:doc:`IoT <../../iot>` / Client / list_audit_findings

*******************
list_audit_findings
*******************



.. py:method:: IoT.Client.list_audit_findings(**kwargs)

  

  Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period. (Findings are retained for 90 days.)

   

  Requires permission to access the `ListAuditFindings <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions>`__ action.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iot-2015-05-28/ListAuditFindings>`_  


  **Request Syntax**
  ::

    response = client.list_audit_findings(
        taskId='string',
        checkName='string',
        resourceIdentifier={
            'deviceCertificateId': 'string',
            'caCertificateId': 'string',
            'cognitoIdentityPoolId': 'string',
            'clientId': 'string',
            'policyVersionIdentifier': {
                'policyName': 'string',
                'policyVersionId': 'string'
            },
            'account': 'string',
            'iamRoleArn': 'string',
            'roleAliasArn': 'string',
            'issuerCertificateIdentifier': {
                'issuerCertificateSubject': 'string',
                'issuerId': 'string',
                'issuerCertificateSerialNumber': 'string'
            },
            'deviceCertificateArn': 'string'
        },
        maxResults=123,
        nextToken='string',
        startTime=datetime(2015, 1, 1),
        endTime=datetime(2015, 1, 1),
        listSuppressedFindings=True|False
    )
    
  :type taskId: string
  :param taskId: 

    A filter to limit results to the audit with the specified ID. You must specify either the taskId or the startTime and endTime, but not both.

    

  
  :type checkName: string
  :param checkName: 

    A filter to limit results to the findings for the specified audit check.

    

  
  :type resourceIdentifier: dict
  :param resourceIdentifier: 

    Information identifying the noncompliant resource.

    

  
    - **deviceCertificateId** *(string) --* 

      The ID of the certificate attached to the resource.

      

    
    - **caCertificateId** *(string) --* 

      The ID of the CA certificate used to authorize the certificate.

      

    
    - **cognitoIdentityPoolId** *(string) --* 

      The ID of the Amazon Cognito identity pool.

      

    
    - **clientId** *(string) --* 

      The client ID.

      

    
    - **policyVersionIdentifier** *(dict) --* 

      The version of the policy associated with the resource.

      

    
      - **policyName** *(string) --* 

        The name of the policy.

        

      
      - **policyVersionId** *(string) --* 

        The ID of the version of the policy associated with the resource.

        

      
    
    - **account** *(string) --* 

      The account with which the resource is associated.

      

    
    - **iamRoleArn** *(string) --* 

      The ARN of the IAM role that has overly permissive actions.

      

    
    - **roleAliasArn** *(string) --* 

      The ARN of the role alias that has overly permissive actions.

      

    
    - **issuerCertificateIdentifier** *(dict) --* 

      The issuer certificate identifier.

      

    
      - **issuerCertificateSubject** *(string) --* 

        The subject of the issuer certificate.

        

      
      - **issuerId** *(string) --* 

        The issuer ID.

        

      
      - **issuerCertificateSerialNumber** *(string) --* 

        The issuer certificate serial number.

        

      
    
    - **deviceCertificateArn** *(string) --* 

      The ARN of the identified device certificate.

      

    
  
  :type maxResults: integer
  :param maxResults: 

    The maximum number of results to return at one time. The default is 25.

    

  
  :type nextToken: string
  :param nextToken: 

    The token for the next set of results.

    

  
  :type startTime: datetime
  :param startTime: 

    A filter to limit results to those found after the specified time. You must specify either the startTime and endTime or the taskId, but not both.

    

  
  :type endTime: datetime
  :param endTime: 

    A filter to limit results to those found before the specified time. You must specify either the startTime and endTime or the taskId, but not both.

    

  
  :type listSuppressedFindings: boolean
  :param listSuppressedFindings: 

    Boolean flag indicating whether only the suppressed findings or the unsuppressed findings should be listed. If this parameter isn't provided, the response will list both suppressed and unsuppressed findings.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'findings': [
              {
                  'findingId': 'string',
                  'taskId': 'string',
                  'checkName': 'string',
                  'taskStartTime': datetime(2015, 1, 1),
                  'findingTime': datetime(2015, 1, 1),
                  'severity': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW',
                  'nonCompliantResource': {
                      'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE',
                      'resourceIdentifier': {
                          'deviceCertificateId': 'string',
                          'caCertificateId': 'string',
                          'cognitoIdentityPoolId': 'string',
                          'clientId': 'string',
                          'policyVersionIdentifier': {
                              'policyName': 'string',
                              'policyVersionId': 'string'
                          },
                          'account': 'string',
                          'iamRoleArn': 'string',
                          'roleAliasArn': 'string',
                          'issuerCertificateIdentifier': {
                              'issuerCertificateSubject': 'string',
                              'issuerId': 'string',
                              'issuerCertificateSerialNumber': 'string'
                          },
                          'deviceCertificateArn': 'string'
                      },
                      'additionalInfo': {
                          'string': 'string'
                      }
                  },
                  'relatedResources': [
                      {
                          'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE',
                          'resourceIdentifier': {
                              'deviceCertificateId': 'string',
                              'caCertificateId': 'string',
                              'cognitoIdentityPoolId': 'string',
                              'clientId': 'string',
                              'policyVersionIdentifier': {
                                  'policyName': 'string',
                                  'policyVersionId': 'string'
                              },
                              'account': 'string',
                              'iamRoleArn': 'string',
                              'roleAliasArn': 'string',
                              'issuerCertificateIdentifier': {
                                  'issuerCertificateSubject': 'string',
                                  'issuerId': 'string',
                                  'issuerCertificateSerialNumber': 'string'
                              },
                              'deviceCertificateArn': 'string'
                          },
                          'additionalInfo': {
                              'string': 'string'
                          }
                      },
                  ],
                  'reasonForNonCompliance': 'string',
                  'reasonForNonComplianceCode': 'string',
                  'isSuppressed': True|False
              },
          ],
          'nextToken': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **findings** *(list) --* 

        The findings (results) of the audit.

        
        

        - *(dict) --* 

          The findings (results) of the audit.

          
          

          - **findingId** *(string) --* 

            A unique identifier for this set of audit findings. This identifier is used to apply mitigation tasks to one or more sets of findings.

            
          

          - **taskId** *(string) --* 

            The ID of the audit that generated this result (finding).

            
          

          - **checkName** *(string) --* 

            The audit check that generated this result.

            
          

          - **taskStartTime** *(datetime) --* 

            The time the audit started.

            
          

          - **findingTime** *(datetime) --* 

            The time the result (finding) was discovered.

            
          

          - **severity** *(string) --* 

            The severity of the result (finding).

            
          

          - **nonCompliantResource** *(dict) --* 

            The resource that was found to be noncompliant with the audit check.

            
            

            - **resourceType** *(string) --* 

              The type of the noncompliant resource.

              
            

            - **resourceIdentifier** *(dict) --* 

              Information that identifies the noncompliant resource.

              
              

              - **deviceCertificateId** *(string) --* 

                The ID of the certificate attached to the resource.

                
              

              - **caCertificateId** *(string) --* 

                The ID of the CA certificate used to authorize the certificate.

                
              

              - **cognitoIdentityPoolId** *(string) --* 

                The ID of the Amazon Cognito identity pool.

                
              

              - **clientId** *(string) --* 

                The client ID.

                
              

              - **policyVersionIdentifier** *(dict) --* 

                The version of the policy associated with the resource.

                
                

                - **policyName** *(string) --* 

                  The name of the policy.

                  
                

                - **policyVersionId** *(string) --* 

                  The ID of the version of the policy associated with the resource.

                  
            
              

              - **account** *(string) --* 

                The account with which the resource is associated.

                
              

              - **iamRoleArn** *(string) --* 

                The ARN of the IAM role that has overly permissive actions.

                
              

              - **roleAliasArn** *(string) --* 

                The ARN of the role alias that has overly permissive actions.

                
              

              - **issuerCertificateIdentifier** *(dict) --* 

                The issuer certificate identifier.

                
                

                - **issuerCertificateSubject** *(string) --* 

                  The subject of the issuer certificate.

                  
                

                - **issuerId** *(string) --* 

                  The issuer ID.

                  
                

                - **issuerCertificateSerialNumber** *(string) --* 

                  The issuer certificate serial number.

                  
            
              

              - **deviceCertificateArn** *(string) --* 

                The ARN of the identified device certificate.

                
          
            

            - **additionalInfo** *(dict) --* 

              Other information about the noncompliant resource.

              
              

              - *(string) --* 
                

                - *(string) --* 
          
        
        
          

          - **relatedResources** *(list) --* 

            The list of related resources.

            
            

            - *(dict) --* 

              Information about a related resource.

              
              

              - **resourceType** *(string) --* 

                The type of resource.

                
              

              - **resourceIdentifier** *(dict) --* 

                Information that identifies the resource.

                
                

                - **deviceCertificateId** *(string) --* 

                  The ID of the certificate attached to the resource.

                  
                

                - **caCertificateId** *(string) --* 

                  The ID of the CA certificate used to authorize the certificate.

                  
                

                - **cognitoIdentityPoolId** *(string) --* 

                  The ID of the Amazon Cognito identity pool.

                  
                

                - **clientId** *(string) --* 

                  The client ID.

                  
                

                - **policyVersionIdentifier** *(dict) --* 

                  The version of the policy associated with the resource.

                  
                  

                  - **policyName** *(string) --* 

                    The name of the policy.

                    
                  

                  - **policyVersionId** *(string) --* 

                    The ID of the version of the policy associated with the resource.

                    
              
                

                - **account** *(string) --* 

                  The account with which the resource is associated.

                  
                

                - **iamRoleArn** *(string) --* 

                  The ARN of the IAM role that has overly permissive actions.

                  
                

                - **roleAliasArn** *(string) --* 

                  The ARN of the role alias that has overly permissive actions.

                  
                

                - **issuerCertificateIdentifier** *(dict) --* 

                  The issuer certificate identifier.

                  
                  

                  - **issuerCertificateSubject** *(string) --* 

                    The subject of the issuer certificate.

                    
                  

                  - **issuerId** *(string) --* 

                    The issuer ID.

                    
                  

                  - **issuerCertificateSerialNumber** *(string) --* 

                    The issuer certificate serial number.

                    
              
                

                - **deviceCertificateArn** *(string) --* 

                  The ARN of the identified device certificate.

                  
            
              

              - **additionalInfo** *(dict) --* 

                Other information about the resource.

                
                

                - *(string) --* 
                  

                  - *(string) --* 
            
          
          
        
          

          - **reasonForNonCompliance** *(string) --* 

            The reason the resource was noncompliant.

            
          

          - **reasonForNonComplianceCode** *(string) --* 

            A code that indicates the reason that the resource was noncompliant.

            
          

          - **isSuppressed** *(boolean) --* 

            Indicates whether the audit finding was suppressed or not during reporting.

            
      
    
      

      - **nextToken** *(string) --* 

        A token that can be used to retrieve the next set of results, or ``null`` if there are no additional results.

        
  
  **Exceptions**
  
  *   :py:class:`IoT.Client.exceptions.InvalidRequestException`

  
  *   :py:class:`IoT.Client.exceptions.ThrottlingException`

  
  *   :py:class:`IoT.Client.exceptions.InternalFailureException`

  