:doc:`IoT <../../iot>` / Client / describe_audit_mitigation_actions_task

**************************************
describe_audit_mitigation_actions_task
**************************************



.. py:method:: IoT.Client.describe_audit_mitigation_actions_task(**kwargs)

  

  Gets information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings. Properties include the actions being applied, the audit checks to which they're being applied, the task status, and aggregated task statistics.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iot-2015-05-28/DescribeAuditMitigationActionsTask>`_  


  **Request Syntax**
  ::

    response = client.describe_audit_mitigation_actions_task(
        taskId='string'
    )
    
  :type taskId: string
  :param taskId: **[REQUIRED]** 

    The unique identifier for the audit mitigation task.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'taskStatus': 'IN_PROGRESS'|'COMPLETED'|'FAILED'|'CANCELED',
          'startTime': datetime(2015, 1, 1),
          'endTime': datetime(2015, 1, 1),
          'taskStatistics': {
              'string': {
                  'totalFindingsCount': 123,
                  'failedFindingsCount': 123,
                  'succeededFindingsCount': 123,
                  'skippedFindingsCount': 123,
                  'canceledFindingsCount': 123
              }
          },
          'target': {
              'auditTaskId': 'string',
              'findingIds': [
                  'string',
              ],
              'auditCheckToReasonCodeFilter': {
                  'string': [
                      'string',
                  ]
              }
          },
          'auditCheckToActionsMapping': {
              'string': [
                  'string',
              ]
          },
          'actionsDefinition': [
              {
                  'name': 'string',
                  'id': 'string',
                  'roleArn': 'string',
                  'actionParams': {
                      'updateDeviceCertificateParams': {
                          'action': 'DEACTIVATE'
                      },
                      'updateCACertificateParams': {
                          'action': 'DEACTIVATE'
                      },
                      'addThingsToThingGroupParams': {
                          'thingGroupNames': [
                              'string',
                          ],
                          'overrideDynamicGroups': True|False
                      },
                      'replaceDefaultPolicyVersionParams': {
                          'templateName': 'BLANK_POLICY'
                      },
                      'enableIoTLoggingParams': {
                          'roleArnForLogging': 'string',
                          'logLevel': 'DEBUG'|'INFO'|'ERROR'|'WARN'|'DISABLED'
                      },
                      'publishFindingToSnsParams': {
                          'topicArn': 'string'
                      }
                  }
              },
          ]
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **taskStatus** *(string) --* 

        The current status of the task.

        
      

      - **startTime** *(datetime) --* 

        The date and time when the task was started.

        
      

      - **endTime** *(datetime) --* 

        The date and time when the task was completed or canceled.

        
      

      - **taskStatistics** *(dict) --* 

        Aggregate counts of the results when the mitigation tasks were applied to the findings for this audit mitigation actions task.

        
        

        - *(string) --* 

          An audit check name. Checks must be enabled for your account. (Use ``DescribeAccountAuditConfiguration`` to see the list of all checks, including those that are enabled or use ``UpdateAccountAuditConfiguration`` to select which checks are enabled.)

          
          

          - *(dict) --* 

            Provides summary counts of how many tasks for findings are in a particular state. This information is included in the response from DescribeAuditMitigationActionsTask.

            
            

            - **totalFindingsCount** *(integer) --* 

              The total number of findings to which a task is being applied.

              
            

            - **failedFindingsCount** *(integer) --* 

              The number of findings for which at least one of the actions failed when applied.

              
            

            - **succeededFindingsCount** *(integer) --* 

              The number of findings for which all mitigation actions succeeded when applied.

              
            

            - **skippedFindingsCount** *(integer) --* 

              The number of findings skipped because of filter conditions provided in the parameters to the command.

              
            

            - **canceledFindingsCount** *(integer) --* 

              The number of findings to which the mitigation action task was canceled when applied.

              
        
    
  
      

      - **target** *(dict) --* 

        Identifies the findings to which the mitigation actions are applied. This can be by audit checks, by audit task, or a set of findings.

        
        

        - **auditTaskId** *(string) --* 

          If the task will apply a mitigation action to findings from a specific audit, this value uniquely identifies the audit.

          
        

        - **findingIds** *(list) --* 

          If the task will apply a mitigation action to one or more listed findings, this value uniquely identifies those findings.

          
          

          - *(string) --* 
      
        

        - **auditCheckToReasonCodeFilter** *(dict) --* 

          Specifies a filter in the form of an audit check and set of reason codes that identify the findings from the audit to which the audit mitigation actions task apply.

          
          

          - *(string) --* 

            An audit check name. Checks must be enabled for your account. (Use ``DescribeAccountAuditConfiguration`` to see the list of all checks, including those that are enabled or use ``UpdateAccountAuditConfiguration`` to select which checks are enabled.)

            
            

            - *(list) --* 
              

              - *(string) --* 
          
      
    
    
      

      - **auditCheckToActionsMapping** *(dict) --* 

        Specifies the mitigation actions that should be applied to specific audit checks.

        
        

        - *(string) --* 

          An audit check name. Checks must be enabled for your account. (Use ``DescribeAccountAuditConfiguration`` to see the list of all checks, including those that are enabled or use ``UpdateAccountAuditConfiguration`` to select which checks are enabled.)

          
          

          - *(list) --* 
            

            - *(string) --* 
        
    
  
      

      - **actionsDefinition** *(list) --* 

        Specifies the mitigation actions and their parameters that are applied as part of this task.

        
        

        - *(dict) --* 

          Describes which changes should be applied as part of a mitigation action.

          
          

          - **name** *(string) --* 

            A user-friendly name for the mitigation action.

            
          

          - **id** *(string) --* 

            A unique identifier for the mitigation action.

            
          

          - **roleArn** *(string) --* 

            The IAM role ARN used to apply this mitigation action.

            
          

          - **actionParams** *(dict) --* 

            The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.

            
            

            - **updateDeviceCertificateParams** *(dict) --* 

              Parameters to define a mitigation action that changes the state of the device certificate to inactive.

              
              

              - **action** *(string) --* 

                The action that you want to apply to the device certificate. The only supported value is ``DEACTIVATE``.

                
          
            

            - **updateCACertificateParams** *(dict) --* 

              Parameters to define a mitigation action that changes the state of the CA certificate to inactive.

              
              

              - **action** *(string) --* 

                The action that you want to apply to the CA certificate. The only supported value is ``DEACTIVATE``.

                
          
            

            - **addThingsToThingGroupParams** *(dict) --* 

              Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine.

              
              

              - **thingGroupNames** *(list) --* 

                The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy.

                
                

                - *(string) --* 
            
              

              - **overrideDynamicGroups** *(boolean) --* 

                Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.

                
          
            

            - **replaceDefaultPolicyVersionParams** *(dict) --* 

              Parameters to define a mitigation action that adds a blank policy to restrict permissions.

              
              

              - **templateName** *(string) --* 

                The name of the template to be applied. The only supported value is ``BLANK_POLICY``.

                
          
            

            - **enableIoTLoggingParams** *(dict) --* 

              Parameters to define a mitigation action that enables Amazon Web Services IoT Core logging at a specified level of detail.

              
              

              - **roleArnForLogging** *(string) --* 

                The Amazon Resource Name (ARN) of the IAM role used for logging.

                
              

              - **logLevel** *(string) --* 

                Specifies the type of information to be logged.

                
          
            

            - **publishFindingToSnsParams** *(dict) --* 

              Parameters to define a mitigation action that publishes findings to Amazon Simple Notification Service (Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages.

              
              

              - **topicArn** *(string) --* 

                The ARN of the topic to which you want to publish the findings.

                
          
        
      
    
  
  **Exceptions**
  
  *   :py:class:`IoT.Client.exceptions.InvalidRequestException`

  
  *   :py:class:`IoT.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`IoT.Client.exceptions.ThrottlingException`

  
  *   :py:class:`IoT.Client.exceptions.InternalFailureException`

  