CodeGuruSecurity / Client / batch_get_findings
batch_get_findings¶
- CodeGuruSecurity.Client.batch_get_findings(**kwargs)¶
Returns a list of requested findings from standard scans.
See also: AWS API Documentation
Request Syntax
response = client.batch_get_findings( findingIdentifiers=[ { 'scanName': 'string', 'findingId': 'string' }, ] )
- Parameters:
findingIdentifiers (list) –
[REQUIRED]
A list of finding identifiers. Each identifier consists of a
scanNameand afindingId. You retrieve thefindingIdwhen you callGetFindings.(dict) –
An object that contains information about a finding and the scan that generated it.
scanName (string) – [REQUIRED]
The name of the scan that generated the finding.
findingId (string) – [REQUIRED]
The identifier for a finding.
- Return type:
dict
- Returns:
Response Syntax
{ 'findings': [ { 'createdAt': datetime(2015, 1, 1), 'description': 'string', 'generatorId': 'string', 'id': 'string', 'updatedAt': datetime(2015, 1, 1), 'type': 'string', 'status': 'Closed'|'Open'|'All', 'resource': { 'id': 'string', 'subResourceId': 'string' }, 'vulnerability': { 'referenceUrls': [ 'string', ], 'relatedVulnerabilities': [ 'string', ], 'id': 'string', 'filePath': { 'name': 'string', 'path': 'string', 'startLine': 123, 'endLine': 123, 'codeSnippet': [ { 'number': 123, 'content': 'string' }, ] }, 'itemCount': 123 }, 'severity': 'Critical'|'High'|'Medium'|'Low'|'Info', 'remediation': { 'recommendation': { 'text': 'string', 'url': 'string' }, 'suggestedFixes': [ { 'description': 'string', 'code': 'string' }, ] }, 'title': 'string', 'detectorTags': [ 'string', ], 'detectorId': 'string', 'detectorName': 'string', 'ruleId': 'string' }, ], 'failedFindings': [ { 'scanName': 'string', 'findingId': 'string', 'errorCode': 'DUPLICATE_IDENTIFIER'|'ITEM_DOES_NOT_EXIST'|'INTERNAL_ERROR'|'INVALID_FINDING_ID'|'INVALID_SCAN_NAME', 'message': 'string' }, ] }
Response Structure
(dict) –
findings (list) –
A list of all findings which were successfully fetched.
(dict) –
Information about a finding that was detected in your code.
createdAt (datetime) –
The time when the finding was created.
description (string) –
A description of the finding.
generatorId (string) –
The identifier for the component that generated a finding such as AmazonCodeGuruSecurity.
id (string) –
The identifier for a finding.
updatedAt (datetime) –
The time when the finding was last updated. Findings are updated when you remediate them or when the finding code location changes.
type (string) –
The type of finding.
status (string) –
The status of the finding. A finding status can be open or closed.
resource (dict) –
The resource where Amazon CodeGuru Security detected a finding.
id (string) –
The
scanNameof the scan that was run on the resource.subResourceId (string) –
The identifier for a section of the resource.
vulnerability (dict) –
An object that describes the detected security vulnerability.
referenceUrls (list) –
One or more URL addresses that contain details about a vulnerability.
(string) –
relatedVulnerabilities (list) –
One or more vulnerabilities that are related to the vulnerability being described.
(string) –
id (string) –
The identifier for the vulnerability.
filePath (dict) –
An object that describes the location of the detected security vulnerability in your code.
name (string) –
The name of the file.
path (string) –
The path to the resource with the security vulnerability.
startLine (integer) –
The first line number of the code snippet where the security vulnerability appears in your code.
endLine (integer) –
The last line number of the code snippet where the security vulnerability appears in your code.
codeSnippet (list) –
A list of
CodeLineobjects that describe where the security vulnerability appears in your code.(dict) –
The line of code where a finding was detected.
number (integer) –
The code line number.
content (string) –
The code that contains a vulnerability.
itemCount (integer) –
The number of times the vulnerability appears in your code.
severity (string) –
The severity of the finding. Severity can be critical, high, medium, low, or informational. For information on severity levels, see Finding severity in the Amazon CodeGuru Security User Guide.
remediation (dict) –
An object that contains the details about how to remediate a finding.
recommendation (dict) –
An object that contains information about the recommended course of action to remediate a finding.
text (string) –
The recommended course of action to remediate the finding.
url (string) –
The URL address to the recommendation for remediating the finding.
suggestedFixes (list) –
A list of
SuggestedFixobjects. Each object contains information about a suggested code fix to remediate the finding.(dict) –
Information about the suggested code fix to remediate a finding.
description (string) –
A description of the suggested code fix and why it is being suggested.
code (string) –
The suggested code fix. If applicable, includes code patch to replace your source code.
title (string) –
The title of the finding.
detectorTags (list) –
One or more tags or categorizations that are associated with a detector. These tags are defined by type, programming language, or other classification such as maintainability or consistency.
(string) –
detectorId (string) –
The identifier for the detector that detected the finding in your code. A detector is a defined rule based on industry standards and AWS best practices.
detectorName (string) –
The name of the detector that identified the security vulnerability in your code.
ruleId (string) –
The identifier for the rule that generated the finding.
failedFindings (list) –
A list of errors for individual findings which were not fetched. Each BatchGetFindingsError contains the
scanName,findingId,errorCodeand errormessage.(dict) –
Contains information about the error that caused a finding to fail to be retrieved.
scanName (string) –
The name of the scan that generated the finding.
findingId (string) –
The finding ID of the finding that was not fetched.
errorCode (string) –
A code associated with the type of error.
message (string) –
Describes the error.
Exceptions