:doc:`AccessAnalyzer <../../accessanalyzer>` / Paginator / ListFindings

************
ListFindings
************



.. py:class:: AccessAnalyzer.Paginator.ListFindings

  ::

    
    paginator = client.get_paginator('list_findings')

  
  

  .. py:method:: paginate(**kwargs)

    Creates an iterator that will paginate through responses from :py:meth:`AccessAnalyzer.Client.list_findings`.

    See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListFindings>`_    


    **Request Syntax**
    ::

      response_iterator = paginator.paginate(
          analyzerArn='string',
          filter={
              'string': {
                  'eq': [
                      'string',
                  ],
                  'neq': [
                      'string',
                  ],
                  'contains': [
                      'string',
                  ],
                  'exists': True|False
              }
          },
          sort={
              'attributeName': 'string',
              'orderBy': 'ASC'|'DESC'
          },
          PaginationConfig={
              'MaxItems': 123,
              'PageSize': 123,
              'StartingToken': 'string'
          }
      )
      
    :type analyzerArn: string
    :param analyzerArn: **[REQUIRED]** 

      The `ARN of the analyzer <https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources>`__ to retrieve findings from.

      

    
    :type filter: dict
    :param filter: 

      A filter to match for the findings to return.

      

    
      - *(string) --* 

      
        - *(dict) --* 

          The criteria to use in the filter that defines the archive rule. For more information on available filter keys, see `IAM Access Analyzer filter keys <https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html>`__.

          

        
          - **eq** *(list) --* 

            An "equals" operator to match for the filter used to create the rule.

            

          
            - *(string) --* 

            
        
          - **neq** *(list) --* 

            A "not equals" operator to match for the filter used to create the rule.

            

          
            - *(string) --* 

            
        
          - **contains** *(list) --* 

            A "contains" operator to match for the filter used to create the rule.

            

          
            - *(string) --* 

            
        
          - **exists** *(boolean) --* 

            An "exists" operator to match for the filter used to create the rule.

            

          
        
  

    :type sort: dict
    :param sort: 

      The sort order for the findings returned.

      

    
      - **attributeName** *(string) --* 

        The name of the attribute to sort on.

        

      
      - **orderBy** *(string) --* 

        The sort order, ascending or descending.

        

      
    
    :type PaginationConfig: dict
    :param PaginationConfig: 

      A dictionary that provides parameters to control pagination.

      

    
      - **MaxItems** *(integer) --* 

        The total number of items to return. If the total number of items available is more than the value specified in max-items then a ``NextToken`` will be provided in the output that you can use to resume pagination.

        

      
      - **PageSize** *(integer) --* 

        The size of each page.

        

      
      - **StartingToken** *(string) --* 

        A token to specify where to start paginating. This is the ``NextToken`` from a previous response.

        

      
    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax**

      
      ::

        {
            'findings': [
                {
                    'id': 'string',
                    'principal': {
                        'string': 'string'
                    },
                    'action': [
                        'string',
                    ],
                    'resource': 'string',
                    'isPublic': True|False,
                    'resourceType': 'AWS::S3::Bucket'|'AWS::IAM::Role'|'AWS::SQS::Queue'|'AWS::Lambda::Function'|'AWS::Lambda::LayerVersion'|'AWS::KMS::Key'|'AWS::SecretsManager::Secret'|'AWS::EFS::FileSystem'|'AWS::EC2::Snapshot'|'AWS::ECR::Repository'|'AWS::RDS::DBSnapshot'|'AWS::RDS::DBClusterSnapshot'|'AWS::SNS::Topic'|'AWS::S3Express::DirectoryBucket'|'AWS::DynamoDB::Table'|'AWS::DynamoDB::Stream'|'AWS::IAM::User',
                    'condition': {
                        'string': 'string'
                    },
                    'createdAt': datetime(2015, 1, 1),
                    'analyzedAt': datetime(2015, 1, 1),
                    'updatedAt': datetime(2015, 1, 1),
                    'status': 'ACTIVE'|'ARCHIVED'|'RESOLVED',
                    'resourceOwnerAccount': 'string',
                    'error': 'string',
                    'sources': [
                        {
                            'type': 'POLICY'|'BUCKET_ACL'|'S3_ACCESS_POINT'|'S3_ACCESS_POINT_ACCOUNT',
                            'detail': {
                                'accessPointArn': 'string',
                                'accessPointAccount': 'string'
                            }
                        },
                    ],
                    'resourceControlPolicyRestriction': 'APPLICABLE'|'FAILED_TO_EVALUATE_RCP'|'NOT_APPLICABLE'|'APPLIED'
                },
            ],
            'NextToken': 'string'
        }
        
      **Response Structure**

      

      - *(dict) --* 

        The response to the request.

        
        

        - **findings** *(list) --* 

          A list of findings retrieved from the analyzer that match the filter criteria specified, if any.

          
          

          - *(dict) --* 

            Contains information about a finding.

            
            

            - **id** *(string) --* 

              The ID of the finding.

              
            

            - **principal** *(dict) --* 

              The external principal that has access to a resource within the zone of trust.

              
              

              - *(string) --* 
                

                - *(string) --* 
          
        
            

            - **action** *(list) --* 

              The action in the analyzed policy statement that an external principal has permission to use.

              
              

              - *(string) --* 
          
            

            - **resource** *(string) --* 

              The resource that the external principal has access to.

              
            

            - **isPublic** *(boolean) --* 

              Indicates whether the finding reports a resource that has a policy that allows public access.

              
            

            - **resourceType** *(string) --* 

              The type of the resource that the external principal has access to.

              
            

            - **condition** *(dict) --* 

              The condition in the analyzed policy statement that resulted in a finding.

              
              

              - *(string) --* 
                

                - *(string) --* 
          
        
            

            - **createdAt** *(datetime) --* 

              The time at which the finding was created.

              
            

            - **analyzedAt** *(datetime) --* 

              The time at which the resource-based policy that generated the finding was analyzed.

              
            

            - **updatedAt** *(datetime) --* 

              The time at which the finding was most recently updated.

              
            

            - **status** *(string) --* 

              The status of the finding.

              
            

            - **resourceOwnerAccount** *(string) --* 

              The Amazon Web Services account ID that owns the resource.

              
            

            - **error** *(string) --* 

              The error that resulted in an Error finding.

              
            

            - **sources** *(list) --* 

              The sources of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.

              
              

              - *(dict) --* 

                The source of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.

                
                

                - **type** *(string) --* 

                  Indicates the type of access that generated the finding.

                  
                

                - **detail** *(dict) --* 

                  Includes details about how the access that generated the finding is granted. This is populated for Amazon S3 bucket findings.

                  
                  

                  - **accessPointArn** *(string) --* 

                    The ARN of the access point that generated the finding. The ARN format depends on whether the ARN represents an access point or a multi-region access point.

                    
                  

                  - **accessPointAccount** *(string) --* 

                    The account of the cross-account access point that generated the finding.

                    
              
            
          
            

            - **resourceControlPolicyRestriction** *(string) --* 

              The type of restriction applied to the finding by the resource owner with an Organizations resource control policy (RCP).

              
        
      
        

        - **NextToken** *(string) --* 

          A token to resume pagination.

          
    