:doc:`IoT <../../iot>` / Client / list_audit_suppressions

***********************
list_audit_suppressions
***********************



.. py:method:: IoT.Client.list_audit_suppressions(**kwargs)

  

  Lists your Device Defender audit listings.

   

  Requires permission to access the `ListAuditSuppressions <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions>`__ action.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iot-2015-05-28/ListAuditSuppressions>`_  


  **Request Syntax**
  ::

    response = client.list_audit_suppressions(
        checkName='string',
        resourceIdentifier={
            'deviceCertificateId': 'string',
            'caCertificateId': 'string',
            'cognitoIdentityPoolId': 'string',
            'clientId': 'string',
            'policyVersionIdentifier': {
                'policyName': 'string',
                'policyVersionId': 'string'
            },
            'account': 'string',
            'iamRoleArn': 'string',
            'roleAliasArn': 'string',
            'issuerCertificateIdentifier': {
                'issuerCertificateSubject': 'string',
                'issuerId': 'string',
                'issuerCertificateSerialNumber': 'string'
            },
            'deviceCertificateArn': 'string'
        },
        ascendingOrder=True|False,
        nextToken='string',
        maxResults=123
    )
    
  :type checkName: string
  :param checkName: 

    An audit check name. Checks must be enabled for your account. (Use ``DescribeAccountAuditConfiguration`` to see the list of all checks, including those that are enabled or use ``UpdateAccountAuditConfiguration`` to select which checks are enabled.)

    

  
  :type resourceIdentifier: dict
  :param resourceIdentifier: 

    Information that identifies the noncompliant resource.

    

  
    - **deviceCertificateId** *(string) --* 

      The ID of the certificate attached to the resource.

      

    
    - **caCertificateId** *(string) --* 

      The ID of the CA certificate used to authorize the certificate.

      

    
    - **cognitoIdentityPoolId** *(string) --* 

      The ID of the Amazon Cognito identity pool.

      

    
    - **clientId** *(string) --* 

      The client ID.

      

    
    - **policyVersionIdentifier** *(dict) --* 

      The version of the policy associated with the resource.

      

    
      - **policyName** *(string) --* 

        The name of the policy.

        

      
      - **policyVersionId** *(string) --* 

        The ID of the version of the policy associated with the resource.

        

      
    
    - **account** *(string) --* 

      The account with which the resource is associated.

      

    
    - **iamRoleArn** *(string) --* 

      The ARN of the IAM role that has overly permissive actions.

      

    
    - **roleAliasArn** *(string) --* 

      The ARN of the role alias that has overly permissive actions.

      

    
    - **issuerCertificateIdentifier** *(dict) --* 

      The issuer certificate identifier.

      

    
      - **issuerCertificateSubject** *(string) --* 

        The subject of the issuer certificate.

        

      
      - **issuerId** *(string) --* 

        The issuer ID.

        

      
      - **issuerCertificateSerialNumber** *(string) --* 

        The issuer certificate serial number.

        

      
    
    - **deviceCertificateArn** *(string) --* 

      The ARN of the identified device certificate.

      

    
  
  :type ascendingOrder: boolean
  :param ascendingOrder: 

    Determines whether suppressions are listed in ascending order by expiration date or not. If parameter isn't provided, ``ascendingOrder=true``.

    

  
  :type nextToken: string
  :param nextToken: 

    The token for the next set of results.

    

  
  :type maxResults: integer
  :param maxResults: 

    The maximum number of results to return at one time. The default is 25.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'suppressions': [
              {
                  'checkName': 'string',
                  'resourceIdentifier': {
                      'deviceCertificateId': 'string',
                      'caCertificateId': 'string',
                      'cognitoIdentityPoolId': 'string',
                      'clientId': 'string',
                      'policyVersionIdentifier': {
                          'policyName': 'string',
                          'policyVersionId': 'string'
                      },
                      'account': 'string',
                      'iamRoleArn': 'string',
                      'roleAliasArn': 'string',
                      'issuerCertificateIdentifier': {
                          'issuerCertificateSubject': 'string',
                          'issuerId': 'string',
                          'issuerCertificateSerialNumber': 'string'
                      },
                      'deviceCertificateArn': 'string'
                  },
                  'expirationDate': datetime(2015, 1, 1),
                  'suppressIndefinitely': True|False,
                  'description': 'string'
              },
          ],
          'nextToken': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **suppressions** *(list) --* 

        List of audit suppressions.

        
        

        - *(dict) --* 

          Filters out specific findings of a Device Defender audit.

          
          

          - **checkName** *(string) --* 

            An audit check name. Checks must be enabled for your account. (Use ``DescribeAccountAuditConfiguration`` to see the list of all checks, including those that are enabled or use ``UpdateAccountAuditConfiguration`` to select which checks are enabled.)

            
          

          - **resourceIdentifier** *(dict) --* 

            Information that identifies the noncompliant resource.

            
            

            - **deviceCertificateId** *(string) --* 

              The ID of the certificate attached to the resource.

              
            

            - **caCertificateId** *(string) --* 

              The ID of the CA certificate used to authorize the certificate.

              
            

            - **cognitoIdentityPoolId** *(string) --* 

              The ID of the Amazon Cognito identity pool.

              
            

            - **clientId** *(string) --* 

              The client ID.

              
            

            - **policyVersionIdentifier** *(dict) --* 

              The version of the policy associated with the resource.

              
              

              - **policyName** *(string) --* 

                The name of the policy.

                
              

              - **policyVersionId** *(string) --* 

                The ID of the version of the policy associated with the resource.

                
          
            

            - **account** *(string) --* 

              The account with which the resource is associated.

              
            

            - **iamRoleArn** *(string) --* 

              The ARN of the IAM role that has overly permissive actions.

              
            

            - **roleAliasArn** *(string) --* 

              The ARN of the role alias that has overly permissive actions.

              
            

            - **issuerCertificateIdentifier** *(dict) --* 

              The issuer certificate identifier.

              
              

              - **issuerCertificateSubject** *(string) --* 

                The subject of the issuer certificate.

                
              

              - **issuerId** *(string) --* 

                The issuer ID.

                
              

              - **issuerCertificateSerialNumber** *(string) --* 

                The issuer certificate serial number.

                
          
            

            - **deviceCertificateArn** *(string) --* 

              The ARN of the identified device certificate.

              
        
          

          - **expirationDate** *(datetime) --* 

            The expiration date (epoch timestamp in seconds) that you want the suppression to adhere to.

            
          

          - **suppressIndefinitely** *(boolean) --* 

            Indicates whether a suppression should exist indefinitely or not.

            
          

          - **description** *(string) --* 

            The description of the audit suppression.

            
      
    
      

      - **nextToken** *(string) --* 

        A token that can be used to retrieve the next set of results, or ``null`` if there are no additional results.

        
  
  **Exceptions**
  
  *   :py:class:`IoT.Client.exceptions.InvalidRequestException`

  
  *   :py:class:`IoT.Client.exceptions.ThrottlingException`

  
  *   :py:class:`IoT.Client.exceptions.InternalFailureException`

  