:doc:`IoT <../../iot>` / Client / describe_audit_suppression

**************************
describe_audit_suppression
**************************



.. py:method:: IoT.Client.describe_audit_suppression(**kwargs)

  

  Gets information about a Device Defender audit suppression.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iot-2015-05-28/DescribeAuditSuppression>`_  


  **Request Syntax**
  ::

    response = client.describe_audit_suppression(
        checkName='string',
        resourceIdentifier={
            'deviceCertificateId': 'string',
            'caCertificateId': 'string',
            'cognitoIdentityPoolId': 'string',
            'clientId': 'string',
            'policyVersionIdentifier': {
                'policyName': 'string',
                'policyVersionId': 'string'
            },
            'account': 'string',
            'iamRoleArn': 'string',
            'roleAliasArn': 'string',
            'issuerCertificateIdentifier': {
                'issuerCertificateSubject': 'string',
                'issuerId': 'string',
                'issuerCertificateSerialNumber': 'string'
            },
            'deviceCertificateArn': 'string'
        }
    )
    
  :type checkName: string
  :param checkName: **[REQUIRED]** 

    An audit check name. Checks must be enabled for your account. (Use ``DescribeAccountAuditConfiguration`` to see the list of all checks, including those that are enabled or use ``UpdateAccountAuditConfiguration`` to select which checks are enabled.)

    

  
  :type resourceIdentifier: dict
  :param resourceIdentifier: **[REQUIRED]** 

    Information that identifies the noncompliant resource.

    

  
    - **deviceCertificateId** *(string) --* 

      The ID of the certificate attached to the resource.

      

    
    - **caCertificateId** *(string) --* 

      The ID of the CA certificate used to authorize the certificate.

      

    
    - **cognitoIdentityPoolId** *(string) --* 

      The ID of the Amazon Cognito identity pool.

      

    
    - **clientId** *(string) --* 

      The client ID.

      

    
    - **policyVersionIdentifier** *(dict) --* 

      The version of the policy associated with the resource.

      

    
      - **policyName** *(string) --* 

        The name of the policy.

        

      
      - **policyVersionId** *(string) --* 

        The ID of the version of the policy associated with the resource.

        

      
    
    - **account** *(string) --* 

      The account with which the resource is associated.

      

    
    - **iamRoleArn** *(string) --* 

      The ARN of the IAM role that has overly permissive actions.

      

    
    - **roleAliasArn** *(string) --* 

      The ARN of the role alias that has overly permissive actions.

      

    
    - **issuerCertificateIdentifier** *(dict) --* 

      The issuer certificate identifier.

      

    
      - **issuerCertificateSubject** *(string) --* 

        The subject of the issuer certificate.

        

      
      - **issuerId** *(string) --* 

        The issuer ID.

        

      
      - **issuerCertificateSerialNumber** *(string) --* 

        The issuer certificate serial number.

        

      
    
    - **deviceCertificateArn** *(string) --* 

      The ARN of the identified device certificate.

      

    
  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'checkName': 'string',
          'resourceIdentifier': {
              'deviceCertificateId': 'string',
              'caCertificateId': 'string',
              'cognitoIdentityPoolId': 'string',
              'clientId': 'string',
              'policyVersionIdentifier': {
                  'policyName': 'string',
                  'policyVersionId': 'string'
              },
              'account': 'string',
              'iamRoleArn': 'string',
              'roleAliasArn': 'string',
              'issuerCertificateIdentifier': {
                  'issuerCertificateSubject': 'string',
                  'issuerId': 'string',
                  'issuerCertificateSerialNumber': 'string'
              },
              'deviceCertificateArn': 'string'
          },
          'expirationDate': datetime(2015, 1, 1),
          'suppressIndefinitely': True|False,
          'description': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **checkName** *(string) --* 

        An audit check name. Checks must be enabled for your account. (Use ``DescribeAccountAuditConfiguration`` to see the list of all checks, including those that are enabled or use ``UpdateAccountAuditConfiguration`` to select which checks are enabled.)

        
      

      - **resourceIdentifier** *(dict) --* 

        Information that identifies the noncompliant resource.

        
        

        - **deviceCertificateId** *(string) --* 

          The ID of the certificate attached to the resource.

          
        

        - **caCertificateId** *(string) --* 

          The ID of the CA certificate used to authorize the certificate.

          
        

        - **cognitoIdentityPoolId** *(string) --* 

          The ID of the Amazon Cognito identity pool.

          
        

        - **clientId** *(string) --* 

          The client ID.

          
        

        - **policyVersionIdentifier** *(dict) --* 

          The version of the policy associated with the resource.

          
          

          - **policyName** *(string) --* 

            The name of the policy.

            
          

          - **policyVersionId** *(string) --* 

            The ID of the version of the policy associated with the resource.

            
      
        

        - **account** *(string) --* 

          The account with which the resource is associated.

          
        

        - **iamRoleArn** *(string) --* 

          The ARN of the IAM role that has overly permissive actions.

          
        

        - **roleAliasArn** *(string) --* 

          The ARN of the role alias that has overly permissive actions.

          
        

        - **issuerCertificateIdentifier** *(dict) --* 

          The issuer certificate identifier.

          
          

          - **issuerCertificateSubject** *(string) --* 

            The subject of the issuer certificate.

            
          

          - **issuerId** *(string) --* 

            The issuer ID.

            
          

          - **issuerCertificateSerialNumber** *(string) --* 

            The issuer certificate serial number.

            
      
        

        - **deviceCertificateArn** *(string) --* 

          The ARN of the identified device certificate.

          
    
      

      - **expirationDate** *(datetime) --* 

        The epoch timestamp in seconds at which this suppression expires.

        
      

      - **suppressIndefinitely** *(boolean) --* 

        Indicates whether a suppression should exist indefinitely or not.

        
      

      - **description** *(string) --* 

        The description of the audit suppression.

        
  
  **Exceptions**
  
  *   :py:class:`IoT.Client.exceptions.InvalidRequestException`

  
  *   :py:class:`IoT.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`IoT.Client.exceptions.ThrottlingException`

  
  *   :py:class:`IoT.Client.exceptions.InternalFailureException`

  