ListAuditFindings
Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period. (Findings are retained for 90 days.)
Requires permission to access the ListAuditFindings action.
Request Syntax
POST /audit/findings HTTP/1.1
Content-type: application/json
{
"checkName": "string
",
"endTime": number
,
"listSuppressedFindings": boolean
,
"maxResults": number
,
"nextToken": "string
",
"resourceIdentifier": {
"account": "string
",
"caCertificateId": "string
",
"clientId": "string
",
"cognitoIdentityPoolId": "string
",
"deviceCertificateArn": "string
",
"deviceCertificateId": "string
",
"iamRoleArn": "string
",
"issuerCertificateIdentifier": {
"issuerCertificateSerialNumber": "string
",
"issuerCertificateSubject": "string
",
"issuerId": "string
"
},
"policyVersionIdentifier": {
"policyName": "string
",
"policyVersionId": "string
"
},
"roleAliasArn": "string
"
},
"startTime": number
,
"taskId": "string
"
}
URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- checkName
-
A filter to limit results to the findings for the specified audit check.
Type: String
Required: No
- endTime
-
A filter to limit results to those found before the specified time. You must specify either the startTime and endTime or the taskId, but not both.
Type: Timestamp
Required: No
- listSuppressedFindings
-
Boolean flag indicating whether only the suppressed findings or the unsuppressed findings should be listed. If this parameter isn't provided, the response will list both suppressed and unsuppressed findings.
Type: Boolean
Required: No
- maxResults
-
The maximum number of results to return at one time. The default is 25.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 250.
Required: No
- nextToken
-
The token for the next set of results.
Type: String
Required: No
- resourceIdentifier
-
Information identifying the noncompliant resource.
Type: ResourceIdentifier object
Required: No
- startTime
-
A filter to limit results to those found after the specified time. You must specify either the startTime and endTime or the taskId, but not both.
Type: Timestamp
Required: No
- taskId
-
A filter to limit results to the audit with the specified ID. You must specify either the taskId or the startTime and endTime, but not both.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 40.
Pattern:
[a-zA-Z0-9\-]+
Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"findings": [
{
"checkName": "string",
"findingId": "string",
"findingTime": number,
"isSuppressed": boolean,
"nonCompliantResource": {
"additionalInfo": {
"string" : "string"
},
"resourceIdentifier": {
"account": "string",
"caCertificateId": "string",
"clientId": "string",
"cognitoIdentityPoolId": "string",
"deviceCertificateArn": "string",
"deviceCertificateId": "string",
"iamRoleArn": "string",
"issuerCertificateIdentifier": {
"issuerCertificateSerialNumber": "string",
"issuerCertificateSubject": "string",
"issuerId": "string"
},
"policyVersionIdentifier": {
"policyName": "string",
"policyVersionId": "string"
},
"roleAliasArn": "string"
},
"resourceType": "string"
},
"reasonForNonCompliance": "string",
"reasonForNonComplianceCode": "string",
"relatedResources": [
{
"additionalInfo": {
"string" : "string"
},
"resourceIdentifier": {
"account": "string",
"caCertificateId": "string",
"clientId": "string",
"cognitoIdentityPoolId": "string",
"deviceCertificateArn": "string",
"deviceCertificateId": "string",
"iamRoleArn": "string",
"issuerCertificateIdentifier": {
"issuerCertificateSerialNumber": "string",
"issuerCertificateSubject": "string",
"issuerId": "string"
},
"policyVersionIdentifier": {
"policyName": "string",
"policyVersionId": "string"
},
"roleAliasArn": "string"
},
"resourceType": "string"
}
],
"severity": "string",
"taskId": "string",
"taskStartTime": number
}
],
"nextToken": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- findings
-
The findings (results) of the audit.
Type: Array of AuditFinding objects
- nextToken
-
A token that can be used to retrieve the next set of results, or
null
if there are no additional results.Type: String
Errors
- InternalFailureException
-
An unexpected error has occurred.
HTTP Status Code: 500
- InvalidRequestException
-
The request is not valid.
HTTP Status Code: 400
- ThrottlingException
-
The rate exceeds the limit.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: