:doc:`AccessAnalyzer <../../accessanalyzer>` / Client / get_finding_recommendation

**************************
get_finding_recommendation
**************************



.. py:method:: AccessAnalyzer.Client.get_finding_recommendation(**kwargs)

  

  Retrieves information about a finding recommendation for the specified analyzer.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingRecommendation>`_  


  **Request Syntax**
  ::

    response = client.get_finding_recommendation(
        analyzerArn='string',
        id='string',
        maxResults=123,
        nextToken='string'
    )
    
  :type analyzerArn: string
  :param analyzerArn: **[REQUIRED]** 

    The `ARN of the analyzer <https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources>`__ used to generate the finding recommendation.

    

  
  :type id: string
  :param id: **[REQUIRED]** 

    The unique ID for the finding recommendation.

    

  
  :type maxResults: integer
  :param maxResults: 

    The maximum number of results to return in the response.

    

  
  :type nextToken: string
  :param nextToken: 

    A token used for pagination of results returned.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'startedAt': datetime(2015, 1, 1),
          'completedAt': datetime(2015, 1, 1),
          'nextToken': 'string',
          'error': {
              'code': 'string',
              'message': 'string'
          },
          'resourceArn': 'string',
          'recommendedSteps': [
              {
                  'unusedPermissionsRecommendedStep': {
                      'policyUpdatedAt': datetime(2015, 1, 1),
                      'recommendedAction': 'CREATE_POLICY'|'DETACH_POLICY',
                      'recommendedPolicy': 'string',
                      'existingPolicyId': 'string'
                  }
              },
          ],
          'recommendationType': 'UnusedPermissionRecommendation',
          'status': 'SUCCEEDED'|'FAILED'|'IN_PROGRESS'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **startedAt** *(datetime) --* 

        The time at which the retrieval of the finding recommendation was started.

        
      

      - **completedAt** *(datetime) --* 

        The time at which the retrieval of the finding recommendation was completed.

        
      

      - **nextToken** *(string) --* 

        A token used for pagination of results returned.

        
      

      - **error** *(dict) --* 

        Detailed information about the reason that the retrieval of a recommendation for the finding failed.

        
        

        - **code** *(string) --* 

          The error code for a failed retrieval of a recommendation for a finding.

          
        

        - **message** *(string) --* 

          The error message for a failed retrieval of a recommendation for a finding.

          
    
      

      - **resourceArn** *(string) --* 

        The ARN of the resource of the finding.

        
      

      - **recommendedSteps** *(list) --* 

        A group of recommended steps for the finding.

        
        

        - *(dict) --* 

          Contains information about a recommended step for an unused access analyzer finding.

          .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``unusedPermissionsRecommendedStep``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                    'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


        
          

          - **unusedPermissionsRecommendedStep** *(dict) --* 

            A recommended step for an unused permissions finding.

            
            

            - **policyUpdatedAt** *(datetime) --* 

              The time at which the existing policy for the unused permissions finding was last updated.

              
            

            - **recommendedAction** *(string) --* 

              A recommendation of whether to create or detach a policy for an unused permissions finding.

              
            

            - **recommendedPolicy** *(string) --* 

              If the recommended action for the unused permissions finding is to replace the existing policy, the contents of the recommended policy to replace the policy specified in the ``existingPolicyId`` field.

              
            

            - **existingPolicyId** *(string) --* 

              If the recommended action for the unused permissions finding is to detach a policy, the ID of an existing policy to be detached.

              
        
      
    
      

      - **recommendationType** *(string) --* 

        The type of recommendation for the finding.

        
      

      - **status** *(string) --* 

        The status of the retrieval of the finding recommendation.

        
  
  **Exceptions**
  
  *   :py:class:`AccessAnalyzer.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`AccessAnalyzer.Client.exceptions.ValidationException`

  
  *   :py:class:`AccessAnalyzer.Client.exceptions.InternalServerException`

  
  *   :py:class:`AccessAnalyzer.Client.exceptions.ThrottlingException`

  
  *   :py:class:`AccessAnalyzer.Client.exceptions.AccessDeniedException`

  