CodeGuruSecurity / Paginator / GetFindings

GetFindings#

class CodeGuruSecurity.Paginator.GetFindings#
paginator = client.get_paginator('get_findings')
paginate(**kwargs)#

Creates an iterator that will paginate through responses from CodeGuruSecurity.Client.get_findings().

See also: AWS API Documentation

Request Syntax

response_iterator = paginator.paginate(
    scanName='string',
    status='Closed'|'Open'|'All',
    PaginationConfig={
        'MaxItems': 123,
        'PageSize': 123,
        'StartingToken': 'string'
    }
)
Parameters:
  • scanName (string) –

    [REQUIRED]

    The name of the scan you want to retrieve findings from.

  • status (string) – The status of the findings you want to get. Pass either Open, Closed, or All.

  • PaginationConfig (dict) –

    A dictionary that provides parameters to control pagination.

    • MaxItems (integer) –

      The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.

    • PageSize (integer) –

      The size of each page.

    • StartingToken (string) –

      A token to specify where to start paginating. This is the NextToken from a previous response.

Return type:

dict

Returns:

Response Syntax

{
    'findings': [
        {
            'createdAt': datetime(2015, 1, 1),
            'description': 'string',
            'detectorId': 'string',
            'detectorName': 'string',
            'detectorTags': [
                'string',
            ],
            'generatorId': 'string',
            'id': 'string',
            'remediation': {
                'recommendation': {
                    'text': 'string',
                    'url': 'string'
                },
                'suggestedFixes': [
                    {
                        'code': 'string',
                        'description': 'string'
                    },
                ]
            },
            'resource': {
                'id': 'string',
                'subResourceId': 'string'
            },
            'ruleId': 'string',
            'severity': 'Critical'|'High'|'Medium'|'Low'|'Info',
            'status': 'Closed'|'Open'|'All',
            'title': 'string',
            'type': 'string',
            'updatedAt': datetime(2015, 1, 1),
            'vulnerability': {
                'filePath': {
                    'codeSnippet': [
                        {
                            'content': 'string',
                            'number': 123
                        },
                    ],
                    'endLine': 123,
                    'name': 'string',
                    'path': 'string',
                    'startLine': 123
                },
                'id': 'string',
                'itemCount': 123,
                'referenceUrls': [
                    'string',
                ],
                'relatedVulnerabilities': [
                    'string',
                ]
            }
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) –

    • findings (list) –

      A list of findings generated by the specified scan.

      • (dict) –

        Information about a finding that was detected in your code.

        • createdAt (datetime) –

          The time when the finding was created.

        • description (string) –

          A description of the finding.

        • detectorId (string) –

          The identifier for the detector that detected the finding in your code. A detector is a defined rule based on industry standards and AWS best practices.

        • detectorName (string) –

          The name of the detector that identified the security vulnerability in your code.

        • detectorTags (list) –

          One or more tags or categorizations that are associated with a detector. These tags are defined by type, programming language, or other classification such as maintainability or consistency.

          • (string) –

        • generatorId (string) –

          The identifier for the component that generated a finding such as AmazonCodeGuruSecurity.

        • id (string) –

          The identifier for a finding.

        • remediation (dict) –

          An object that contains the details about how to remediate a finding.

          • recommendation (dict) –

            An object that contains information about the recommended course of action to remediate a finding.

            • text (string) –

              The recommended course of action to remediate the finding.

            • url (string) –

              The URL address to the recommendation for remediating the finding.

          • suggestedFixes (list) –

            A list of SuggestedFix objects. Each object contains information about a suggested code fix to remediate the finding.

            • (dict) –

              Information about the suggested code fix to remediate a finding.

              • code (string) –

                The suggested code fix. If applicable, includes code patch to replace your source code.

              • description (string) –

                A description of the suggested code fix and why it is being suggested.

        • resource (dict) –

          The resource where Amazon CodeGuru Security detected a finding.

          • id (string) –

            The scanName of the scan that was run on the resource.

          • subResourceId (string) –

            The identifier for a section of the resource.

        • ruleId (string) –

          The identifier for the rule that generated the finding.

        • severity (string) –

          The severity of the finding. Severity can be critical, high, medium, low, or informational. For information on severity levels, see Finding severity in the Amazon CodeGuru Security User Guide.

        • status (string) –

          The status of the finding. A finding status can be open or closed.

        • title (string) –

          The title of the finding.

        • type (string) –

          The type of finding.

        • updatedAt (datetime) –

          The time when the finding was last updated. Findings are updated when you remediate them or when the finding code location changes.

        • vulnerability (dict) –

          An object that describes the detected security vulnerability.

          • filePath (dict) –

            An object that describes the location of the detected security vulnerability in your code.

            • codeSnippet (list) –

              A list of CodeLine objects that describe where the security vulnerability appears in your code.

              • (dict) –

                The line of code where a finding was detected.

                • content (string) –

                  The code that contains a vulnerability.

                • number (integer) –

                  The code line number.

            • endLine (integer) –

              The last line number of the code snippet where the security vulnerability appears in your code.

            • name (string) –

              The name of the file.

            • path (string) –

              The path to the resource with the security vulnerability.

            • startLine (integer) –

              The first line number of the code snippet where the security vulnerability appears in your code.

          • id (string) –

            The identifier for the vulnerability.

          • itemCount (integer) –

            The number of times the vulnerability appears in your code.

          • referenceUrls (list) –

            One or more URL addresses that contain details about a vulnerability.

            • (string) –

          • relatedVulnerabilities (list) –

            One or more vulnerabilities that are related to the vulnerability being described.

            • (string) –

    • NextToken (string) –

      A token to resume pagination.