Table of Contents
Inspector2.Client¶A low-level client representing Inspector2
Amazon Inspector is a vulnerability discovery service that automates continuous scanning for security vulnerabilities within your Amazon EC2 and Amazon ECR environments.
client = session.create_client('inspector2')
These are the available methods:
associate_member(**kwargs)¶Associates an Amazon Web Services account with an Amazon Inspector delegated administrator.
See also: AWS API Documentation
Request Syntax
response = client.associate_member(
accountId='string'
)
accountId (string) –
[REQUIRED]
The Amazon Web Services account ID of the member account to be associated.
dict
Response Syntax
{
'accountId': 'string'
}
Response Structure
(dict) –
accountId (string) –
The Amazon Web Services account ID of the successfully associated member account.
Exceptions
batch_get_account_status(**kwargs)¶Retrieves the Amazon Inspector status of multiple Amazon Web Services accounts within your environment.
See also: AWS API Documentation
Request Syntax
response = client.batch_get_account_status(
accountIds=[
'string',
]
)
accountIds (list) –
The 12-digit Amazon Web Services account IDs of the accounts to retrieve Amazon Inspector status for.
(string) –
dict
Response Syntax
{
'accounts': [
{
'accountId': 'string',
'resourceState': {
'ec2': {
'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS',
'errorMessage': 'string',
'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
},
'ecr': {
'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS',
'errorMessage': 'string',
'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
}
},
'state': {
'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS',
'errorMessage': 'string',
'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
}
},
],
'failedAccounts': [
{
'accountId': 'string',
'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS',
'errorMessage': 'string',
'resourceStatus': {
'ec2': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
'ecr': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
},
'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
},
]
}
Response Structure
(dict) –
accounts (list) –
An array of objects that provide details on the status of Amazon Inspector for each of the requested accounts.
(dict) –
An object with details the status of an Amazon Web Services account within your Amazon Inspector environment
accountId (string) –
The Amazon Web Services account ID.
resourceState (dict) –
An object detailing which resources Amazon Inspector is enabled to scan for the account.
ec2 (dict) –
An object detailing the state of Amazon Inspector scanning for Amazon EC2 resources.
errorCode (string) –
The error code explaining why the account failed to enable Amazon Inspector.
errorMessage (string) –
The error message received when the account failed to enable Amazon Inspector.
status (string) –
The status of Amazon Inspector for the account.
ecr (dict) –
An object detailing the state of Amazon Inspector scanning for Amazon ECR resources.
errorCode (string) –
The error code explaining why the account failed to enable Amazon Inspector.
errorMessage (string) –
The error message received when the account failed to enable Amazon Inspector.
status (string) –
The status of Amazon Inspector for the account.
state (dict) –
An object detailing the status of Amazon Inspector for the account.
errorCode (string) –
The error code explaining why the account failed to enable Amazon Inspector.
errorMessage (string) –
The error message received when the account failed to enable Amazon Inspector.
status (string) –
The status of Amazon Inspector for the account.
failedAccounts (list) –
An array of objects detailing any accounts that failed to enable Amazon Inspector and why.
(dict) –
An object with details on why an account failed to enable Amazon Inspector.
accountId (string) –
The Amazon Web Services account ID.
errorCode (string) –
The error code explaining why the account failed to enable Amazon Inspector.
errorMessage (string) –
The error message received when the account failed to enable Amazon Inspector.
resourceStatus (dict) –
An object detailing which resources Amazon Inspector is enabled to scan for the account.
ec2 (string) –
The status of Amazon Inspector scanning for Amazon EC2 resources.
ecr (string) –
The status of Amazon Inspector scanning for Amazon ECR resources.
status (string) –
The status of Amazon Inspector for the account.
Exceptions
batch_get_free_trial_info(**kwargs)¶Gets free trial status for multiple Amazon Web Services accounts.
See also: AWS API Documentation
Request Syntax
response = client.batch_get_free_trial_info(
accountIds=[
'string',
]
)
accountIds (list) –
[REQUIRED]
The account IDs to get free trial status for.
(string) –
dict
Response Syntax
{
'accounts': [
{
'accountId': 'string',
'freeTrialInfo': [
{
'end': datetime(2015, 1, 1),
'start': datetime(2015, 1, 1),
'status': 'ACTIVE'|'INACTIVE',
'type': 'EC2'|'ECR'
},
]
},
],
'failedAccounts': [
{
'accountId': 'string',
'code': 'ACCESS_DENIED'|'INTERNAL_ERROR',
'message': 'string'
},
]
}
Response Structure
(dict) –
accounts (list) –
An array of objects that provide Amazon Inspector free trial details for each of the requested accounts.
(dict) –
Information about the Amazon Inspector free trial for an account.
accountId (string) –
The account associated with the Amazon Inspector free trial information.
freeTrialInfo (list) –
Contains information about the Amazon Inspector free trial for an account.
(dict) –
An object that contains information about the Amazon Inspector free trial for an account.
end (datetime) –
The date and time that the Amazon Inspector free trail ends for a given account.
start (datetime) –
The date and time that the Amazon Inspector free trail started for a given account.
status (string) –
The order to sort results by.
type (string) –
The type of scan covered by the Amazon Inspector free trail.
failedAccounts (list) –
An array of objects detailing any accounts that free trial data could not be returned for.
(dict) –
Information about an error received while accessing free trail data for an account.
accountId (string) –
The account associated with the Amazon Inspector free trial information.
code (string) –
The error code.
message (string) –
The error message returned.
Exceptions
can_paginate(operation_name)¶Check if an operation can be paginated.
operation_name (string) – The operation name. This is the same name
as the method name on the client. For example, if the
method name is create_foo, and you’d normally invoke the
operation as client.create_foo(**kwargs), if the
create_foo operation can be paginated, you can use the
call client.get_paginator("create_foo").
True if the operation can be paginated,
False otherwise.
cancel_findings_report(**kwargs)¶Cancels the given findings report.
See also: AWS API Documentation
Request Syntax
response = client.cancel_findings_report(
reportId='string'
)
reportId (string) –
[REQUIRED]
The ID of the report to be canceled.
dict
Response Syntax
{
'reportId': 'string'
}
Response Structure
(dict) –
reportId (string) –
The ID of the canceled report.
Exceptions
create_filter(**kwargs)¶Creates a filter resource using specified filter criteria.
See also: AWS API Documentation
Request Syntax
response = client.create_filter(
action='NONE'|'SUPPRESS',
description='string',
filterCriteria={
'awsAccountId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceImageId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceSubnetId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceVpcId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageArchitecture': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageHash': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImagePushedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'ecrImageRegistry': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageRepositoryName': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingArn': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingStatus': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'firstObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'inspectorScore': [
{
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
],
'lastObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'networkProtocol': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'portRange': [
{
'beginInclusive': 123,
'endInclusive': 123
},
],
'relatedVulnerabilities': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'severity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'title': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'updatedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'vendorSeverity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilityId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilitySource': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerablePackages': [
{
'architecture': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'epoch': {
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
'name': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'release': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'sourceLayerHash': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'version': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
}
},
]
},
name='string',
tags={
'string': 'string'
}
)
action (string) –
[REQUIRED]
Defines the action that is to be applied to the findings that match the filter.
description (string) – A description of the filter.
filterCriteria (dict) –
[REQUIRED]
Defines the criteria to be used in the filter for querying findings.
awsAccountId (list) –
Details of the Amazon Web Services account IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
componentId (list) –
Details of the component IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
componentType (list) –
Details of the component types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceImageId (list) –
Details of the Amazon EC2 instance image IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceSubnetId (list) –
Details of the Amazon EC2 instance subnet IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceVpcId (list) –
Details of the Amazon EC2 instance VPC IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageArchitecture (list) –
Details of the Amazon ECR image architecture types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageHash (list) –
Details of the Amazon ECR image hashes used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImagePushedAt (list) –
Details on the Amazon ECR image push date and time used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
ecrImageRegistry (list) –
Details on the Amazon ECR registry used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageRepositoryName (list) –
Details on the name of the Amazon ECR repository used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageTags (list) –
The tags attached to the Amazon ECR container image.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingArn (list) –
Details on the finding ARNs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingStatus (list) –
Details on the finding status types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingType (list) –
Details on the finding types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
firstObservedAt (list) –
Details on the date and time a finding was first seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
inspectorScore (list) –
The Amazon Inspector score to filter on.
(dict) –
An object that describes the details of a number filter.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
lastObservedAt (list) –
Details on the date and time a finding was last seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
networkProtocol (list) –
Details on the ingress source addresses used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
portRange (list) –
Details on the port ranges used to filter findings.
(dict) –
An object that describes the details of a port range filter.
beginInclusive (integer) –
The port number the port range begins at.
endInclusive (integer) –
The port number the port range ends at.
relatedVulnerabilities (list) –
Details on the related vulnerabilities used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceId (list) –
Details on the resource IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceTags (list) –
Details on the resource tags used to filter findings.
(dict) –
An object that describes details of a map filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
key (string) – [REQUIRED]
The tag key used in the filter.
value (string) –
The tag value used in the filter.
resourceType (list) –
Details on the resource types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
severity (list) –
Details on the severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
title (list) –
Details on the finding title used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
updatedAt (list) –
Details on the date and time a finding was last updated at used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
vendorSeverity (list) –
Details on the vendor severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilityId (list) –
Details on the vulnerability ID used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilitySource (list) –
Details on the vulnerability type used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerablePackages (list) –
Details on the vulnerable packages used to filter findings.
(dict) –
Contains information on the details of a package filter.
architecture (dict) –
An object that contains details on the package architecture type to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
epoch (dict) –
An object that contains details on the package epoch to filter on.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
name (dict) –
An object that contains details on the name of the package to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
release (dict) –
An object that contains details on the package release to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sourceLayerHash (dict) –
An object that contains details on the source layer hash to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
version (dict) –
The package version to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
name (string) –
[REQUIRED]
The name of the filter. Minimum length of 3. Maximum length of 64. Valid characters include alphanumeric characters, dot (.), underscore (_), and dash (-). Spaces are not allowed.
tags (dict) –
A list of tags for the filter.
(string) –
(string) –
dict
Response Syntax
{
'arn': 'string'
}
Response Structure
(dict) –
arn (string) –
The Amazon Resource Number (ARN) of the successfully created filter.
Exceptions
create_findings_report(**kwargs)¶Creates a finding report.
See also: AWS API Documentation
Request Syntax
response = client.create_findings_report(
filterCriteria={
'awsAccountId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceImageId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceSubnetId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceVpcId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageArchitecture': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageHash': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImagePushedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'ecrImageRegistry': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageRepositoryName': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingArn': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingStatus': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'firstObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'inspectorScore': [
{
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
],
'lastObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'networkProtocol': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'portRange': [
{
'beginInclusive': 123,
'endInclusive': 123
},
],
'relatedVulnerabilities': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'severity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'title': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'updatedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'vendorSeverity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilityId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilitySource': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerablePackages': [
{
'architecture': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'epoch': {
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
'name': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'release': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'sourceLayerHash': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'version': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
}
},
]
},
reportFormat='CSV'|'JSON',
s3Destination={
'bucketName': 'string',
'keyPrefix': 'string',
'kmsKeyArn': 'string'
}
)
filterCriteria (dict) –
The filter criteria to apply to the results of the finding report.
awsAccountId (list) –
Details of the Amazon Web Services account IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
componentId (list) –
Details of the component IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
componentType (list) –
Details of the component types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceImageId (list) –
Details of the Amazon EC2 instance image IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceSubnetId (list) –
Details of the Amazon EC2 instance subnet IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceVpcId (list) –
Details of the Amazon EC2 instance VPC IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageArchitecture (list) –
Details of the Amazon ECR image architecture types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageHash (list) –
Details of the Amazon ECR image hashes used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImagePushedAt (list) –
Details on the Amazon ECR image push date and time used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
ecrImageRegistry (list) –
Details on the Amazon ECR registry used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageRepositoryName (list) –
Details on the name of the Amazon ECR repository used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageTags (list) –
The tags attached to the Amazon ECR container image.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingArn (list) –
Details on the finding ARNs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingStatus (list) –
Details on the finding status types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingType (list) –
Details on the finding types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
firstObservedAt (list) –
Details on the date and time a finding was first seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
inspectorScore (list) –
The Amazon Inspector score to filter on.
(dict) –
An object that describes the details of a number filter.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
lastObservedAt (list) –
Details on the date and time a finding was last seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
networkProtocol (list) –
Details on the ingress source addresses used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
portRange (list) –
Details on the port ranges used to filter findings.
(dict) –
An object that describes the details of a port range filter.
beginInclusive (integer) –
The port number the port range begins at.
endInclusive (integer) –
The port number the port range ends at.
relatedVulnerabilities (list) –
Details on the related vulnerabilities used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceId (list) –
Details on the resource IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceTags (list) –
Details on the resource tags used to filter findings.
(dict) –
An object that describes details of a map filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
key (string) – [REQUIRED]
The tag key used in the filter.
value (string) –
The tag value used in the filter.
resourceType (list) –
Details on the resource types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
severity (list) –
Details on the severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
title (list) –
Details on the finding title used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
updatedAt (list) –
Details on the date and time a finding was last updated at used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
vendorSeverity (list) –
Details on the vendor severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilityId (list) –
Details on the vulnerability ID used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilitySource (list) –
Details on the vulnerability type used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerablePackages (list) –
Details on the vulnerable packages used to filter findings.
(dict) –
Contains information on the details of a package filter.
architecture (dict) –
An object that contains details on the package architecture type to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
epoch (dict) –
An object that contains details on the package epoch to filter on.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
name (dict) –
An object that contains details on the name of the package to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
release (dict) –
An object that contains details on the package release to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sourceLayerHash (dict) –
An object that contains details on the source layer hash to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
version (dict) –
The package version to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
reportFormat (string) –
[REQUIRED]
The format to generate the report in.
s3Destination (dict) –
[REQUIRED]
The Amazon S3 export destination for the report.
bucketName (string) – [REQUIRED]
The name of the Amazon S3 bucket to export findings to.
keyPrefix (string) –
The prefix of the KMS key used to export findings.
kmsKeyArn (string) – [REQUIRED]
The ARN of the KMS key used to encrypt data when exporting findings.
dict
Response Syntax
{
'reportId': 'string'
}
Response Structure
(dict) –
reportId (string) –
The ID of the report.
Exceptions
delete_filter(**kwargs)¶Deletes a filter resource.
See also: AWS API Documentation
Request Syntax
response = client.delete_filter(
arn='string'
)
arn (string) –
[REQUIRED]
The Amazon Resource Number (ARN) of the filter to be deleted.
dict
Response Syntax
{
'arn': 'string'
}
Response Structure
(dict) –
arn (string) –
The Amazon Resource Number (ARN) of the filter that has been deleted.
Exceptions
describe_organization_configuration()¶Describe Amazon Inspector configuration settings for an Amazon Web Services organization
See also: AWS API Documentation
Request Syntax
response = client.describe_organization_configuration()
dict
Response Syntax
{
'autoEnable': {
'ec2': True|False,
'ecr': True|False
},
'maxAccountLimitReached': True|False
}
Response Structure
(dict) –
autoEnable (dict) –
The scan types are automatically enabled for new members of your organization.
ec2 (boolean) –
Represents whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.
ecr (boolean) –
Represents whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.
maxAccountLimitReached (boolean) –
Represents whether your organization has reached the maximum Amazon Web Services account limit for Amazon Inspector.
Exceptions
disable(**kwargs)¶Disables Amazon Inspector scans for one or more Amazon Web Services accounts. Disabling all scan types in an account disables the Amazon Inspector service.
See also: AWS API Documentation
Request Syntax
response = client.disable(
accountIds=[
'string',
],
resourceTypes=[
'EC2'|'ECR',
]
)
accountIds (list) –
An array of account IDs you want to disable Amazon Inspector scans for.
(string) –
resourceTypes (list) –
The resource scan types you want to disable.
(string) –
dict
Response Syntax
{
'accounts': [
{
'accountId': 'string',
'resourceStatus': {
'ec2': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
'ecr': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
},
'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
},
],
'failedAccounts': [
{
'accountId': 'string',
'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS',
'errorMessage': 'string',
'resourceStatus': {
'ec2': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
'ecr': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
},
'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
},
]
}
Response Structure
(dict) –
accounts (list) –
Information on the accounts that have had Amazon Inspector scans successfully disabled. Details are provided for each account.
(dict) –
An Amazon Web Services account within your environment that Amazon Inspector has been enabled for.
accountId (string) –
The ID of the Amazon Web Services account.
resourceStatus (dict) –
Details of the status of Amazon Inspector scans by resource type.
ec2 (string) –
The status of Amazon Inspector scanning for Amazon EC2 resources.
ecr (string) –
The status of Amazon Inspector scanning for Amazon ECR resources.
status (string) –
The status of Amazon Inspector for the account.
failedAccounts (list) –
Information on any accounts for which Amazon Inspector scans could not be disabled. Details are provided for each account.
(dict) –
An object with details on why an account failed to enable Amazon Inspector.
accountId (string) –
The Amazon Web Services account ID.
errorCode (string) –
The error code explaining why the account failed to enable Amazon Inspector.
errorMessage (string) –
The error message received when the account failed to enable Amazon Inspector.
resourceStatus (dict) –
An object detailing which resources Amazon Inspector is enabled to scan for the account.
ec2 (string) –
The status of Amazon Inspector scanning for Amazon EC2 resources.
ecr (string) –
The status of Amazon Inspector scanning for Amazon ECR resources.
status (string) –
The status of Amazon Inspector for the account.
Exceptions
disable_delegated_admin_account(**kwargs)¶Disables the Amazon Inspector delegated administrator for your organization.
See also: AWS API Documentation
Request Syntax
response = client.disable_delegated_admin_account(
delegatedAdminAccountId='string'
)
delegatedAdminAccountId (string) –
[REQUIRED]
The Amazon Web Services account ID of the current Amazon Inspector delegated administrator.
dict
Response Syntax
{
'delegatedAdminAccountId': 'string'
}
Response Structure
(dict) –
delegatedAdminAccountId (string) –
The Amazon Web Services account ID of the successfully disabled delegated administrator.
Exceptions
disassociate_member(**kwargs)¶Disassociates a member account from an Amazon Inspector delegated administrator.
See also: AWS API Documentation
Request Syntax
response = client.disassociate_member(
accountId='string'
)
accountId (string) –
[REQUIRED]
The Amazon Web Services account ID of the member account to disassociate.
dict
Response Syntax
{
'accountId': 'string'
}
Response Structure
(dict) –
accountId (string) –
The Amazon Web Services account ID of the successfully disassociated member.
Exceptions
enable(**kwargs)¶Enables Amazon Inspector scans for one or more Amazon Web Services accounts.
See also: AWS API Documentation
Request Syntax
response = client.enable(
accountIds=[
'string',
],
clientToken='string',
resourceTypes=[
'EC2'|'ECR',
]
)
accountIds (list) –
A list of account IDs you want to enable Amazon Inspector scans for.
(string) –
clientToken (string) –
The idempotency token for the request.
This field is autopopulated if not provided.
resourceTypes (list) –
[REQUIRED]
The resource scan types you want to enable.
(string) –
dict
Response Syntax
{
'accounts': [
{
'accountId': 'string',
'resourceStatus': {
'ec2': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
'ecr': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
},
'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
},
],
'failedAccounts': [
{
'accountId': 'string',
'errorCode': 'ALREADY_ENABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS'|'SUSPEND_IN_PROGRESS'|'RESOURCE_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'SSM_UNAVAILABLE'|'SSM_THROTTLED'|'EVENTBRIDGE_UNAVAILABLE'|'EVENTBRIDGE_THROTTLED'|'RESOURCE_SCAN_NOT_DISABLED'|'DISASSOCIATE_ALL_MEMBERS',
'errorMessage': 'string',
'resourceStatus': {
'ec2': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED',
'ecr': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
},
'status': 'ENABLING'|'ENABLED'|'DISABLING'|'DISABLED'|'SUSPENDING'|'SUSPENDED'
},
]
}
Response Structure
(dict) –
accounts (list) –
Information on the accounts that have had Amazon Inspector scans successfully enabled. Details are provided for each account.
(dict) –
An Amazon Web Services account within your environment that Amazon Inspector has been enabled for.
accountId (string) –
The ID of the Amazon Web Services account.
resourceStatus (dict) –
Details of the status of Amazon Inspector scans by resource type.
ec2 (string) –
The status of Amazon Inspector scanning for Amazon EC2 resources.
ecr (string) –
The status of Amazon Inspector scanning for Amazon ECR resources.
status (string) –
The status of Amazon Inspector for the account.
failedAccounts (list) –
Information on any accounts for which Amazon Inspector scans could not be enabled. Details are provided for each account.
(dict) –
An object with details on why an account failed to enable Amazon Inspector.
accountId (string) –
The Amazon Web Services account ID.
errorCode (string) –
The error code explaining why the account failed to enable Amazon Inspector.
errorMessage (string) –
The error message received when the account failed to enable Amazon Inspector.
resourceStatus (dict) –
An object detailing which resources Amazon Inspector is enabled to scan for the account.
ec2 (string) –
The status of Amazon Inspector scanning for Amazon EC2 resources.
ecr (string) –
The status of Amazon Inspector scanning for Amazon ECR resources.
status (string) –
The status of Amazon Inspector for the account.
Exceptions
enable_delegated_admin_account(**kwargs)¶Enables the Amazon Inspector delegated administrator for your Organizations organization.
See also: AWS API Documentation
Request Syntax
response = client.enable_delegated_admin_account(
clientToken='string',
delegatedAdminAccountId='string'
)
clientToken (string) –
The idempotency token for the request.
This field is autopopulated if not provided.
delegatedAdminAccountId (string) –
[REQUIRED]
The Amazon Web Services account ID of the Amazon Inspector delegated administrator.
dict
Response Syntax
{
'delegatedAdminAccountId': 'string'
}
Response Structure
(dict) –
delegatedAdminAccountId (string) –
The Amazon Web Services account ID of the successfully Amazon Inspector delegated administrator.
Exceptions
get_delegated_admin_account()¶Retrieves information about the Amazon Inspector delegated administrator for your organization.
See also: AWS API Documentation
Request Syntax
response = client.get_delegated_admin_account()
dict
Response Syntax
{
'delegatedAdmin': {
'accountId': 'string',
'relationshipStatus': 'CREATED'|'INVITED'|'DISABLED'|'ENABLED'|'REMOVED'|'RESIGNED'|'DELETED'|'EMAIL_VERIFICATION_IN_PROGRESS'|'EMAIL_VERIFICATION_FAILED'|'REGION_DISABLED'|'ACCOUNT_SUSPENDED'|'CANNOT_CREATE_DETECTOR_IN_ORG_MASTER'
}
}
Response Structure
(dict) –
delegatedAdmin (dict) –
The Amazon Web Services account ID of the Amazon Inspector delegated administrator.
accountId (string) –
The Amazon Web Services account ID of the Amazon Inspector delegated administrator for your organization.
relationshipStatus (string) –
The status of the Amazon Inspector delegated administrator.
Exceptions
get_findings_report_status(**kwargs)¶Gets the status of a findings report.
See also: AWS API Documentation
Request Syntax
response = client.get_findings_report_status(
reportId='string'
)
reportId (string) – The ID of the report to retrieve the status of.
dict
Response Syntax
{
'destination': {
'bucketName': 'string',
'keyPrefix': 'string',
'kmsKeyArn': 'string'
},
'errorCode': 'INTERNAL_ERROR'|'INVALID_PERMISSIONS',
'errorMessage': 'string',
'filterCriteria': {
'awsAccountId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceImageId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceSubnetId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceVpcId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageArchitecture': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageHash': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImagePushedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'ecrImageRegistry': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageRepositoryName': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingArn': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingStatus': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'firstObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'inspectorScore': [
{
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
],
'lastObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'networkProtocol': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'portRange': [
{
'beginInclusive': 123,
'endInclusive': 123
},
],
'relatedVulnerabilities': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'severity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'title': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'updatedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'vendorSeverity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilityId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilitySource': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerablePackages': [
{
'architecture': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'epoch': {
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
'name': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'release': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'sourceLayerHash': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'version': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
}
},
]
},
'reportId': 'string',
'status': 'SUCCEEDED'|'IN_PROGRESS'|'CANCELLED'|'FAILED'
}
Response Structure
(dict) –
destination (dict) –
The destination of the report.
bucketName (string) –
The name of the Amazon S3 bucket to export findings to.
keyPrefix (string) –
The prefix of the KMS key used to export findings.
kmsKeyArn (string) –
The ARN of the KMS key used to encrypt data when exporting findings.
errorCode (string) –
The error code of the report.
errorMessage (string) –
The error message of the report.
filterCriteria (dict) –
The filter criteria associated with the report.
awsAccountId (list) –
Details of the Amazon Web Services account IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
componentId (list) –
Details of the component IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
componentType (list) –
Details of the component types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ec2InstanceImageId (list) –
Details of the Amazon EC2 instance image IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ec2InstanceSubnetId (list) –
Details of the Amazon EC2 instance subnet IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ec2InstanceVpcId (list) –
Details of the Amazon EC2 instance VPC IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageArchitecture (list) –
Details of the Amazon ECR image architecture types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageHash (list) –
Details of the Amazon ECR image hashes used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImagePushedAt (list) –
Details on the Amazon ECR image push date and time used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
ecrImageRegistry (list) –
Details on the Amazon ECR registry used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageRepositoryName (list) –
Details on the name of the Amazon ECR repository used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageTags (list) –
The tags attached to the Amazon ECR container image.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
findingArn (list) –
Details on the finding ARNs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
findingStatus (list) –
Details on the finding status types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
findingType (list) –
Details on the finding types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
firstObservedAt (list) –
Details on the date and time a finding was first seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
inspectorScore (list) –
The Amazon Inspector score to filter on.
(dict) –
An object that describes the details of a number filter.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
lastObservedAt (list) –
Details on the date and time a finding was last seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
networkProtocol (list) –
Details on the ingress source addresses used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
portRange (list) –
Details on the port ranges used to filter findings.
(dict) –
An object that describes the details of a port range filter.
beginInclusive (integer) –
The port number the port range begins at.
endInclusive (integer) –
The port number the port range ends at.
relatedVulnerabilities (list) –
Details on the related vulnerabilities used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
resourceId (list) –
Details on the resource IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
resourceTags (list) –
Details on the resource tags used to filter findings.
(dict) –
An object that describes details of a map filter.
comparison (string) –
The operator to use when comparing values in the filter.
key (string) –
The tag key used in the filter.
value (string) –
The tag value used in the filter.
resourceType (list) –
Details on the resource types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
severity (list) –
Details on the severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
title (list) –
Details on the finding title used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
updatedAt (list) –
Details on the date and time a finding was last updated at used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
vendorSeverity (list) –
Details on the vendor severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
vulnerabilityId (list) –
Details on the vulnerability ID used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
vulnerabilitySource (list) –
Details on the vulnerability type used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
vulnerablePackages (list) –
Details on the vulnerable packages used to filter findings.
(dict) –
Contains information on the details of a package filter.
architecture (dict) –
An object that contains details on the package architecture type to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
epoch (dict) –
An object that contains details on the package epoch to filter on.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
name (dict) –
An object that contains details on the name of the package to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
release (dict) –
An object that contains details on the package release to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
sourceLayerHash (dict) –
An object that contains details on the source layer hash to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
version (dict) –
The package version to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
reportId (string) –
The ID of the report.
status (string) –
The status of the report.
Exceptions
get_member(**kwargs)¶Gets member information for your organization.
See also: AWS API Documentation
Request Syntax
response = client.get_member(
accountId='string'
)
accountId (string) –
[REQUIRED]
The Amazon Web Services account ID of the member account to retrieve information on.
dict
Response Syntax
{
'member': {
'accountId': 'string',
'delegatedAdminAccountId': 'string',
'relationshipStatus': 'CREATED'|'INVITED'|'DISABLED'|'ENABLED'|'REMOVED'|'RESIGNED'|'DELETED'|'EMAIL_VERIFICATION_IN_PROGRESS'|'EMAIL_VERIFICATION_FAILED'|'REGION_DISABLED'|'ACCOUNT_SUSPENDED'|'CANNOT_CREATE_DETECTOR_IN_ORG_MASTER',
'updatedAt': datetime(2015, 1, 1)
}
}
Response Structure
(dict) –
member (dict) –
Details of the retrieved member account.
accountId (string) –
The Amazon Web Services account ID of the member account.
delegatedAdminAccountId (string) –
The Amazon Web Services account ID of the Amazon Inspector delegated administrator for this member account.
relationshipStatus (string) –
The status of the member account.
updatedAt (datetime) –
A timestamp showing when the status of this member was last updated.
Exceptions
get_paginator(operation_name)¶Create a paginator for an operation.
operation_name (string) – The operation name. This is the same name
as the method name on the client. For example, if the
method name is create_foo, and you’d normally invoke the
operation as client.create_foo(**kwargs), if the
create_foo operation can be paginated, you can use the
call client.get_paginator("create_foo").
OperationNotPageableError – Raised if the operation is not
pageable. You can use the client.can_paginate method to
check if an operation is pageable.
L{botocore.paginate.Paginator}
A paginator object.
get_waiter(waiter_name)¶Returns an object that can wait for some condition.
waiter_name (str) – The name of the waiter to get. See the waiters section of the service docs for a list of available waiters.
The specified waiter object.
botocore.waiter.Waiter
list_account_permissions(**kwargs)¶Lists the permissions an account has to configure Amazon Inspector.
See also: AWS API Documentation
Request Syntax
response = client.list_account_permissions(
maxResults=123,
nextToken='string',
service='EC2'|'ECR'
)
maxResults (integer) – The maximum number of results to return in the response.
nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
service (string) – The service scan type to check permissions for.
dict
Response Syntax
{
'nextToken': 'string',
'permissions': [
{
'operation': 'ENABLE_SCANNING'|'DISABLE_SCANNING'|'ENABLE_REPOSITORY'|'DISABLE_REPOSITORY',
'service': 'EC2'|'ECR'
},
]
}
Response Structure
(dict) –
nextToken (string) –
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
permissions (list) –
Contains details on the permissions an account has to configure Amazon Inspector.
(dict) –
Contains information on the permissions an account has within Amazon Inspector.
operation (string) –
The operations that can be performed with the given permissions.
service (string) –
The services that the permissions allow an account to perform the given operations for.
Exceptions
list_coverage(**kwargs)¶Lists coverage details for you environment.
See also: AWS API Documentation
Request Syntax
response = client.list_coverage(
filterCriteria={
'accountId': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrRepositoryName': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanStatusCode': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanStatusReason': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanType': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
]
},
maxResults=123,
nextToken='string'
)
filterCriteria (dict) –
An object that contains details on the filters to apply to the coverage data for your environment.
accountId (list) –
An array of Amazon Web Services account IDs to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
ec2InstanceTags (list) –
The Amazon EC2 instance tags to filter on.
(dict) –
Contains details of a coverage map filter.
comparison (string) – [REQUIRED]
The operator to compare coverage on.
key (string) – [REQUIRED]
The tag key associated with the coverage map filter.
value (string) –
The tag value associated with the coverage map filter.
ecrImageTags (list) –
The Amazon ECR image tags to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
ecrRepositoryName (list) –
The Amazon ECR repository name to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
resourceId (list) –
An array of Amazon Web Services resource IDs to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
resourceType (list) –
An array of Amazon Web Services resource types to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanStatusCode (list) –
The scan status code to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanStatusReason (list) –
The scan status reason to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanType (list) –
An array of Amazon Inspector scan types to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
maxResults (integer) – The maximum number of results to return in the response.
nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
dict
Response Syntax
{
'coveredResources': [
{
'accountId': 'string',
'resourceId': 'string',
'resourceMetadata': {
'ec2': {
'amiId': 'string',
'platform': 'WINDOWS'|'LINUX'|'UNKNOWN',
'tags': {
'string': 'string'
}
},
'ecrImage': {
'tags': [
'string',
]
},
'ecrRepository': {
'name': 'string',
'scanFrequency': 'MANUAL'|'SCAN_ON_PUSH'|'CONTINUOUS_SCAN'
}
},
'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY',
'scanStatus': {
'reason': 'PENDING_INITIAL_SCAN'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'UNMANAGED_EC2_INSTANCE'|'UNSUPPORTED_OS'|'SCAN_ELIGIBILITY_EXPIRED'|'RESOURCE_TERMINATED'|'SUCCESSFUL'|'NO_RESOURCES_FOUND'|'IMAGE_SIZE_EXCEEDED'|'SCAN_FREQUENCY_MANUAL'|'SCAN_FREQUENCY_SCAN_ON_PUSH'|'EC2_INSTANCE_STOPPED',
'statusCode': 'ACTIVE'|'INACTIVE'
},
'scanType': 'NETWORK'|'PACKAGE'
},
],
'nextToken': 'string'
}
Response Structure
(dict) –
coveredResources (list) –
An object that contains details on the covered resources in your environment.
(dict) –
An object that contains details about a resource covered by Amazon Inspector.
accountId (string) –
The Amazon Web Services account ID of the covered resource.
resourceId (string) –
The ID of the covered resource.
resourceMetadata (dict) –
An object that contains details about the metadata.
ec2 (dict) –
An object that contains metadata details for an Amazon EC2 instance.
amiId (string) –
The ID of the Amazon Machine Image (AMI) used to launch the instance.
platform (string) –
The platform of the instance.
tags (dict) –
The tags attached to the instance.
(string) –
(string) –
ecrImage (dict) –
An object that contains details about the container metadata for an Amazon ECR image.
tags (list) –
Tags associated with the Amazon ECR image metadata.
(string) –
ecrRepository (dict) –
An object that contains details about the repository an Amazon ECR image resides in.
name (string) –
The name of the Amazon ECR repository.
scanFrequency (string) –
The frequency of scans.
resourceType (string) –
The type of the covered resource.
scanStatus (dict) –
The status of the scan covering the resource.
reason (string) –
The reason for the scan.
statusCode (string) –
The status code of the scan.
scanType (string) –
The Amazon Inspector scan type covering the resource.
nextToken (string) –
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
Exceptions
list_coverage_statistics(**kwargs)¶Lists Amazon Inspector coverage statistics for your environment.
See also: AWS API Documentation
Request Syntax
response = client.list_coverage_statistics(
filterCriteria={
'accountId': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrRepositoryName': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanStatusCode': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanStatusReason': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanType': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
]
},
groupBy='SCAN_STATUS_CODE'|'SCAN_STATUS_REASON'|'ACCOUNT_ID'|'RESOURCE_TYPE'|'ECR_REPOSITORY_NAME',
nextToken='string'
)
filterCriteria (dict) –
An object that contains details on the filters to apply to the coverage data for your environment.
accountId (list) –
An array of Amazon Web Services account IDs to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
ec2InstanceTags (list) –
The Amazon EC2 instance tags to filter on.
(dict) –
Contains details of a coverage map filter.
comparison (string) – [REQUIRED]
The operator to compare coverage on.
key (string) – [REQUIRED]
The tag key associated with the coverage map filter.
value (string) –
The tag value associated with the coverage map filter.
ecrImageTags (list) –
The Amazon ECR image tags to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
ecrRepositoryName (list) –
The Amazon ECR repository name to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
resourceId (list) –
An array of Amazon Web Services resource IDs to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
resourceType (list) –
An array of Amazon Web Services resource types to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanStatusCode (list) –
The scan status code to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanStatusReason (list) –
The scan status reason to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanType (list) –
An array of Amazon Inspector scan types to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
groupBy (string) – The value to group the results by.
nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
dict
Response Syntax
{
'countsByGroup': [
{
'count': 123,
'groupKey': 'SCAN_STATUS_CODE'|'SCAN_STATUS_REASON'|'ACCOUNT_ID'|'RESOURCE_TYPE'|'ECR_REPOSITORY_NAME'
},
],
'nextToken': 'string',
'totalCounts': 123
}
Response Structure
(dict) –
countsByGroup (list) –
An array with the number for each group.
(dict) –
a structure that contains information on the count of resources within a group.
count (integer) –
The number of resources.
groupKey (string) –
The key associated with this group
nextToken (string) –
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
totalCounts (integer) –
The total number for all groups.
Exceptions
list_delegated_admin_accounts(**kwargs)¶Lists information about the Amazon Inspector delegated administrator of your organization.
See also: AWS API Documentation
Request Syntax
response = client.list_delegated_admin_accounts(
maxResults=123,
nextToken='string'
)
maxResults (integer) – The maximum number of results to return in the response.
nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
dict
Response Syntax
{
'delegatedAdminAccounts': [
{
'accountId': 'string',
'status': 'ENABLED'|'DISABLE_IN_PROGRESS'
},
],
'nextToken': 'string'
}
Response Structure
(dict) –
delegatedAdminAccounts (list) –
Details of the Amazon Inspector delegated administrator of your organization.
(dict) –
Details of the Amazon Inspector delegated administrator for your organization.
accountId (string) –
The Amazon Web Services account ID of the Amazon Inspector delegated administrator for your organization.
status (string) –
The status of the Amazon Inspector delegated administrator.
nextToken (string) –
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
Exceptions
list_filters(**kwargs)¶Lists the filters associated with your account.
See also: AWS API Documentation
Request Syntax
response = client.list_filters(
action='NONE'|'SUPPRESS',
arns=[
'string',
],
maxResults=123,
nextToken='string'
)
action (string) – The action the filter applies to matched findings.
arns (list) –
The Amazon resource number (ARN) of the filter.
(string) –
maxResults (integer) – The maximum number of results to return in the response.
nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
dict
Response Syntax
{
'filters': [
{
'action': 'NONE'|'SUPPRESS',
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'criteria': {
'awsAccountId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceImageId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceSubnetId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceVpcId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageArchitecture': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageHash': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImagePushedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'ecrImageRegistry': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageRepositoryName': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingArn': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingStatus': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'firstObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'inspectorScore': [
{
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
],
'lastObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'networkProtocol': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'portRange': [
{
'beginInclusive': 123,
'endInclusive': 123
},
],
'relatedVulnerabilities': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'severity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'title': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'updatedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'vendorSeverity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilityId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilitySource': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerablePackages': [
{
'architecture': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'epoch': {
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
'name': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'release': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'sourceLayerHash': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'version': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
}
},
]
},
'description': 'string',
'name': 'string',
'ownerId': 'string',
'reason': 'string',
'tags': {
'string': 'string'
},
'updatedAt': datetime(2015, 1, 1)
},
],
'nextToken': 'string'
}
Response Structure
(dict) –
filters (list) –
Contains details on the filters associated with your account.
(dict) –
Details about a filter.
action (string) –
The action that is to be applied to the findings that match the filter.
arn (string) –
The Amazon Resource Number (ARN) associated with this filter.
createdAt (datetime) –
The date and time this filter was created at.
criteria (dict) –
Details on the filter criteria associated with this filter.
awsAccountId (list) –
Details of the Amazon Web Services account IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
componentId (list) –
Details of the component IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
componentType (list) –
Details of the component types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ec2InstanceImageId (list) –
Details of the Amazon EC2 instance image IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ec2InstanceSubnetId (list) –
Details of the Amazon EC2 instance subnet IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ec2InstanceVpcId (list) –
Details of the Amazon EC2 instance VPC IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageArchitecture (list) –
Details of the Amazon ECR image architecture types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageHash (list) –
Details of the Amazon ECR image hashes used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImagePushedAt (list) –
Details on the Amazon ECR image push date and time used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
ecrImageRegistry (list) –
Details on the Amazon ECR registry used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageRepositoryName (list) –
Details on the name of the Amazon ECR repository used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageTags (list) –
The tags attached to the Amazon ECR container image.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
findingArn (list) –
Details on the finding ARNs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
findingStatus (list) –
Details on the finding status types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
findingType (list) –
Details on the finding types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
firstObservedAt (list) –
Details on the date and time a finding was first seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
inspectorScore (list) –
The Amazon Inspector score to filter on.
(dict) –
An object that describes the details of a number filter.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
lastObservedAt (list) –
Details on the date and time a finding was last seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
networkProtocol (list) –
Details on the ingress source addresses used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
portRange (list) –
Details on the port ranges used to filter findings.
(dict) –
An object that describes the details of a port range filter.
beginInclusive (integer) –
The port number the port range begins at.
endInclusive (integer) –
The port number the port range ends at.
relatedVulnerabilities (list) –
Details on the related vulnerabilities used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
resourceId (list) –
Details on the resource IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
resourceTags (list) –
Details on the resource tags used to filter findings.
(dict) –
An object that describes details of a map filter.
comparison (string) –
The operator to use when comparing values in the filter.
key (string) –
The tag key used in the filter.
value (string) –
The tag value used in the filter.
resourceType (list) –
Details on the resource types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
severity (list) –
Details on the severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
title (list) –
Details on the finding title used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
updatedAt (list) –
Details on the date and time a finding was last updated at used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
vendorSeverity (list) –
Details on the vendor severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
vulnerabilityId (list) –
Details on the vulnerability ID used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
vulnerabilitySource (list) –
Details on the vulnerability type used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
vulnerablePackages (list) –
Details on the vulnerable packages used to filter findings.
(dict) –
Contains information on the details of a package filter.
architecture (dict) –
An object that contains details on the package architecture type to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
epoch (dict) –
An object that contains details on the package epoch to filter on.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
name (dict) –
An object that contains details on the name of the package to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
release (dict) –
An object that contains details on the package release to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
sourceLayerHash (dict) –
An object that contains details on the source layer hash to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
version (dict) –
The package version to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
description (string) –
A description of the filter.
name (string) –
The name of the filter.
ownerId (string) –
The Amazon Web Services account ID of the account that created the filter.
reason (string) –
The reason for the filter.
tags (dict) –
The tags attached to the filter.
(string) –
(string) –
updatedAt (datetime) –
The date and time the filter was last updated at.
nextToken (string) –
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
Exceptions
list_finding_aggregations(**kwargs)¶Lists aggregated finding data for your environment based on specific criteria.
See also: AWS API Documentation
Request Syntax
response = client.list_finding_aggregations(
accountIds=[
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
aggregationRequest={
'accountAggregation': {
'findingType': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY',
'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE',
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'amiAggregation': {
'amis': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'CRITICAL'|'HIGH'|'ALL'|'AFFECTED_INSTANCES',
'sortOrder': 'ASC'|'DESC'
},
'awsEcrContainerAggregation': {
'architectures': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'imageShas': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'imageTags': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'repositories': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceIds': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'ec2InstanceAggregation': {
'amis': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'instanceIds': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'instanceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'operatingSystems': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'NETWORK_FINDINGS'|'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'findingTypeAggregation': {
'findingType': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY',
'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE',
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'imageLayerAggregation': {
'layerHashes': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'repositories': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceIds': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'packageAggregation': {
'packageNames': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'repositoryAggregation': {
'repositories': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'CRITICAL'|'HIGH'|'ALL'|'AFFECTED_IMAGES',
'sortOrder': 'ASC'|'DESC'
},
'titleAggregation': {
'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE',
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC',
'titles': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilityIds': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
]
}
},
aggregationType='FINDING_TYPE'|'PACKAGE'|'TITLE'|'REPOSITORY'|'AMI'|'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER'|'IMAGE_LAYER'|'ACCOUNT',
maxResults=123,
nextToken='string'
)
accountIds (list) –
The Amazon Web Services account IDs to retrieve finding aggregation data for.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
aggregationRequest (dict) –
Details of the aggregation request that is used to filter your aggregation results.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: accountAggregation, amiAggregation, awsEcrContainerAggregation, ec2InstanceAggregation, findingTypeAggregation, imageLayerAggregation, packageAggregation, repositoryAggregation, titleAggregation.
accountAggregation (dict) –
An object that contains details about an aggregation request based on Amazon Web Services account IDs.
findingType (string) –
The type of finding.
resourceType (string) –
The type of resource.
sortBy (string) –
The value to sort by.
sortOrder (string) –
The sort order (ascending or descending).
amiAggregation (dict) –
An object that contains details about an aggregation request based on Amazon Machine Images (AMIs).
amis (list) –
The IDs of AMIs to aggregate findings for.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
awsEcrContainerAggregation (dict) –
An object that contains details about an aggregation request based on Amazon ECR container images.
architectures (list) –
The architecture of the containers.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
imageShas (list) –
The image SHA values.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
imageTags (list) –
The image tags.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
repositories (list) –
The container repositories.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceIds (list) –
The container resource IDs.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort by.
sortOrder (string) –
The sort order (ascending or descending).
ec2InstanceAggregation (dict) –
An object that contains details about an aggregation request based on Amazon EC2 instances.
amis (list) –
The AMI IDs associated with the Amazon EC2 instances to aggregate findings for.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
instanceIds (list) –
The Amazon EC2 instance IDs to aggregate findings for.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
instanceTags (list) –
The Amazon EC2 instance tags to aggregate findings for.
(dict) –
An object that describes details of a map filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
key (string) – [REQUIRED]
The tag key used in the filter.
value (string) –
The tag value used in the filter.
operatingSystems (list) –
The operating system types to aggregate findings for. Valid values must be uppercase and underscore separated, examples are ORACLE_LINUX_7 and ALPINE_LINUX_3_8 .
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
findingTypeAggregation (dict) –
An object that contains details about an aggregation request based on finding types.
findingType (string) –
The finding type to aggregate.
resourceType (string) –
The resource type to aggregate.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
imageLayerAggregation (dict) –
An object that contains details about an aggregation request based on container image layers.
layerHashes (list) –
The hashes associated with the layers.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
repositories (list) –
The repository associated with the container image hosting the layers.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceIds (list) –
The ID of the container image layer.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
packageAggregation (dict) –
An object that contains details about an aggregation request based on operating system package type.
packageNames (list) –
The names of packages to aggregate findings on.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
repositoryAggregation (dict) –
An object that contains details about an aggregation request based on Amazon ECR repositories.
repositories (list) –
The names of repositories to aggregate findings on.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
titleAggregation (dict) –
An object that contains details about an aggregation request based on finding title.
resourceType (string) –
The resource type to aggregate on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
titles (list) –
The finding titles to aggregate on.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilityIds (list) –
The vulnerability IDs of the findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
aggregationType (string) –
[REQUIRED]
The type of the aggregation request.
maxResults (integer) – The maximum number of results to return in the response.
nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
dict
Response Syntax
{
'aggregationType': 'FINDING_TYPE'|'PACKAGE'|'TITLE'|'REPOSITORY'|'AMI'|'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER'|'IMAGE_LAYER'|'ACCOUNT',
'nextToken': 'string',
'responses': [
{
'accountAggregation': {
'accountId': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'amiAggregation': {
'accountId': 'string',
'affectedInstances': 123,
'ami': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'awsEcrContainerAggregation': {
'accountId': 'string',
'architecture': 'string',
'imageSha': 'string',
'imageTags': [
'string',
],
'repository': 'string',
'resourceId': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'ec2InstanceAggregation': {
'accountId': 'string',
'ami': 'string',
'instanceId': 'string',
'instanceTags': {
'string': 'string'
},
'networkFindings': 123,
'operatingSystem': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'findingTypeAggregation': {
'accountId': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'imageLayerAggregation': {
'accountId': 'string',
'layerHash': 'string',
'repository': 'string',
'resourceId': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'packageAggregation': {
'accountId': 'string',
'packageName': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'repositoryAggregation': {
'accountId': 'string',
'affectedImages': 123,
'repository': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'titleAggregation': {
'accountId': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
},
'title': 'string',
'vulnerabilityId': 'string'
}
},
]
}
Response Structure
(dict) –
aggregationType (string) –
The type of aggregation to perform.
nextToken (string) –
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
responses (list) –
Objects that contain the results of an aggregation operation.
(dict) –
A structure that contains details about the results of an aggregation type.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: accountAggregation, amiAggregation, awsEcrContainerAggregation, ec2InstanceAggregation, findingTypeAggregation, imageLayerAggregation, packageAggregation, repositoryAggregation, titleAggregation. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
accountAggregation (dict) –
An object that contains details about an aggregation response based on Amazon Web Services account IDs.
accountId (string) –
The Amazon Web Services account ID.
severityCounts (dict) –
The number of findings by severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
amiAggregation (dict) –
An object that contains details about an aggregation response based on Amazon Machine Images (AMIs).
accountId (string) –
The Amazon Web Services account ID that the AMI belongs.
affectedInstances (integer) –
The IDs of Amazon EC2 instances using this AMI.
ami (string) –
The ID of the AMI that findings were aggregated for.
severityCounts (dict) –
An object that contains the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
awsEcrContainerAggregation (dict) –
An object that contains details about an aggregation response based on Amazon ECR container images.
accountId (string) –
The Amazon Web Services account ID of the account that owns the container.
architecture (string) –
The architecture of the container.
imageSha (string) –
The SHA value of the container image.
imageTags (list) –
The container image stags.
(string) –
repository (string) –
The container repository.
resourceId (string) –
The resource ID of the container.
severityCounts (dict) –
The number of finding by severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
ec2InstanceAggregation (dict) –
An object that contains details about an aggregation response based on Amazon EC2 instances.
accountId (string) –
The Amazon Web Services account the Amazon EC2 instance belongs to.
ami (string) –
The Amazon Machine Image (AMI) of the Amazon EC2 instance.
instanceId (string) –
The Amazon EC2 instance ID.
instanceTags (dict) –
The tags attached to the instance.
(string) –
(string) –
networkFindings (integer) –
The number of network findings for the Amazon EC2 instance.
operatingSystem (string) –
The operating system of the Amazon EC2 instance.
severityCounts (dict) –
An object that contains the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
findingTypeAggregation (dict) –
An object that contains details about an aggregation response based on finding types.
accountId (string) –
The ID of the Amazon Web Services account associated with the findings.
severityCounts (dict) –
The value to sort results by.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
imageLayerAggregation (dict) –
An object that contains details about an aggregation response based on container image layers.
accountId (string) –
The ID of the Amazon Web Services account that owns the container image hosting the layer image.
layerHash (string) –
The layer hash.
repository (string) –
The repository the layer resides in.
resourceId (string) –
The resource ID of the container image layer.
severityCounts (dict) –
An object that represents the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
packageAggregation (dict) –
An object that contains details about an aggregation response based on operating system package type.
accountId (string) –
The ID of the Amazon Web Services account associated with the findings.
packageName (string) –
The name of the operating system package.
severityCounts (dict) –
An object that contains the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
repositoryAggregation (dict) –
An object that contains details about an aggregation response based on Amazon ECR repositories.
accountId (string) –
The ID of the Amazon Web Services account associated with the findings.
affectedImages (integer) –
The number of container images impacted by the findings.
repository (string) –
The name of the repository associated with the findings.
severityCounts (dict) –
An object that represent the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
titleAggregation (dict) –
An object that contains details about an aggregation response based on finding title.
accountId (string) –
The ID of the Amazon Web Services account associated with the findings.
severityCounts (dict) –
An object that represent the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
title (string) –
The title that the findings were aggregated on.
vulnerabilityId (string) –
The vulnerability ID of the finding.
Exceptions
list_findings(**kwargs)¶Lists findings for your environment.
See also: AWS API Documentation
Request Syntax
response = client.list_findings(
filterCriteria={
'awsAccountId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceImageId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceSubnetId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceVpcId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageArchitecture': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageHash': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImagePushedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'ecrImageRegistry': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageRepositoryName': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingArn': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingStatus': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'firstObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'inspectorScore': [
{
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
],
'lastObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'networkProtocol': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'portRange': [
{
'beginInclusive': 123,
'endInclusive': 123
},
],
'relatedVulnerabilities': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'severity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'title': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'updatedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'vendorSeverity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilityId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilitySource': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerablePackages': [
{
'architecture': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'epoch': {
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
'name': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'release': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'sourceLayerHash': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'version': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
}
},
]
},
maxResults=123,
nextToken='string',
sortCriteria={
'field': 'AWS_ACCOUNT_ID'|'FINDING_TYPE'|'SEVERITY'|'FIRST_OBSERVED_AT'|'LAST_OBSERVED_AT'|'FINDING_STATUS'|'RESOURCE_TYPE'|'ECR_IMAGE_PUSHED_AT'|'ECR_IMAGE_REPOSITORY_NAME'|'ECR_IMAGE_REGISTRY'|'NETWORK_PROTOCOL'|'COMPONENT_TYPE'|'VULNERABILITY_ID'|'VULNERABILITY_SOURCE'|'INSPECTOR_SCORE'|'VENDOR_SEVERITY',
'sortOrder': 'ASC'|'DESC'
}
)
filterCriteria (dict) –
Details on the filters to apply to your finding results.
awsAccountId (list) –
Details of the Amazon Web Services account IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
componentId (list) –
Details of the component IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
componentType (list) –
Details of the component types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceImageId (list) –
Details of the Amazon EC2 instance image IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceSubnetId (list) –
Details of the Amazon EC2 instance subnet IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceVpcId (list) –
Details of the Amazon EC2 instance VPC IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageArchitecture (list) –
Details of the Amazon ECR image architecture types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageHash (list) –
Details of the Amazon ECR image hashes used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImagePushedAt (list) –
Details on the Amazon ECR image push date and time used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
ecrImageRegistry (list) –
Details on the Amazon ECR registry used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageRepositoryName (list) –
Details on the name of the Amazon ECR repository used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageTags (list) –
The tags attached to the Amazon ECR container image.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingArn (list) –
Details on the finding ARNs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingStatus (list) –
Details on the finding status types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingType (list) –
Details on the finding types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
firstObservedAt (list) –
Details on the date and time a finding was first seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
inspectorScore (list) –
The Amazon Inspector score to filter on.
(dict) –
An object that describes the details of a number filter.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
lastObservedAt (list) –
Details on the date and time a finding was last seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
networkProtocol (list) –
Details on the ingress source addresses used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
portRange (list) –
Details on the port ranges used to filter findings.
(dict) –
An object that describes the details of a port range filter.
beginInclusive (integer) –
The port number the port range begins at.
endInclusive (integer) –
The port number the port range ends at.
relatedVulnerabilities (list) –
Details on the related vulnerabilities used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceId (list) –
Details on the resource IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceTags (list) –
Details on the resource tags used to filter findings.
(dict) –
An object that describes details of a map filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
key (string) – [REQUIRED]
The tag key used in the filter.
value (string) –
The tag value used in the filter.
resourceType (list) –
Details on the resource types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
severity (list) –
Details on the severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
title (list) –
Details on the finding title used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
updatedAt (list) –
Details on the date and time a finding was last updated at used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
vendorSeverity (list) –
Details on the vendor severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilityId (list) –
Details on the vulnerability ID used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilitySource (list) –
Details on the vulnerability type used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerablePackages (list) –
Details on the vulnerable packages used to filter findings.
(dict) –
Contains information on the details of a package filter.
architecture (dict) –
An object that contains details on the package architecture type to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
epoch (dict) –
An object that contains details on the package epoch to filter on.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
name (dict) –
An object that contains details on the name of the package to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
release (dict) –
An object that contains details on the package release to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sourceLayerHash (dict) –
An object that contains details on the source layer hash to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
version (dict) –
The package version to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
maxResults (integer) – The maximum number of results to return in the response.
nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
sortCriteria (dict) –
Details on the sort criteria to apply to your finding results.
field (string) – [REQUIRED]
The finding detail field by which results are sorted.
sortOrder (string) – [REQUIRED]
The order by which findings are sorted.
dict
Response Syntax
{
'findings': [
{
'awsAccountId': 'string',
'description': 'string',
'findingArn': 'string',
'firstObservedAt': datetime(2015, 1, 1),
'inspectorScore': 123.0,
'inspectorScoreDetails': {
'adjustedCvss': {
'adjustments': [
{
'metric': 'string',
'reason': 'string'
},
],
'cvssSource': 'string',
'score': 123.0,
'scoreSource': 'string',
'scoringVector': 'string',
'version': 'string'
}
},
'lastObservedAt': datetime(2015, 1, 1),
'networkReachabilityDetails': {
'networkPath': {
'steps': [
{
'componentId': 'string',
'componentType': 'string'
},
]
},
'openPortRange': {
'begin': 123,
'end': 123
},
'protocol': 'TCP'|'UDP'
},
'packageVulnerabilityDetails': {
'cvss': [
{
'baseScore': 123.0,
'scoringVector': 'string',
'source': 'string',
'version': 'string'
},
],
'referenceUrls': [
'string',
],
'relatedVulnerabilities': [
'string',
],
'source': 'string',
'sourceUrl': 'string',
'vendorCreatedAt': datetime(2015, 1, 1),
'vendorSeverity': 'string',
'vendorUpdatedAt': datetime(2015, 1, 1),
'vulnerabilityId': 'string',
'vulnerablePackages': [
{
'arch': 'string',
'epoch': 123,
'filePath': 'string',
'fixedInVersion': 'string',
'name': 'string',
'packageManager': 'BUNDLER'|'CARGO'|'COMPOSER'|'NPM'|'NUGET'|'PIPENV'|'POETRY'|'YARN'|'GOBINARY'|'GOMOD'|'JAR'|'OS',
'release': 'string',
'sourceLayerHash': 'string',
'version': 'string'
},
]
},
'remediation': {
'recommendation': {
'Url': 'string',
'text': 'string'
}
},
'resources': [
{
'details': {
'awsEc2Instance': {
'iamInstanceProfileArn': 'string',
'imageId': 'string',
'ipV4Addresses': [
'string',
],
'ipV6Addresses': [
'string',
],
'keyName': 'string',
'launchedAt': datetime(2015, 1, 1),
'platform': 'string',
'subnetId': 'string',
'type': 'string',
'vpcId': 'string'
},
'awsEcrContainerImage': {
'architecture': 'string',
'author': 'string',
'imageHash': 'string',
'imageTags': [
'string',
],
'platform': 'string',
'pushedAt': datetime(2015, 1, 1),
'registry': 'string',
'repositoryName': 'string'
}
},
'id': 'string',
'partition': 'string',
'region': 'string',
'tags': {
'string': 'string'
},
'type': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY'
},
],
'severity': 'INFORMATIONAL'|'LOW'|'MEDIUM'|'HIGH'|'CRITICAL'|'UNTRIAGED',
'status': 'ACTIVE'|'SUPPRESSED'|'CLOSED',
'title': 'string',
'type': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY',
'updatedAt': datetime(2015, 1, 1)
},
],
'nextToken': 'string'
}
Response Structure
(dict) –
findings (list) –
Contains details on the findings in your environment.
(dict) –
Details about an Amazon Inspector finding.
awsAccountId (string) –
The Amazon Web Services account ID associated with the finding.
description (string) –
The description of the finding.
findingArn (string) –
The Amazon Resource Number (ARN) of the finding.
firstObservedAt (datetime) –
The date and time that the finding was first observed.
inspectorScore (float) –
The Amazon Inspector score given to the finding.
inspectorScoreDetails (dict) –
An object that contains details of the Amazon Inspector score.
adjustedCvss (dict) –
An object that contains details about the CVSS score given to a finding.
adjustments (list) –
An object that contains details about adjustment Amazon Inspector made to the CVSS score.
(dict) –
Details on adjustments Amazon Inspector made to the CVSS score for a finding.
metric (string) –
The metric used to adjust the CVSS score.
reason (string) –
The reason the CVSS score has been adjustment.
cvssSource (string) –
The source of the CVSS data.
score (float) –
The CVSS score.
scoreSource (string) –
The source for the CVSS score.
scoringVector (string) –
The vector for the CVSS score.
version (string) –
The CVSS version used in scoring.
lastObservedAt (datetime) –
The date and time that the finding was last observed.
networkReachabilityDetails (dict) –
An object that contains the details of a network reachability finding.
networkPath (dict) –
An object that contains details about a network path associated with a finding.
steps (list) –
The details on the steps in the network path.
(dict) –
Details about the step associated with a finding.
componentId (string) –
The component ID.
componentType (string) –
The component type.
openPortRange (dict) –
An object that contains details about the open port range associated with a finding.
begin (integer) –
The beginning port in a port range.
end (integer) –
The ending port in a port range.
protocol (string) –
The protocol associated with a finding.
packageVulnerabilityDetails (dict) –
An object that contains the details of a package vulnerability finding.
cvss (list) –
An object that contains details about the CVSS score of a finding.
(dict) –
The CVSS score for a finding.
baseScore (float) –
The base CVSS score used for the finding.
scoringVector (string) –
The vector string of the CVSS score.
source (string) –
The source of the CVSS score.
version (string) –
The version of CVSS used for the score.
referenceUrls (list) –
One or more URLs that contain details about this vulnerability type.
(string) –
relatedVulnerabilities (list) –
One or more vulnerabilities related to the one identified in this finding.
(string) –
source (string) –
The source of the vulnerability information.
sourceUrl (string) –
A URL to the source of the vulnerability information.
vendorCreatedAt (datetime) –
The date and time that this vulnerability was first added to the vendor’s database.
vendorSeverity (string) –
The severity the vendor has given to this vulnerability type.
vendorUpdatedAt (datetime) –
The date and time the vendor last updated this vulnerability in their database.
vulnerabilityId (string) –
The ID given to this vulnerability.
vulnerablePackages (list) –
The packages impacted by this vulnerability.
(dict) –
Information on the vulnerable package identified by a finding.
arch (string) –
The architecture of the vulnerable package.
epoch (integer) –
The epoch of the vulnerable package.
filePath (string) –
The file path of the vulnerable package.
fixedInVersion (string) –
The version of the package that contains the vulnerability fix.
name (string) –
The name of the vulnerable package.
packageManager (string) –
The package manager of the vulnerable package.
release (string) –
The release of the vulnerable package.
sourceLayerHash (string) –
The source layer hash of the vulnerable package.
version (string) –
The version of the vulnerable package.
remediation (dict) –
An object that contains the details about how to remediate a finding.
recommendation (dict) –
An object that contains information about the recommended course of action to remediate the finding.
Url (string) –
The URL address to the CVE remediation recommendations.
text (string) –
The recommended course of action to remediate the finding.
resources (list) –
Contains information on the resources involved in a finding.
(dict) –
Details about the resource involved in a finding.
details (dict) –
An object that contains details about the resource involved in a finding.
awsEc2Instance (dict) –
An object that contains details about the Amazon EC2 instance involved in the finding.
iamInstanceProfileArn (string) –
The IAM instance profile ARN of the Amazon EC2 instance.
imageId (string) –
The image ID of the Amazon EC2 instance.
ipV4Addresses (list) –
The IPv4 addresses of the Amazon EC2 instance.
(string) –
ipV6Addresses (list) –
The IPv6 addresses of the Amazon EC2 instance.
(string) –
keyName (string) –
The name of the key pair used to launch the Amazon EC2 instance.
launchedAt (datetime) –
The date and time the Amazon EC2 instance was launched at.
platform (string) –
The platform of the Amazon EC2 instance.
subnetId (string) –
The subnet ID of the Amazon EC2 instance.
type (string) –
The type of the Amazon EC2 instance.
vpcId (string) –
The VPC ID of the Amazon EC2 instance.
awsEcrContainerImage (dict) –
An object that contains details about the Amazon ECR container image involved in the finding.
architecture (string) –
The architecture of the Amazon ECR container image.
author (string) –
The image author of the Amazon ECR container image.
imageHash (string) –
The image hash of the Amazon ECR container image.
imageTags (list) –
The image tags attached to the Amazon ECR container image.
(string) –
platform (string) –
The platform of the Amazon ECR container image.
pushedAt (datetime) –
The date and time the Amazon ECR container image was pushed.
registry (string) –
The registry the Amazon ECR container image belongs to.
repositoryName (string) –
The name of the repository the Amazon ECR container image resides in.
id (string) –
The ID of the resource.
partition (string) –
The partition of the resource.
region (string) –
The Amazon Web Services Region the impacted resource is located in.
tags (dict) –
The tags attached to the resource.
(string) –
(string) –
type (string) –
The type of resource.
severity (string) –
The severity of the finding.
status (string) –
The status of the finding.
title (string) –
The title of the finding.
type (string) –
The type of the finding.
updatedAt (datetime) –
The date and time the finding was last updated at.
nextToken (string) –
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
Exceptions
list_members(**kwargs)¶List members associated with the Amazon Inspector delegated administrator for your organization.
See also: AWS API Documentation
Request Syntax
response = client.list_members(
maxResults=123,
nextToken='string',
onlyAssociated=True|False
)
maxResults (integer) – The maximum number of results to return in the response.
nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
onlyAssociated (boolean) – Specifies whether to list only currently associated members if True or to list all members within the organization if False .
dict
Response Syntax
{
'members': [
{
'accountId': 'string',
'delegatedAdminAccountId': 'string',
'relationshipStatus': 'CREATED'|'INVITED'|'DISABLED'|'ENABLED'|'REMOVED'|'RESIGNED'|'DELETED'|'EMAIL_VERIFICATION_IN_PROGRESS'|'EMAIL_VERIFICATION_FAILED'|'REGION_DISABLED'|'ACCOUNT_SUSPENDED'|'CANNOT_CREATE_DETECTOR_IN_ORG_MASTER',
'updatedAt': datetime(2015, 1, 1)
},
],
'nextToken': 'string'
}
Response Structure
(dict) –
members (list) –
An object that contains details for each member account.
(dict) –
Details on a member account in your organization.
accountId (string) –
The Amazon Web Services account ID of the member account.
delegatedAdminAccountId (string) –
The Amazon Web Services account ID of the Amazon Inspector delegated administrator for this member account.
relationshipStatus (string) –
The status of the member account.
updatedAt (datetime) –
A timestamp showing when the status of this member was last updated.
nextToken (string) –
The pagination parameter to be used on the next list operation to retrieve more items.
Exceptions
Lists all tags attached to a given resource.
See also: AWS API Documentation
Request Syntax
response = client.list_tags_for_resource(
resourceArn='string'
)
resourceArn (string) –
[REQUIRED]
The Amazon resource number (ARN) of the resource to list tags of.
dict
Response Syntax
{
'tags': {
'string': 'string'
}
}
Response Structure
(dict) –
tags (dict) –
The tags associated with the resource.
(string) –
(string) –
Exceptions
list_usage_totals(**kwargs)¶Lists the Amazon Inspector usage totals over the last 30 days.
See also: AWS API Documentation
Request Syntax
response = client.list_usage_totals(
accountIds=[
'string',
],
maxResults=123,
nextToken='string'
)
accountIds (list) –
The Amazon Web Services account IDs to retrieve usage totals for.
(string) –
maxResults (integer) – The maximum number of results to return in the response.
nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
dict
Response Syntax
{
'nextToken': 'string',
'totals': [
{
'accountId': 'string',
'usage': [
{
'currency': 'USD',
'estimatedMonthlyCost': 123.0,
'total': 123.0,
'type': 'EC2_INSTANCE_HOURS'|'ECR_INITIAL_SCAN'|'ECR_RESCAN'
},
]
},
]
}
Response Structure
(dict) –
nextToken (string) –
The pagination parameter to be used on the next list operation to retrieve more items.
totals (list) –
An object with details on the total usage for the requested account.
(dict) –
The total of usage for an account ID.
accountId (string) –
The account ID of the account that usage data was retrieved for.
usage (list) –
An object representing the total usage for an account.
(dict) –
Contains usage information about the cost of Amazon Inspector operation.
currency (string) –
The currency type used when calculating usage data.
estimatedMonthlyCost (float) –
The estimated monthly cost of Amazon Inspector.
total (float) –
The total of usage.
type (string) –
The type scan.
Exceptions
tag_resource(**kwargs)¶Adds tags to a resource.
See also: AWS API Documentation
Request Syntax
response = client.tag_resource(
resourceArn='string',
tags={
'string': 'string'
}
)
resourceArn (string) –
[REQUIRED]
The Amazon Resource Name (ARN) of the resource to apply a tag to.
tags (dict) –
[REQUIRED]
The tags to be added to a resource.
(string) –
(string) –
dict
Response Syntax
{}
Response Structure
(dict) –
Exceptions
untag_resource(**kwargs)¶Removes tags from a resource.
See also: AWS API Documentation
Request Syntax
response = client.untag_resource(
resourceArn='string',
tagKeys=[
'string',
]
)
resourceArn (string) –
[REQUIRED]
The Amazon Resource Name (ARN) for the resource to remove tags from.
tagKeys (list) –
[REQUIRED]
The tag keys to remove from the resource.
(string) –
dict
Response Syntax
{}
Response Structure
(dict) –
Exceptions
update_filter(**kwargs)¶Specifies the action that is to be applied to the findings that match the filter.
See also: AWS API Documentation
Request Syntax
response = client.update_filter(
action='NONE'|'SUPPRESS',
description='string',
filterArn='string',
filterCriteria={
'awsAccountId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceImageId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceSubnetId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceVpcId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageArchitecture': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageHash': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImagePushedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'ecrImageRegistry': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageRepositoryName': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingArn': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingStatus': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'firstObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'inspectorScore': [
{
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
],
'lastObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'networkProtocol': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'portRange': [
{
'beginInclusive': 123,
'endInclusive': 123
},
],
'relatedVulnerabilities': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'severity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'title': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'updatedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'vendorSeverity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilityId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilitySource': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerablePackages': [
{
'architecture': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'epoch': {
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
'name': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'release': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'sourceLayerHash': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'version': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
}
},
]
},
name='string'
)
action (string) – Specifies the action that is to be applied to the findings that match the filter.
description (string) – A description of the filter.
filterArn (string) –
[REQUIRED]
The Amazon Resource Number (ARN) of the filter to update.
filterCriteria (dict) –
Defines the criteria to be update in the filter.
awsAccountId (list) –
Details of the Amazon Web Services account IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
componentId (list) –
Details of the component IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
componentType (list) –
Details of the component types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceImageId (list) –
Details of the Amazon EC2 instance image IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceSubnetId (list) –
Details of the Amazon EC2 instance subnet IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceVpcId (list) –
Details of the Amazon EC2 instance VPC IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageArchitecture (list) –
Details of the Amazon ECR image architecture types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageHash (list) –
Details of the Amazon ECR image hashes used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImagePushedAt (list) –
Details on the Amazon ECR image push date and time used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
ecrImageRegistry (list) –
Details on the Amazon ECR registry used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageRepositoryName (list) –
Details on the name of the Amazon ECR repository used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageTags (list) –
The tags attached to the Amazon ECR container image.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingArn (list) –
Details on the finding ARNs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingStatus (list) –
Details on the finding status types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingType (list) –
Details on the finding types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
firstObservedAt (list) –
Details on the date and time a finding was first seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
inspectorScore (list) –
The Amazon Inspector score to filter on.
(dict) –
An object that describes the details of a number filter.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
lastObservedAt (list) –
Details on the date and time a finding was last seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
networkProtocol (list) –
Details on the ingress source addresses used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
portRange (list) –
Details on the port ranges used to filter findings.
(dict) –
An object that describes the details of a port range filter.
beginInclusive (integer) –
The port number the port range begins at.
endInclusive (integer) –
The port number the port range ends at.
relatedVulnerabilities (list) –
Details on the related vulnerabilities used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceId (list) –
Details on the resource IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceTags (list) –
Details on the resource tags used to filter findings.
(dict) –
An object that describes details of a map filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
key (string) – [REQUIRED]
The tag key used in the filter.
value (string) –
The tag value used in the filter.
resourceType (list) –
Details on the resource types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
severity (list) –
Details on the severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
title (list) –
Details on the finding title used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
updatedAt (list) –
Details on the date and time a finding was last updated at used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
vendorSeverity (list) –
Details on the vendor severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilityId (list) –
Details on the vulnerability ID used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilitySource (list) –
Details on the vulnerability type used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerablePackages (list) –
Details on the vulnerable packages used to filter findings.
(dict) –
Contains information on the details of a package filter.
architecture (dict) –
An object that contains details on the package architecture type to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
epoch (dict) –
An object that contains details on the package epoch to filter on.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
name (dict) –
An object that contains details on the name of the package to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
release (dict) –
An object that contains details on the package release to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sourceLayerHash (dict) –
An object that contains details on the source layer hash to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
version (dict) –
The package version to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
name (string) – The name of the filter.
dict
Response Syntax
{
'arn': 'string'
}
Response Structure
(dict) –
arn (string) –
The Amazon Resource Number (ARN) of the successfully updated filter.
Exceptions
update_organization_configuration(**kwargs)¶Updates the configurations for your Amazon Inspector organization.
See also: AWS API Documentation
Request Syntax
response = client.update_organization_configuration(
autoEnable={
'ec2': True|False,
'ecr': True|False
}
)
autoEnable (dict) –
[REQUIRED]
Defines which scan types are enabled automatically for new members of your Amazon Inspector organization.
ec2 (boolean) – [REQUIRED]
Represents whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.
ecr (boolean) – [REQUIRED]
Represents whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.
dict
Response Syntax
{
'autoEnable': {
'ec2': True|False,
'ecr': True|False
}
}
Response Structure
(dict) –
autoEnable (dict) –
The updated status of scan types automatically enabled for new members of your Amazon Inspector organization.
ec2 (boolean) –
Represents whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.
ecr (boolean) –
Represents whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.
Exceptions
Client exceptions are available on a client instance via the exceptions property. For more detailed instructions and examples on the exact usage of client exceptions, see the error handling user guide.
The available client exceptions are:
Inspector2.Client.exceptions.AccessDeniedException¶You do not have sufficient access to perform this action.
Example
try:
...
except client.exceptions.AccessDeniedException as e:
print(e.response)
response¶The parsed error response. All exceptions have a top level Error key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'message': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
You do not have sufficient access to perform this action.
message (string) –
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
Inspector2.Client.exceptions.BadRequestException¶One or more tags submitted as part of the request is not valid.
Example
try:
...
except client.exceptions.BadRequestException as e:
print(e.response)
response¶The parsed error response. All exceptions have a top level Error key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'message': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
One or more tags submitted as part of the request is not valid.
message (string) –
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
Inspector2.Client.exceptions.ConflictException¶A conflict occurred.
Example
try:
...
except client.exceptions.ConflictException as e:
print(e.response)
response¶The parsed error response. All exceptions have a top level Error key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'message': 'string',
'resourceId': 'string',
'resourceType': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
A conflict occurred.
message (string) –
resourceId (string) –
The ID of the conflicting resource.
resourceType (string) –
The type of the conflicting resource.
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
Inspector2.Client.exceptions.InternalServerException¶The request has failed due to an internal failure of the Amazon Inspector service.
Example
try:
...
except client.exceptions.InternalServerException as e:
print(e.response)
response¶The parsed error response. All exceptions have a top level Error key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'message': 'string',
'retryAfterSeconds': 123,
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
The request has failed due to an internal failure of the Amazon Inspector service.
message (string) –
retryAfterSeconds (integer) –
The number of seconds to wait before retrying the request.
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
Inspector2.Client.exceptions.ResourceNotFoundException¶The operation tried to access an invalid resource. Make sure the resource is specified correctly.
Example
try:
...
except client.exceptions.ResourceNotFoundException as e:
print(e.response)
response¶The parsed error response. All exceptions have a top level Error key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'message': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
message (string) –
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
Inspector2.Client.exceptions.ServiceQuotaExceededException¶You have exceeded your service quota. To perform the requested action, remove some of the relevant resources, or use Service Quotas to request a service quota increase.
Example
try:
...
except client.exceptions.ServiceQuotaExceededException as e:
print(e.response)
response¶The parsed error response. All exceptions have a top level Error key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'message': 'string',
'resourceId': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
You have exceeded your service quota. To perform the requested action, remove some of the relevant resources, or use Service Quotas to request a service quota increase.
message (string) –
resourceId (string) –
The ID of the resource that exceeds a service quota.
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
Inspector2.Client.exceptions.ThrottlingException¶The limit on the number of requests per second was exceeded.
Example
try:
...
except client.exceptions.ThrottlingException as e:
print(e.response)
response¶The parsed error response. All exceptions have a top level Error key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'message': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
The limit on the number of requests per second was exceeded.
message (string) –
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
Inspector2.Client.exceptions.ValidationException¶The request has failed validation due to missing required fields or having invalid inputs.
Example
try:
...
except client.exceptions.ValidationException as e:
print(e.response)
response¶The parsed error response. All exceptions have a top level Error key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'fields': [
{
'message': 'string',
'name': 'string'
},
],
'message': 'string',
'reason': 'CANNOT_PARSE'|'FIELD_VALIDATION_FAILED'|'OTHER',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
The request has failed validation due to missing required fields or having invalid inputs.
fields (list) –
The fields that failed validation.
(dict) –
An object that describes a validation exception.
message (string) –
The validation exception message.
name (string) –
The name of the validation exception.
message (string) –
reason (string) –
The reason for the validation failure.
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
The available paginators are:
Inspector2.Paginator.ListAccountPermissions¶paginator = client.get_paginator('list_account_permissions')
paginate(**kwargs)¶Creates an iterator that will paginate through responses from Inspector2.Client.list_account_permissions().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
service='EC2'|'ECR',
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
service (string) – The service scan type to check permissions for.
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'permissions': [
{
'operation': 'ENABLE_SCANNING'|'DISABLE_SCANNING'|'ENABLE_REPOSITORY'|'DISABLE_REPOSITORY',
'service': 'EC2'|'ECR'
},
],
'NextToken': 'string'
}
Response Structure
(dict) –
permissions (list) –
Contains details on the permissions an account has to configure Amazon Inspector.
(dict) –
Contains information on the permissions an account has within Amazon Inspector.
operation (string) –
The operations that can be performed with the given permissions.
service (string) –
The services that the permissions allow an account to perform the given operations for.
NextToken (string) –
A token to resume pagination.
Inspector2.Paginator.ListCoverage¶paginator = client.get_paginator('list_coverage')
paginate(**kwargs)¶Creates an iterator that will paginate through responses from Inspector2.Client.list_coverage().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
filterCriteria={
'accountId': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrRepositoryName': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanStatusCode': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanStatusReason': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanType': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
]
},
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
filterCriteria (dict) –
An object that contains details on the filters to apply to the coverage data for your environment.
accountId (list) –
An array of Amazon Web Services account IDs to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
ec2InstanceTags (list) –
The Amazon EC2 instance tags to filter on.
(dict) –
Contains details of a coverage map filter.
comparison (string) – [REQUIRED]
The operator to compare coverage on.
key (string) – [REQUIRED]
The tag key associated with the coverage map filter.
value (string) –
The tag value associated with the coverage map filter.
ecrImageTags (list) –
The Amazon ECR image tags to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
ecrRepositoryName (list) –
The Amazon ECR repository name to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
resourceId (list) –
An array of Amazon Web Services resource IDs to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
resourceType (list) –
An array of Amazon Web Services resource types to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanStatusCode (list) –
The scan status code to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanStatusReason (list) –
The scan status reason to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanType (list) –
An array of Amazon Inspector scan types to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'coveredResources': [
{
'accountId': 'string',
'resourceId': 'string',
'resourceMetadata': {
'ec2': {
'amiId': 'string',
'platform': 'WINDOWS'|'LINUX'|'UNKNOWN',
'tags': {
'string': 'string'
}
},
'ecrImage': {
'tags': [
'string',
]
},
'ecrRepository': {
'name': 'string',
'scanFrequency': 'MANUAL'|'SCAN_ON_PUSH'|'CONTINUOUS_SCAN'
}
},
'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY',
'scanStatus': {
'reason': 'PENDING_INITIAL_SCAN'|'ACCESS_DENIED'|'INTERNAL_ERROR'|'UNMANAGED_EC2_INSTANCE'|'UNSUPPORTED_OS'|'SCAN_ELIGIBILITY_EXPIRED'|'RESOURCE_TERMINATED'|'SUCCESSFUL'|'NO_RESOURCES_FOUND'|'IMAGE_SIZE_EXCEEDED'|'SCAN_FREQUENCY_MANUAL'|'SCAN_FREQUENCY_SCAN_ON_PUSH'|'EC2_INSTANCE_STOPPED',
'statusCode': 'ACTIVE'|'INACTIVE'
},
'scanType': 'NETWORK'|'PACKAGE'
},
],
'NextToken': 'string'
}
Response Structure
(dict) –
coveredResources (list) –
An object that contains details on the covered resources in your environment.
(dict) –
An object that contains details about a resource covered by Amazon Inspector.
accountId (string) –
The Amazon Web Services account ID of the covered resource.
resourceId (string) –
The ID of the covered resource.
resourceMetadata (dict) –
An object that contains details about the metadata.
ec2 (dict) –
An object that contains metadata details for an Amazon EC2 instance.
amiId (string) –
The ID of the Amazon Machine Image (AMI) used to launch the instance.
platform (string) –
The platform of the instance.
tags (dict) –
The tags attached to the instance.
(string) –
(string) –
ecrImage (dict) –
An object that contains details about the container metadata for an Amazon ECR image.
tags (list) –
Tags associated with the Amazon ECR image metadata.
(string) –
ecrRepository (dict) –
An object that contains details about the repository an Amazon ECR image resides in.
name (string) –
The name of the Amazon ECR repository.
scanFrequency (string) –
The frequency of scans.
resourceType (string) –
The type of the covered resource.
scanStatus (dict) –
The status of the scan covering the resource.
reason (string) –
The reason for the scan.
statusCode (string) –
The status code of the scan.
scanType (string) –
The Amazon Inspector scan type covering the resource.
NextToken (string) –
A token to resume pagination.
Inspector2.Paginator.ListCoverageStatistics¶paginator = client.get_paginator('list_coverage_statistics')
paginate(**kwargs)¶Creates an iterator that will paginate through responses from Inspector2.Client.list_coverage_statistics().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
filterCriteria={
'accountId': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrRepositoryName': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanStatusCode': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanStatusReason': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
],
'scanType': [
{
'comparison': 'EQUALS'|'NOT_EQUALS',
'value': 'string'
},
]
},
groupBy='SCAN_STATUS_CODE'|'SCAN_STATUS_REASON'|'ACCOUNT_ID'|'RESOURCE_TYPE'|'ECR_REPOSITORY_NAME',
PaginationConfig={
'MaxItems': 123,
'StartingToken': 'string'
}
)
filterCriteria (dict) –
An object that contains details on the filters to apply to the coverage data for your environment.
accountId (list) –
An array of Amazon Web Services account IDs to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
ec2InstanceTags (list) –
The Amazon EC2 instance tags to filter on.
(dict) –
Contains details of a coverage map filter.
comparison (string) – [REQUIRED]
The operator to compare coverage on.
key (string) – [REQUIRED]
The tag key associated with the coverage map filter.
value (string) –
The tag value associated with the coverage map filter.
ecrImageTags (list) –
The Amazon ECR image tags to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
ecrRepositoryName (list) –
The Amazon ECR repository name to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
resourceId (list) –
An array of Amazon Web Services resource IDs to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
resourceType (list) –
An array of Amazon Web Services resource types to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanStatusCode (list) –
The scan status code to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanStatusReason (list) –
The scan status reason to filter on.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
scanType (list) –
An array of Amazon Inspector scan types to return coverage statistics for.
(dict) –
Contains details of a coverage string filter.
comparison (string) – [REQUIRED]
The operator to compare strings on.
value (string) – [REQUIRED]
The value to compare strings on.
groupBy (string) – The value to group the results by.
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'countsByGroup': [
{
'count': 123,
'groupKey': 'SCAN_STATUS_CODE'|'SCAN_STATUS_REASON'|'ACCOUNT_ID'|'RESOURCE_TYPE'|'ECR_REPOSITORY_NAME'
},
],
'totalCounts': 123,
'NextToken': 'string'
}
Response Structure
(dict) –
countsByGroup (list) –
An array with the number for each group.
(dict) –
a structure that contains information on the count of resources within a group.
count (integer) –
The number of resources.
groupKey (string) –
The key associated with this group
totalCounts (integer) –
The total number for all groups.
NextToken (string) –
A token to resume pagination.
Inspector2.Paginator.ListDelegatedAdminAccounts¶paginator = client.get_paginator('list_delegated_admin_accounts')
paginate(**kwargs)¶Creates an iterator that will paginate through responses from Inspector2.Client.list_delegated_admin_accounts().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'delegatedAdminAccounts': [
{
'accountId': 'string',
'status': 'ENABLED'|'DISABLE_IN_PROGRESS'
},
],
'NextToken': 'string'
}
Response Structure
(dict) –
delegatedAdminAccounts (list) –
Details of the Amazon Inspector delegated administrator of your organization.
(dict) –
Details of the Amazon Inspector delegated administrator for your organization.
accountId (string) –
The Amazon Web Services account ID of the Amazon Inspector delegated administrator for your organization.
status (string) –
The status of the Amazon Inspector delegated administrator.
NextToken (string) –
A token to resume pagination.
Inspector2.Paginator.ListFilters¶paginator = client.get_paginator('list_filters')
paginate(**kwargs)¶Creates an iterator that will paginate through responses from Inspector2.Client.list_filters().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
action='NONE'|'SUPPRESS',
arns=[
'string',
],
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
action (string) – The action the filter applies to matched findings.
arns (list) –
The Amazon resource number (ARN) of the filter.
(string) –
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'filters': [
{
'action': 'NONE'|'SUPPRESS',
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'criteria': {
'awsAccountId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceImageId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceSubnetId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceVpcId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageArchitecture': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageHash': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImagePushedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'ecrImageRegistry': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageRepositoryName': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingArn': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingStatus': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'firstObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'inspectorScore': [
{
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
],
'lastObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'networkProtocol': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'portRange': [
{
'beginInclusive': 123,
'endInclusive': 123
},
],
'relatedVulnerabilities': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'severity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'title': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'updatedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'vendorSeverity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilityId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilitySource': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerablePackages': [
{
'architecture': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'epoch': {
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
'name': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'release': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'sourceLayerHash': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'version': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
}
},
]
},
'description': 'string',
'name': 'string',
'ownerId': 'string',
'reason': 'string',
'tags': {
'string': 'string'
},
'updatedAt': datetime(2015, 1, 1)
},
],
'NextToken': 'string'
}
Response Structure
(dict) –
filters (list) –
Contains details on the filters associated with your account.
(dict) –
Details about a filter.
action (string) –
The action that is to be applied to the findings that match the filter.
arn (string) –
The Amazon Resource Number (ARN) associated with this filter.
createdAt (datetime) –
The date and time this filter was created at.
criteria (dict) –
Details on the filter criteria associated with this filter.
awsAccountId (list) –
Details of the Amazon Web Services account IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
componentId (list) –
Details of the component IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
componentType (list) –
Details of the component types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ec2InstanceImageId (list) –
Details of the Amazon EC2 instance image IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ec2InstanceSubnetId (list) –
Details of the Amazon EC2 instance subnet IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ec2InstanceVpcId (list) –
Details of the Amazon EC2 instance VPC IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageArchitecture (list) –
Details of the Amazon ECR image architecture types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageHash (list) –
Details of the Amazon ECR image hashes used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImagePushedAt (list) –
Details on the Amazon ECR image push date and time used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
ecrImageRegistry (list) –
Details on the Amazon ECR registry used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageRepositoryName (list) –
Details on the name of the Amazon ECR repository used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
ecrImageTags (list) –
The tags attached to the Amazon ECR container image.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
findingArn (list) –
Details on the finding ARNs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
findingStatus (list) –
Details on the finding status types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
findingType (list) –
Details on the finding types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
firstObservedAt (list) –
Details on the date and time a finding was first seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
inspectorScore (list) –
The Amazon Inspector score to filter on.
(dict) –
An object that describes the details of a number filter.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
lastObservedAt (list) –
Details on the date and time a finding was last seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
networkProtocol (list) –
Details on the ingress source addresses used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
portRange (list) –
Details on the port ranges used to filter findings.
(dict) –
An object that describes the details of a port range filter.
beginInclusive (integer) –
The port number the port range begins at.
endInclusive (integer) –
The port number the port range ends at.
relatedVulnerabilities (list) –
Details on the related vulnerabilities used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
resourceId (list) –
Details on the resource IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
resourceTags (list) –
Details on the resource tags used to filter findings.
(dict) –
An object that describes details of a map filter.
comparison (string) –
The operator to use when comparing values in the filter.
key (string) –
The tag key used in the filter.
value (string) –
The tag value used in the filter.
resourceType (list) –
Details on the resource types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
severity (list) –
Details on the severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
title (list) –
Details on the finding title used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
updatedAt (list) –
Details on the date and time a finding was last updated at used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
vendorSeverity (list) –
Details on the vendor severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
vulnerabilityId (list) –
Details on the vulnerability ID used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
vulnerabilitySource (list) –
Details on the vulnerability type used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
vulnerablePackages (list) –
Details on the vulnerable packages used to filter findings.
(dict) –
Contains information on the details of a package filter.
architecture (dict) –
An object that contains details on the package architecture type to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
epoch (dict) –
An object that contains details on the package epoch to filter on.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
name (dict) –
An object that contains details on the name of the package to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
release (dict) –
An object that contains details on the package release to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
sourceLayerHash (dict) –
An object that contains details on the source layer hash to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
version (dict) –
The package version to filter on.
comparison (string) –
The operator to use when comparing values in the filter
value (string) –
The value to filter on.
description (string) –
A description of the filter.
name (string) –
The name of the filter.
ownerId (string) –
The Amazon Web Services account ID of the account that created the filter.
reason (string) –
The reason for the filter.
tags (dict) –
The tags attached to the filter.
(string) –
(string) –
updatedAt (datetime) –
The date and time the filter was last updated at.
NextToken (string) –
A token to resume pagination.
Inspector2.Paginator.ListFindingAggregations¶paginator = client.get_paginator('list_finding_aggregations')
paginate(**kwargs)¶Creates an iterator that will paginate through responses from Inspector2.Client.list_finding_aggregations().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
accountIds=[
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
aggregationRequest={
'accountAggregation': {
'findingType': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY',
'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE',
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'amiAggregation': {
'amis': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'CRITICAL'|'HIGH'|'ALL'|'AFFECTED_INSTANCES',
'sortOrder': 'ASC'|'DESC'
},
'awsEcrContainerAggregation': {
'architectures': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'imageShas': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'imageTags': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'repositories': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceIds': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'ec2InstanceAggregation': {
'amis': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'instanceIds': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'instanceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'operatingSystems': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'NETWORK_FINDINGS'|'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'findingTypeAggregation': {
'findingType': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY',
'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE',
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'imageLayerAggregation': {
'layerHashes': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'repositories': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceIds': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'packageAggregation': {
'packageNames': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC'
},
'repositoryAggregation': {
'repositories': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'sortBy': 'CRITICAL'|'HIGH'|'ALL'|'AFFECTED_IMAGES',
'sortOrder': 'ASC'|'DESC'
},
'titleAggregation': {
'resourceType': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE',
'sortBy': 'CRITICAL'|'HIGH'|'ALL',
'sortOrder': 'ASC'|'DESC',
'titles': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilityIds': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
]
}
},
aggregationType='FINDING_TYPE'|'PACKAGE'|'TITLE'|'REPOSITORY'|'AMI'|'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER'|'IMAGE_LAYER'|'ACCOUNT',
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
accountIds (list) –
The Amazon Web Services account IDs to retrieve finding aggregation data for.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
aggregationRequest (dict) –
Details of the aggregation request that is used to filter your aggregation results.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: accountAggregation, amiAggregation, awsEcrContainerAggregation, ec2InstanceAggregation, findingTypeAggregation, imageLayerAggregation, packageAggregation, repositoryAggregation, titleAggregation.
accountAggregation (dict) –
An object that contains details about an aggregation request based on Amazon Web Services account IDs.
findingType (string) –
The type of finding.
resourceType (string) –
The type of resource.
sortBy (string) –
The value to sort by.
sortOrder (string) –
The sort order (ascending or descending).
amiAggregation (dict) –
An object that contains details about an aggregation request based on Amazon Machine Images (AMIs).
amis (list) –
The IDs of AMIs to aggregate findings for.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
awsEcrContainerAggregation (dict) –
An object that contains details about an aggregation request based on Amazon ECR container images.
architectures (list) –
The architecture of the containers.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
imageShas (list) –
The image SHA values.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
imageTags (list) –
The image tags.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
repositories (list) –
The container repositories.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceIds (list) –
The container resource IDs.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort by.
sortOrder (string) –
The sort order (ascending or descending).
ec2InstanceAggregation (dict) –
An object that contains details about an aggregation request based on Amazon EC2 instances.
amis (list) –
The AMI IDs associated with the Amazon EC2 instances to aggregate findings for.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
instanceIds (list) –
The Amazon EC2 instance IDs to aggregate findings for.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
instanceTags (list) –
The Amazon EC2 instance tags to aggregate findings for.
(dict) –
An object that describes details of a map filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
key (string) – [REQUIRED]
The tag key used in the filter.
value (string) –
The tag value used in the filter.
operatingSystems (list) –
The operating system types to aggregate findings for. Valid values must be uppercase and underscore separated, examples are ORACLE_LINUX_7 and ALPINE_LINUX_3_8 .
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
findingTypeAggregation (dict) –
An object that contains details about an aggregation request based on finding types.
findingType (string) –
The finding type to aggregate.
resourceType (string) –
The resource type to aggregate.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
imageLayerAggregation (dict) –
An object that contains details about an aggregation request based on container image layers.
layerHashes (list) –
The hashes associated with the layers.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
repositories (list) –
The repository associated with the container image hosting the layers.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceIds (list) –
The ID of the container image layer.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
packageAggregation (dict) –
An object that contains details about an aggregation request based on operating system package type.
packageNames (list) –
The names of packages to aggregate findings on.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
repositoryAggregation (dict) –
An object that contains details about an aggregation request based on Amazon ECR repositories.
repositories (list) –
The names of repositories to aggregate findings on.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
titleAggregation (dict) –
An object that contains details about an aggregation request based on finding title.
resourceType (string) –
The resource type to aggregate on.
sortBy (string) –
The value to sort results by.
sortOrder (string) –
The order to sort results by.
titles (list) –
The finding titles to aggregate on.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilityIds (list) –
The vulnerability IDs of the findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
aggregationType (string) –
[REQUIRED]
The type of the aggregation request.
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'aggregationType': 'FINDING_TYPE'|'PACKAGE'|'TITLE'|'REPOSITORY'|'AMI'|'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER'|'IMAGE_LAYER'|'ACCOUNT',
'responses': [
{
'accountAggregation': {
'accountId': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'amiAggregation': {
'accountId': 'string',
'affectedInstances': 123,
'ami': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'awsEcrContainerAggregation': {
'accountId': 'string',
'architecture': 'string',
'imageSha': 'string',
'imageTags': [
'string',
],
'repository': 'string',
'resourceId': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'ec2InstanceAggregation': {
'accountId': 'string',
'ami': 'string',
'instanceId': 'string',
'instanceTags': {
'string': 'string'
},
'networkFindings': 123,
'operatingSystem': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'findingTypeAggregation': {
'accountId': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'imageLayerAggregation': {
'accountId': 'string',
'layerHash': 'string',
'repository': 'string',
'resourceId': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'packageAggregation': {
'accountId': 'string',
'packageName': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'repositoryAggregation': {
'accountId': 'string',
'affectedImages': 123,
'repository': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
}
},
'titleAggregation': {
'accountId': 'string',
'severityCounts': {
'all': 123,
'critical': 123,
'high': 123,
'medium': 123
},
'title': 'string',
'vulnerabilityId': 'string'
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) –
aggregationType (string) –
The type of aggregation to perform.
responses (list) –
Objects that contain the results of an aggregation operation.
(dict) –
A structure that contains details about the results of an aggregation type.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: accountAggregation, amiAggregation, awsEcrContainerAggregation, ec2InstanceAggregation, findingTypeAggregation, imageLayerAggregation, packageAggregation, repositoryAggregation, titleAggregation. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
accountAggregation (dict) –
An object that contains details about an aggregation response based on Amazon Web Services account IDs.
accountId (string) –
The Amazon Web Services account ID.
severityCounts (dict) –
The number of findings by severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
amiAggregation (dict) –
An object that contains details about an aggregation response based on Amazon Machine Images (AMIs).
accountId (string) –
The Amazon Web Services account ID that the AMI belongs.
affectedInstances (integer) –
The IDs of Amazon EC2 instances using this AMI.
ami (string) –
The ID of the AMI that findings were aggregated for.
severityCounts (dict) –
An object that contains the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
awsEcrContainerAggregation (dict) –
An object that contains details about an aggregation response based on Amazon ECR container images.
accountId (string) –
The Amazon Web Services account ID of the account that owns the container.
architecture (string) –
The architecture of the container.
imageSha (string) –
The SHA value of the container image.
imageTags (list) –
The container image stags.
(string) –
repository (string) –
The container repository.
resourceId (string) –
The resource ID of the container.
severityCounts (dict) –
The number of finding by severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
ec2InstanceAggregation (dict) –
An object that contains details about an aggregation response based on Amazon EC2 instances.
accountId (string) –
The Amazon Web Services account the Amazon EC2 instance belongs to.
ami (string) –
The Amazon Machine Image (AMI) of the Amazon EC2 instance.
instanceId (string) –
The Amazon EC2 instance ID.
instanceTags (dict) –
The tags attached to the instance.
(string) –
(string) –
networkFindings (integer) –
The number of network findings for the Amazon EC2 instance.
operatingSystem (string) –
The operating system of the Amazon EC2 instance.
severityCounts (dict) –
An object that contains the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
findingTypeAggregation (dict) –
An object that contains details about an aggregation response based on finding types.
accountId (string) –
The ID of the Amazon Web Services account associated with the findings.
severityCounts (dict) –
The value to sort results by.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
imageLayerAggregation (dict) –
An object that contains details about an aggregation response based on container image layers.
accountId (string) –
The ID of the Amazon Web Services account that owns the container image hosting the layer image.
layerHash (string) –
The layer hash.
repository (string) –
The repository the layer resides in.
resourceId (string) –
The resource ID of the container image layer.
severityCounts (dict) –
An object that represents the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
packageAggregation (dict) –
An object that contains details about an aggregation response based on operating system package type.
accountId (string) –
The ID of the Amazon Web Services account associated with the findings.
packageName (string) –
The name of the operating system package.
severityCounts (dict) –
An object that contains the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
repositoryAggregation (dict) –
An object that contains details about an aggregation response based on Amazon ECR repositories.
accountId (string) –
The ID of the Amazon Web Services account associated with the findings.
affectedImages (integer) –
The number of container images impacted by the findings.
repository (string) –
The name of the repository associated with the findings.
severityCounts (dict) –
An object that represent the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
titleAggregation (dict) –
An object that contains details about an aggregation response based on finding title.
accountId (string) –
The ID of the Amazon Web Services account associated with the findings.
severityCounts (dict) –
An object that represent the count of matched findings per severity.
all (integer) –
The total count of findings from all severities.
critical (integer) –
The total count of critical severity findings.
high (integer) –
The total count of high severity findings.
medium (integer) –
The total count of medium severity findings.
title (string) –
The title that the findings were aggregated on.
vulnerabilityId (string) –
The vulnerability ID of the finding.
NextToken (string) –
A token to resume pagination.
Inspector2.Paginator.ListFindings¶paginator = client.get_paginator('list_findings')
paginate(**kwargs)¶Creates an iterator that will paginate through responses from Inspector2.Client.list_findings().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
filterCriteria={
'awsAccountId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceImageId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceSubnetId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceVpcId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageArchitecture': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageHash': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImagePushedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'ecrImageRegistry': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageRepositoryName': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingArn': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingStatus': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'firstObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'inspectorScore': [
{
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
],
'lastObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'networkProtocol': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'portRange': [
{
'beginInclusive': 123,
'endInclusive': 123
},
],
'relatedVulnerabilities': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'severity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'title': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'updatedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'vendorSeverity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilityId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilitySource': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerablePackages': [
{
'architecture': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'epoch': {
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
'name': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'release': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'sourceLayerHash': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'version': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
}
},
]
},
sortCriteria={
'field': 'AWS_ACCOUNT_ID'|'FINDING_TYPE'|'SEVERITY'|'FIRST_OBSERVED_AT'|'LAST_OBSERVED_AT'|'FINDING_STATUS'|'RESOURCE_TYPE'|'ECR_IMAGE_PUSHED_AT'|'ECR_IMAGE_REPOSITORY_NAME'|'ECR_IMAGE_REGISTRY'|'NETWORK_PROTOCOL'|'COMPONENT_TYPE'|'VULNERABILITY_ID'|'VULNERABILITY_SOURCE'|'INSPECTOR_SCORE'|'VENDOR_SEVERITY',
'sortOrder': 'ASC'|'DESC'
},
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
filterCriteria (dict) –
Details on the filters to apply to your finding results.
awsAccountId (list) –
Details of the Amazon Web Services account IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
componentId (list) –
Details of the component IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
componentType (list) –
Details of the component types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceImageId (list) –
Details of the Amazon EC2 instance image IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceSubnetId (list) –
Details of the Amazon EC2 instance subnet IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ec2InstanceVpcId (list) –
Details of the Amazon EC2 instance VPC IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageArchitecture (list) –
Details of the Amazon ECR image architecture types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageHash (list) –
Details of the Amazon ECR image hashes used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImagePushedAt (list) –
Details on the Amazon ECR image push date and time used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
ecrImageRegistry (list) –
Details on the Amazon ECR registry used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageRepositoryName (list) –
Details on the name of the Amazon ECR repository used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
ecrImageTags (list) –
The tags attached to the Amazon ECR container image.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingArn (list) –
Details on the finding ARNs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingStatus (list) –
Details on the finding status types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
findingType (list) –
Details on the finding types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
firstObservedAt (list) –
Details on the date and time a finding was first seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
inspectorScore (list) –
The Amazon Inspector score to filter on.
(dict) –
An object that describes the details of a number filter.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
lastObservedAt (list) –
Details on the date and time a finding was last seen used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
networkProtocol (list) –
Details on the ingress source addresses used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
portRange (list) –
Details on the port ranges used to filter findings.
(dict) –
An object that describes the details of a port range filter.
beginInclusive (integer) –
The port number the port range begins at.
endInclusive (integer) –
The port number the port range ends at.
relatedVulnerabilities (list) –
Details on the related vulnerabilities used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceId (list) –
Details on the resource IDs used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
resourceTags (list) –
Details on the resource tags used to filter findings.
(dict) –
An object that describes details of a map filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter.
key (string) – [REQUIRED]
The tag key used in the filter.
value (string) –
The tag value used in the filter.
resourceType (list) –
Details on the resource types used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
severity (list) –
Details on the severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
title (list) –
Details on the finding title used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
updatedAt (list) –
Details on the date and time a finding was last updated at used to filter findings.
(dict) –
Contains details on the time range used to filter findings.
endInclusive (datetime) –
A timestamp representing the end of the time period filtered on.
startInclusive (datetime) –
A timestamp representing the start of the time period filtered on.
vendorSeverity (list) –
Details on the vendor severity used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilityId (list) –
Details on the vulnerability ID used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerabilitySource (list) –
Details on the vulnerability type used to filter findings.
(dict) –
An object that describes the details of a string filter.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
vulnerablePackages (list) –
Details on the vulnerable packages used to filter findings.
(dict) –
Contains information on the details of a package filter.
architecture (dict) –
An object that contains details on the package architecture type to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
epoch (dict) –
An object that contains details on the package epoch to filter on.
lowerInclusive (float) –
The lowest number to be included in the filter.
upperInclusive (float) –
The highest number to be included in the filter.
name (dict) –
An object that contains details on the name of the package to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
release (dict) –
An object that contains details on the package release to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sourceLayerHash (dict) –
An object that contains details on the source layer hash to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
version (dict) –
The package version to filter on.
comparison (string) – [REQUIRED]
The operator to use when comparing values in the filter
value (string) – [REQUIRED]
The value to filter on.
sortCriteria (dict) –
Details on the sort criteria to apply to your finding results.
field (string) – [REQUIRED]
The finding detail field by which results are sorted.
sortOrder (string) – [REQUIRED]
The order by which findings are sorted.
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'findings': [
{
'awsAccountId': 'string',
'description': 'string',
'findingArn': 'string',
'firstObservedAt': datetime(2015, 1, 1),
'inspectorScore': 123.0,
'inspectorScoreDetails': {
'adjustedCvss': {
'adjustments': [
{
'metric': 'string',
'reason': 'string'
},
],
'cvssSource': 'string',
'score': 123.0,
'scoreSource': 'string',
'scoringVector': 'string',
'version': 'string'
}
},
'lastObservedAt': datetime(2015, 1, 1),
'networkReachabilityDetails': {
'networkPath': {
'steps': [
{
'componentId': 'string',
'componentType': 'string'
},
]
},
'openPortRange': {
'begin': 123,
'end': 123
},
'protocol': 'TCP'|'UDP'
},
'packageVulnerabilityDetails': {
'cvss': [
{
'baseScore': 123.0,
'scoringVector': 'string',
'source': 'string',
'version': 'string'
},
],
'referenceUrls': [
'string',
],
'relatedVulnerabilities': [
'string',
],
'source': 'string',
'sourceUrl': 'string',
'vendorCreatedAt': datetime(2015, 1, 1),
'vendorSeverity': 'string',
'vendorUpdatedAt': datetime(2015, 1, 1),
'vulnerabilityId': 'string',
'vulnerablePackages': [
{
'arch': 'string',
'epoch': 123,
'filePath': 'string',
'fixedInVersion': 'string',
'name': 'string',
'packageManager': 'BUNDLER'|'CARGO'|'COMPOSER'|'NPM'|'NUGET'|'PIPENV'|'POETRY'|'YARN'|'GOBINARY'|'GOMOD'|'JAR'|'OS',
'release': 'string',
'sourceLayerHash': 'string',
'version': 'string'
},
]
},
'remediation': {
'recommendation': {
'Url': 'string',
'text': 'string'
}
},
'resources': [
{
'details': {
'awsEc2Instance': {
'iamInstanceProfileArn': 'string',
'imageId': 'string',
'ipV4Addresses': [
'string',
],
'ipV6Addresses': [
'string',
],
'keyName': 'string',
'launchedAt': datetime(2015, 1, 1),
'platform': 'string',
'subnetId': 'string',
'type': 'string',
'vpcId': 'string'
},
'awsEcrContainerImage': {
'architecture': 'string',
'author': 'string',
'imageHash': 'string',
'imageTags': [
'string',
],
'platform': 'string',
'pushedAt': datetime(2015, 1, 1),
'registry': 'string',
'repositoryName': 'string'
}
},
'id': 'string',
'partition': 'string',
'region': 'string',
'tags': {
'string': 'string'
},
'type': 'AWS_EC2_INSTANCE'|'AWS_ECR_CONTAINER_IMAGE'|'AWS_ECR_REPOSITORY'
},
],
'severity': 'INFORMATIONAL'|'LOW'|'MEDIUM'|'HIGH'|'CRITICAL'|'UNTRIAGED',
'status': 'ACTIVE'|'SUPPRESSED'|'CLOSED',
'title': 'string',
'type': 'NETWORK_REACHABILITY'|'PACKAGE_VULNERABILITY',
'updatedAt': datetime(2015, 1, 1)
},
],
'NextToken': 'string'
}
Response Structure
(dict) –
findings (list) –
Contains details on the findings in your environment.
(dict) –
Details about an Amazon Inspector finding.
awsAccountId (string) –
The Amazon Web Services account ID associated with the finding.
description (string) –
The description of the finding.
findingArn (string) –
The Amazon Resource Number (ARN) of the finding.
firstObservedAt (datetime) –
The date and time that the finding was first observed.
inspectorScore (float) –
The Amazon Inspector score given to the finding.
inspectorScoreDetails (dict) –
An object that contains details of the Amazon Inspector score.
adjustedCvss (dict) –
An object that contains details about the CVSS score given to a finding.
adjustments (list) –
An object that contains details about adjustment Amazon Inspector made to the CVSS score.
(dict) –
Details on adjustments Amazon Inspector made to the CVSS score for a finding.
metric (string) –
The metric used to adjust the CVSS score.
reason (string) –
The reason the CVSS score has been adjustment.
cvssSource (string) –
The source of the CVSS data.
score (float) –
The CVSS score.
scoreSource (string) –
The source for the CVSS score.
scoringVector (string) –
The vector for the CVSS score.
version (string) –
The CVSS version used in scoring.
lastObservedAt (datetime) –
The date and time that the finding was last observed.
networkReachabilityDetails (dict) –
An object that contains the details of a network reachability finding.
networkPath (dict) –
An object that contains details about a network path associated with a finding.
steps (list) –
The details on the steps in the network path.
(dict) –
Details about the step associated with a finding.
componentId (string) –
The component ID.
componentType (string) –
The component type.
openPortRange (dict) –
An object that contains details about the open port range associated with a finding.
begin (integer) –
The beginning port in a port range.
end (integer) –
The ending port in a port range.
protocol (string) –
The protocol associated with a finding.
packageVulnerabilityDetails (dict) –
An object that contains the details of a package vulnerability finding.
cvss (list) –
An object that contains details about the CVSS score of a finding.
(dict) –
The CVSS score for a finding.
baseScore (float) –
The base CVSS score used for the finding.
scoringVector (string) –
The vector string of the CVSS score.
source (string) –
The source of the CVSS score.
version (string) –
The version of CVSS used for the score.
referenceUrls (list) –
One or more URLs that contain details about this vulnerability type.
(string) –
relatedVulnerabilities (list) –
One or more vulnerabilities related to the one identified in this finding.
(string) –
source (string) –
The source of the vulnerability information.
sourceUrl (string) –
A URL to the source of the vulnerability information.
vendorCreatedAt (datetime) –
The date and time that this vulnerability was first added to the vendor’s database.
vendorSeverity (string) –
The severity the vendor has given to this vulnerability type.
vendorUpdatedAt (datetime) –
The date and time the vendor last updated this vulnerability in their database.
vulnerabilityId (string) –
The ID given to this vulnerability.
vulnerablePackages (list) –
The packages impacted by this vulnerability.
(dict) –
Information on the vulnerable package identified by a finding.
arch (string) –
The architecture of the vulnerable package.
epoch (integer) –
The epoch of the vulnerable package.
filePath (string) –
The file path of the vulnerable package.
fixedInVersion (string) –
The version of the package that contains the vulnerability fix.
name (string) –
The name of the vulnerable package.
packageManager (string) –
The package manager of the vulnerable package.
release (string) –
The release of the vulnerable package.
sourceLayerHash (string) –
The source layer hash of the vulnerable package.
version (string) –
The version of the vulnerable package.
remediation (dict) –
An object that contains the details about how to remediate a finding.
recommendation (dict) –
An object that contains information about the recommended course of action to remediate the finding.
Url (string) –
The URL address to the CVE remediation recommendations.
text (string) –
The recommended course of action to remediate the finding.
resources (list) –
Contains information on the resources involved in a finding.
(dict) –
Details about the resource involved in a finding.
details (dict) –
An object that contains details about the resource involved in a finding.
awsEc2Instance (dict) –
An object that contains details about the Amazon EC2 instance involved in the finding.
iamInstanceProfileArn (string) –
The IAM instance profile ARN of the Amazon EC2 instance.
imageId (string) –
The image ID of the Amazon EC2 instance.
ipV4Addresses (list) –
The IPv4 addresses of the Amazon EC2 instance.
(string) –
ipV6Addresses (list) –
The IPv6 addresses of the Amazon EC2 instance.
(string) –
keyName (string) –
The name of the key pair used to launch the Amazon EC2 instance.
launchedAt (datetime) –
The date and time the Amazon EC2 instance was launched at.
platform (string) –
The platform of the Amazon EC2 instance.
subnetId (string) –
The subnet ID of the Amazon EC2 instance.
type (string) –
The type of the Amazon EC2 instance.
vpcId (string) –
The VPC ID of the Amazon EC2 instance.
awsEcrContainerImage (dict) –
An object that contains details about the Amazon ECR container image involved in the finding.
architecture (string) –
The architecture of the Amazon ECR container image.
author (string) –
The image author of the Amazon ECR container image.
imageHash (string) –
The image hash of the Amazon ECR container image.
imageTags (list) –
The image tags attached to the Amazon ECR container image.
(string) –
platform (string) –
The platform of the Amazon ECR container image.
pushedAt (datetime) –
The date and time the Amazon ECR container image was pushed.
registry (string) –
The registry the Amazon ECR container image belongs to.
repositoryName (string) –
The name of the repository the Amazon ECR container image resides in.
id (string) –
The ID of the resource.
partition (string) –
The partition of the resource.
region (string) –
The Amazon Web Services Region the impacted resource is located in.
tags (dict) –
The tags attached to the resource.
(string) –
(string) –
type (string) –
The type of resource.
severity (string) –
The severity of the finding.
status (string) –
The status of the finding.
title (string) –
The title of the finding.
type (string) –
The type of the finding.
updatedAt (datetime) –
The date and time the finding was last updated at.
NextToken (string) –
A token to resume pagination.
Inspector2.Paginator.ListMembers¶paginator = client.get_paginator('list_members')
paginate(**kwargs)¶Creates an iterator that will paginate through responses from Inspector2.Client.list_members().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
onlyAssociated=True|False,
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
onlyAssociated (boolean) – Specifies whether to list only currently associated members if True or to list all members within the organization if False .
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'members': [
{
'accountId': 'string',
'delegatedAdminAccountId': 'string',
'relationshipStatus': 'CREATED'|'INVITED'|'DISABLED'|'ENABLED'|'REMOVED'|'RESIGNED'|'DELETED'|'EMAIL_VERIFICATION_IN_PROGRESS'|'EMAIL_VERIFICATION_FAILED'|'REGION_DISABLED'|'ACCOUNT_SUSPENDED'|'CANNOT_CREATE_DETECTOR_IN_ORG_MASTER',
'updatedAt': datetime(2015, 1, 1)
},
],
'NextToken': 'string'
}
Response Structure
(dict) –
members (list) –
An object that contains details for each member account.
(dict) –
Details on a member account in your organization.
accountId (string) –
The Amazon Web Services account ID of the member account.
delegatedAdminAccountId (string) –
The Amazon Web Services account ID of the Amazon Inspector delegated administrator for this member account.
relationshipStatus (string) –
The status of the member account.
updatedAt (datetime) –
A timestamp showing when the status of this member was last updated.
NextToken (string) –
A token to resume pagination.
Inspector2.Paginator.ListUsageTotals¶paginator = client.get_paginator('list_usage_totals')
paginate(**kwargs)¶Creates an iterator that will paginate through responses from Inspector2.Client.list_usage_totals().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
accountIds=[
'string',
],
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
accountIds (list) –
The Amazon Web Services account IDs to retrieve usage totals for.
(string) –
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'totals': [
{
'accountId': 'string',
'usage': [
{
'currency': 'USD',
'estimatedMonthlyCost': 123.0,
'total': 123.0,
'type': 'EC2_INSTANCE_HOURS'|'ECR_INITIAL_SCAN'|'ECR_RESCAN'
},
]
},
],
'NextToken': 'string'
}
Response Structure
(dict) –
totals (list) –
An object with details on the total usage for the requested account.
(dict) –
The total of usage for an account ID.
accountId (string) –
The account ID of the account that usage data was retrieved for.
usage (list) –
An object representing the total usage for an account.
(dict) –
Contains usage information about the cost of Amazon Inspector operation.
currency (string) –
The currency type used when calculating usage data.
estimatedMonthlyCost (float) –
The estimated monthly cost of Amazon Inspector.
total (float) –
The total of usage.
type (string) –
The type scan.
NextToken (string) –
A token to resume pagination.