PYTHONPKG'|'NODEPKG'|'POM'|'GEMSPEC',
                        'release': 'string',
                        'remediation': 'string',
                        'sourceLambdaLayerArn': 'string',
                        'sourceLayerHash': 'string',
                        'version': 'string'
                    },
                ]
            },
            'remediation': {
                'recommendation': {
                    'Url': 'string',
                    'text': 'string'
                }
            },
            'resources': [
                {
                    'details': {
                        'awsEc2Instance': {
                            'iamInstanceProfileArn': 'string',
                            'imageId': 'string',
                            'ipV4Addresses': [
                                'string',
                            ],
                            'ipV6Addresses': [
                                'string',
                            ],
                            'keyName': 'string',
                            'launchedAt': datetime(2015, 1, 1),
                            'platform': 'string',
                            'subnetId': 'string',
                            'type': 'string',
                            'vpcId': 'string'
                        },
                        'awsEcrContainerImage': {
                            'architecture': 'string',
                            'author': 'string',
                            'imageHash': 'string',
                            'imageTags': [
                                'string',
                            ],
                            'platform': 'string',
                            'pushedAt': datetime(2015, 1, 1),
                            'registry': 'string',
                            'repositoryName': 'string'
                        },
                        'awsLambdaFunction': {
                            'architectures': [
                                'X86_64'|'ARM64',
                            ],
                            'codeSha256': 'string',
                            'executionRoleArn': 'string',
                            'functionName': 'string',
                            'lastModifiedAt': datetime(2015, 1, 1),
                            'layers': [
                                'string',
                            ],
                            'packageType': 'IMAGE'|'ZIP',
                            'runtime': 'NODEJS'|'NODEJS_12_X'|'NODEJS_14_X'|'NODEJS_16_X'|'JAVA_8'|'JAVA_8_AL2'|'JAVA_11'|'PYTHON_3_7'|'PYTHON_3_8'|'PYTHON_3_9'|'UNSUPPORTED'|'NODEJS_18_X'|'GO_1_X'|'JAVA_17'|'PYTHON_3_10',
                            'version': 'string',
                            'vpcConfig': {
                                'securityGroupIds': [
                                    'string',
                                ],
                                'subnetIds': [
                                    'string',
                                ],
                                'vpcId': 'string'
                            }
                        }
                    },
                    'id': 'string',
                    'partition': 'string',
                    'region': 'string',
                    'tags': {
                        'string': 'string'
                    },
                    'type': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY'|'AWS_LAMBDA_FUNCTION'
                },
            ],
            'severity': 'INFORMATIONAL'|'LOW'|'MEDIUM'|'HIGH'|'CRITICAL'|'UNTRIAGED',
            'status': 'ACTIVE'|'SUPPRESSED'|'CLOSED',
            'title': 'string',
            'type': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY'|'CODE_VULNERABILITY',
            'updatedAt': datetime(2015, 1, 1)
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) –

    • findings (list) –

      Contains details on the findings in your environment.

      • (dict) –

        Details about an Amazon Inspector finding.

        • awsAccountId (string) –

          The Amazon Web Services account ID associated with the finding.

        • codeVulnerabilityDetails (dict) –

          Details about the code vulnerability identified in a Lambda function used to filter findings.

          • cwes (list) –

            The Common Weakness Enumeration (CWE) item associated with the detected vulnerability.

            • (string) –

          • detectorId (string) –

            The ID for the Amazon CodeGuru detector associated with the finding. For more information on detectors see Amazon CodeGuru Detector Library.

          • detectorName (string) –

            The name of the detector used to identify the code vulnerability. For more information on detectors see CodeGuru Detector Library.

          • detectorTags (list) –

            The detector tag associated with the vulnerability. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.

            • (string) –

          • filePath (dict) –

            Contains information on where the code vulnerability is located in your code.

            • endLine (integer) –

              The line number of the last line of code that a vulnerability was found in.

            • fileName (string) –

              The name of the file the code vulnerability was found in.

            • filePath (string) –

              The file path to the code that a vulnerability was found in.

            • startLine (integer) –

              The line number of the first line of code that a vulnerability was found in.

          • referenceUrls (list) –

            A URL containing supporting documentation about the code vulnerability detected.

            • (string) –

          • ruleId (string) –

            The identifier for a rule that was used to detect the code vulnerability.

          • sourceLambdaLayerArn (string) –

            The Amazon Resource Name (ARN) of the Lambda layer that the code vulnerability was detected in.

        • description (string) –

          The description of the finding.

        • epss (dict) –

          The finding’s EPSS score.

          • score (float) –

            The EPSS score.

        • exploitAvailable (string) –

          If a finding discovered in your environment has an exploit available.

        • exploitabilityDetails (dict) –

          The details of an exploit available for a finding discovered in your environment.

          • lastKnownExploitAt (datetime) –

            The date and time of the last exploit associated with a finding discovered in your environment.

        • findingArn (string) –

          The Amazon Resource Number (ARN) of the finding.

        • firstObservedAt (datetime) –

          The date and time that the finding was first observed.

        • fixAvailable (string) –

          Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.

        • inspectorScore (float) –

          The Amazon Inspector score given to the finding.

        • inspectorScoreDetails (dict) –

          An object that contains details of the Amazon Inspector score.

          • adjustedCvss (dict) –

            An object that contains details about the CVSS score given to a finding.

            • adjustments (list) –

              An object that contains details about adjustment Amazon Inspector made to the CVSS score.

              • (dict) –

                Details on adjustments Amazon Inspector made to the CVSS score for a finding.

                • metric (string) –

                  The metric used to adjust the CVSS score.

                • reason (string) –

                  The reason the CVSS score has been adjustment.

            • cvssSource (string) –

              The source of the CVSS data.

            • score (float) –

              The CVSS score.

            • scoreSource (string) –

              The source for the CVSS score.

            • scoringVector (string) –

              The vector for the CVSS score.

            • version (string) –

              The CVSS version used in scoring.

        • lastObservedAt (datetime) –

          The date and time the finding was last observed. This timestamp for this field remains unchanged until a finding is updated.

        • networkReachabilityDetails (dict) –

          An object that contains the details of a network reachability finding.

          • networkPath (dict) –

            An object that contains details about a network path associated with a finding.

            • steps (list) –

              The details on the steps in the network path.

              • (dict) –

                Details about the step associated with a finding.

                • componentId (string) –

                  The component ID.

                • componentType (string) –

                  The component type.

          • openPortRange (dict) –

            An object that contains details about the open port range associated with a finding.

            • begin (integer) –

              The beginning port in a port range.

            • end (integer) –

              The ending port in a port range.

          • protocol (string) –

            The protocol associated with a finding.

        • packageVulnerabilityDetails (dict) –

          An object that contains the details of a package vulnerability finding.

          • cvss (list) –

            An object that contains details about the CVSS score of a finding.

            • (dict) –

              The CVSS score for a finding.

              • baseScore (float) –

                The base CVSS score used for the finding.

              • scoringVector (string) –

                The vector string of the CVSS score.

              • source (string) –

                The source of the CVSS score.

              • version (string) –

                The version of CVSS used for the score.

          • referenceUrls (list) –

            One or more URLs that contain details about this vulnerability type.

            • (string) –

          • relatedVulnerabilities (list) –

            One or more vulnerabilities related to the one identified in this finding.

            • (string) –

          • source (string) –

            The source of the vulnerability information.

          • sourceUrl (string) –

            A URL to the source of the vulnerability information.

          • vendorCreatedAt (datetime) –

            The date and time that this vulnerability was first added to the vendor’s database.

          • vendorSeverity (string) –

            The severity the vendor has given to this vulnerability type.

          • vendorUpdatedAt (datetime) –

            The date and time the vendor last updated this vulnerability in their database.

          • vulnerabilityId (string) –

            The ID given to this vulnerability.

          • vulnerablePackages (list) –

            The packages impacted by this vulnerability.

            • (dict) –

              Information on the vulnerable package identified by a finding.

              • arch (string) –

                The architecture of the vulnerable package.

              • epoch (integer) –

                The epoch of the vulnerable package.

              • filePath (string) –

                The file path of the vulnerable package.

              • fixedInVersion (string) –

                The version of the package that contains the vulnerability fix.

              • name (string) –

                The name of the vulnerable package.

              • packageManager (string) –

                The package manager of the vulnerable package.

              • release (string) –

                The release of the vulnerable package.

              • remediation (string) –

                The code to run in your environment to update packages with a fix available.

              • sourceLambdaLayerArn (string) –

                The Amazon Resource Number (ARN) of the Amazon Web Services Lambda function affected by a finding.

              • sourceLayerHash (string) –

                The source layer hash of the vulnerable package.

              • version (string) –

                The version of the vulnerable package.

        • remediation (dict) –

          An object that contains the details about how to remediate a finding.

          • recommendation (dict) –

            An object that contains information about the recommended course of action to remediate the finding.

            • Url (string) –

              The URL address to the CVE remediation recommendations.

            • text (string) –

              The recommended course of action to remediate the finding.

        • resources (list) –

          Contains information on the resources involved in a finding. The resource value determines the valid values for type in your request. For more information, see Finding types in the Amazon Inspector user guide.

          • (dict) –

            Details about the resource involved in a finding.

            • details (dict) –

              An object that contains details about the resource involved in a finding.

              • awsEc2Instance (dict) –

                An object that contains details about the Amazon EC2 instance involved in the finding.

                • iamInstanceProfileArn (string) –

                  The IAM instance profile ARN of the Amazon EC2 instance.

                • imageId (string) –

                  The image ID of the Amazon EC2 instance.

                • ipV4Addresses (list) –

                  The IPv4 addresses of the Amazon EC2 instance.

                  • (string) –

                • ipV6Addresses (list) –

                  The IPv6 addresses of the Amazon EC2 instance.

                  • (string) –

                • keyName (string) –

                  The name of the key pair used to launch the Amazon EC2 instance.

                • launchedAt (datetime) –

                  The date and time the Amazon EC2 instance was launched at.

                • platform (string) –

                  The platform of the Amazon EC2 instance.

                • subnetId (string) –

                  The subnet ID of the Amazon EC2 instance.

                • type (string) –

                  The type of the Amazon EC2 instance.

                • vpcId (string) –

                  The VPC ID of the Amazon EC2 instance.

              • awsEcrContainerImage (dict) –

                An object that contains details about the Amazon ECR container image involved in the finding.

                • architecture (string) –

                  The architecture of the Amazon ECR container image.

                • author (string) –

                  The image author of the Amazon ECR container image.

                • imageHash (string) –

                  The image hash of the Amazon ECR container image.

                • imageTags (list) –

                  The image tags attached to the Amazon ECR container image.

                  • (string) –

                • platform (string) –

                  The platform of the Amazon ECR container image.

                • pushedAt (datetime) –

                  The date and time the Amazon ECR container image was pushed.

                • registry (string) –

                  The registry for the Amazon ECR container image.

                • repositoryName (string) –

                  The name of the repository the Amazon ECR container image resides in.

              • awsLambdaFunction (dict) –

                A summary of the information about an Amazon Web Services Lambda function affected by a finding.

                • architectures (list) –

                  The instruction set architecture that the Amazon Web Services Lambda function supports. Architecture is a string array with one of the valid values. The default architecture value is x86_64.

                  • (string) –

                • codeSha256 (string) –

                  The SHA256 hash of the Amazon Web Services Lambda function’s deployment package.

                • executionRoleArn (string) –

                  The Amazon Web Services Lambda function’s execution role.

                • functionName (string) –

                  The name of the Amazon Web Services Lambda function.

                • lastModifiedAt (datetime) –

                  The date and time that a user last updated the configuration, in ISO 8601 format

                • layers (list) –

                  The Amazon Web Services Lambda function’s layers. A Lambda function can have up to five layers.

                  • (string) –

                • packageType (string) –

                  The type of deployment package. Set to Image for container image and set Zip for .zip file archive.

                • runtime (string) –

                  The runtime environment for the Amazon Web Services Lambda function.

                • version (string) –

                  The version of the Amazon Web Services Lambda function.

                • vpcConfig (dict) –

                  The Amazon Web Services Lambda function’s networking configuration.

                  • securityGroupIds (list) –

                    The VPC security groups and subnets that are attached to an Amazon Web Services Lambda function. For more information, see VPC Settings.

                    • (string) –

                  • subnetIds (list) –

                    A list of VPC subnet IDs.

                    • (string) –

                  • vpcId (string) –

                    The ID of the VPC.

            • id (string) –

              The ID of the resource.

            • partition (string) –

              The partition of the resource.

            • region (string) –

              The Amazon Web Services Region the impacted resource is located in.

            • tags (dict) –

              The tags attached to the resource.

              • (string) –

                • (string) –

            • type (string) –

              The type of resource.

        • severity (string) –

          The severity of the finding. UNTRIAGED applies to PACKAGE_VULNERABILITY type findings that the vendor has not assigned a severity yet. For more information, see Severity levels for findings in the Amazon Inspector user guide.

        • status (string) –

          The status of the finding.

        • title (string) –

          The title of the finding.

        • type (string) –

          The type of the finding. The type value determines the valid values for resource in your request. For more information, see Finding types in the Amazon Inspector user guide.

        • updatedAt (datetime) –

          The date and time the finding was last updated at.

    • nextToken (string) –

      A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

Exceptions