:doc:`IoT <../../iot>` / Paginator / ListAuditFindings

*****************
ListAuditFindings
*****************



.. py:class:: IoT.Paginator.ListAuditFindings

  ::

    
    paginator = client.get_paginator('list_audit_findings')

  
  

  .. py:method:: paginate(**kwargs)

    Creates an iterator that will paginate through responses from :py:meth:`IoT.Client.list_audit_findings`.

    See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iot-2015-05-28/ListAuditFindings>`_    


    **Request Syntax**
    ::

      response_iterator = paginator.paginate(
          taskId='string',
          checkName='string',
          resourceIdentifier={
              'deviceCertificateId': 'string',
              'caCertificateId': 'string',
              'cognitoIdentityPoolId': 'string',
              'clientId': 'string',
              'policyVersionIdentifier': {
                  'policyName': 'string',
                  'policyVersionId': 'string'
              },
              'account': 'string',
              'iamRoleArn': 'string',
              'roleAliasArn': 'string',
              'issuerCertificateIdentifier': {
                  'issuerCertificateSubject': 'string',
                  'issuerId': 'string',
                  'issuerCertificateSerialNumber': 'string'
              },
              'deviceCertificateArn': 'string'
          },
          startTime=datetime(2015, 1, 1),
          endTime=datetime(2015, 1, 1),
          listSuppressedFindings=True|False,
          PaginationConfig={
              'MaxItems': 123,
              'PageSize': 123,
              'StartingToken': 'string'
          }
      )
      
    :type taskId: string
    :param taskId: 

      A filter to limit results to the audit with the specified ID. You must specify either the taskId or the startTime and endTime, but not both.

      

    
    :type checkName: string
    :param checkName: 

      A filter to limit results to the findings for the specified audit check.

      

    
    :type resourceIdentifier: dict
    :param resourceIdentifier: 

      Information identifying the noncompliant resource.

      

    
      - **deviceCertificateId** *(string) --* 

        The ID of the certificate attached to the resource.

        

      
      - **caCertificateId** *(string) --* 

        The ID of the CA certificate used to authorize the certificate.

        

      
      - **cognitoIdentityPoolId** *(string) --* 

        The ID of the Amazon Cognito identity pool.

        

      
      - **clientId** *(string) --* 

        The client ID.

        

      
      - **policyVersionIdentifier** *(dict) --* 

        The version of the policy associated with the resource.

        

      
        - **policyName** *(string) --* 

          The name of the policy.

          

        
        - **policyVersionId** *(string) --* 

          The ID of the version of the policy associated with the resource.

          

        
      
      - **account** *(string) --* 

        The account with which the resource is associated.

        

      
      - **iamRoleArn** *(string) --* 

        The ARN of the IAM role that has overly permissive actions.

        

      
      - **roleAliasArn** *(string) --* 

        The ARN of the role alias that has overly permissive actions.

        

      
      - **issuerCertificateIdentifier** *(dict) --* 

        The issuer certificate identifier.

        

      
        - **issuerCertificateSubject** *(string) --* 

          The subject of the issuer certificate.

          

        
        - **issuerId** *(string) --* 

          The issuer ID.

          

        
        - **issuerCertificateSerialNumber** *(string) --* 

          The issuer certificate serial number.

          

        
      
      - **deviceCertificateArn** *(string) --* 

        The ARN of the identified device certificate.

        

      
    
    :type startTime: datetime
    :param startTime: 

      A filter to limit results to those found after the specified time. You must specify either the startTime and endTime or the taskId, but not both.

      

    
    :type endTime: datetime
    :param endTime: 

      A filter to limit results to those found before the specified time. You must specify either the startTime and endTime or the taskId, but not both.

      

    
    :type listSuppressedFindings: boolean
    :param listSuppressedFindings: 

      Boolean flag indicating whether only the suppressed findings or the unsuppressed findings should be listed. If this parameter isn't provided, the response will list both suppressed and unsuppressed findings.

      

    
    :type PaginationConfig: dict
    :param PaginationConfig: 

      A dictionary that provides parameters to control pagination.

      

    
      - **MaxItems** *(integer) --* 

        The total number of items to return. If the total number of items available is more than the value specified in max-items then a ``NextToken`` will be provided in the output that you can use to resume pagination.

        

      
      - **PageSize** *(integer) --* 

        The size of each page.

        

      
      - **StartingToken** *(string) --* 

        A token to specify where to start paginating. This is the ``NextToken`` from a previous response.

        

      
    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax**

      
      ::

        {
            'findings': [
                {
                    'findingId': 'string',
                    'taskId': 'string',
                    'checkName': 'string',
                    'taskStartTime': datetime(2015, 1, 1),
                    'findingTime': datetime(2015, 1, 1),
                    'severity': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW',
                    'nonCompliantResource': {
                        'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE',
                        'resourceIdentifier': {
                            'deviceCertificateId': 'string',
                            'caCertificateId': 'string',
                            'cognitoIdentityPoolId': 'string',
                            'clientId': 'string',
                            'policyVersionIdentifier': {
                                'policyName': 'string',
                                'policyVersionId': 'string'
                            },
                            'account': 'string',
                            'iamRoleArn': 'string',
                            'roleAliasArn': 'string',
                            'issuerCertificateIdentifier': {
                                'issuerCertificateSubject': 'string',
                                'issuerId': 'string',
                                'issuerCertificateSerialNumber': 'string'
                            },
                            'deviceCertificateArn': 'string'
                        },
                        'additionalInfo': {
                            'string': 'string'
                        }
                    },
                    'relatedResources': [
                        {
                            'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE',
                            'resourceIdentifier': {
                                'deviceCertificateId': 'string',
                                'caCertificateId': 'string',
                                'cognitoIdentityPoolId': 'string',
                                'clientId': 'string',
                                'policyVersionIdentifier': {
                                    'policyName': 'string',
                                    'policyVersionId': 'string'
                                },
                                'account': 'string',
                                'iamRoleArn': 'string',
                                'roleAliasArn': 'string',
                                'issuerCertificateIdentifier': {
                                    'issuerCertificateSubject': 'string',
                                    'issuerId': 'string',
                                    'issuerCertificateSerialNumber': 'string'
                                },
                                'deviceCertificateArn': 'string'
                            },
                            'additionalInfo': {
                                'string': 'string'
                            }
                        },
                    ],
                    'reasonForNonCompliance': 'string',
                    'reasonForNonComplianceCode': 'string',
                    'isSuppressed': True|False
                },
            ],
            'NextToken': 'string'
        }
        
      **Response Structure**

      

      - *(dict) --* 
        

        - **findings** *(list) --* 

          The findings (results) of the audit.

          
          

          - *(dict) --* 

            The findings (results) of the audit.

            
            

            - **findingId** *(string) --* 

              A unique identifier for this set of audit findings. This identifier is used to apply mitigation tasks to one or more sets of findings.

              
            

            - **taskId** *(string) --* 

              The ID of the audit that generated this result (finding).

              
            

            - **checkName** *(string) --* 

              The audit check that generated this result.

              
            

            - **taskStartTime** *(datetime) --* 

              The time the audit started.

              
            

            - **findingTime** *(datetime) --* 

              The time the result (finding) was discovered.

              
            

            - **severity** *(string) --* 

              The severity of the result (finding).

              
            

            - **nonCompliantResource** *(dict) --* 

              The resource that was found to be noncompliant with the audit check.

              
              

              - **resourceType** *(string) --* 

                The type of the noncompliant resource.

                
              

              - **resourceIdentifier** *(dict) --* 

                Information that identifies the noncompliant resource.

                
                

                - **deviceCertificateId** *(string) --* 

                  The ID of the certificate attached to the resource.

                  
                

                - **caCertificateId** *(string) --* 

                  The ID of the CA certificate used to authorize the certificate.

                  
                

                - **cognitoIdentityPoolId** *(string) --* 

                  The ID of the Amazon Cognito identity pool.

                  
                

                - **clientId** *(string) --* 

                  The client ID.

                  
                

                - **policyVersionIdentifier** *(dict) --* 

                  The version of the policy associated with the resource.

                  
                  

                  - **policyName** *(string) --* 

                    The name of the policy.

                    
                  

                  - **policyVersionId** *(string) --* 

                    The ID of the version of the policy associated with the resource.

                    
              
                

                - **account** *(string) --* 

                  The account with which the resource is associated.

                  
                

                - **iamRoleArn** *(string) --* 

                  The ARN of the IAM role that has overly permissive actions.

                  
                

                - **roleAliasArn** *(string) --* 

                  The ARN of the role alias that has overly permissive actions.

                  
                

                - **issuerCertificateIdentifier** *(dict) --* 

                  The issuer certificate identifier.

                  
                  

                  - **issuerCertificateSubject** *(string) --* 

                    The subject of the issuer certificate.

                    
                  

                  - **issuerId** *(string) --* 

                    The issuer ID.

                    
                  

                  - **issuerCertificateSerialNumber** *(string) --* 

                    The issuer certificate serial number.

                    
              
                

                - **deviceCertificateArn** *(string) --* 

                  The ARN of the identified device certificate.

                  
            
              

              - **additionalInfo** *(dict) --* 

                Other information about the noncompliant resource.

                
                

                - *(string) --* 
                  

                  - *(string) --* 
            
          
          
            

            - **relatedResources** *(list) --* 

              The list of related resources.

              
              

              - *(dict) --* 

                Information about a related resource.

                
                

                - **resourceType** *(string) --* 

                  The type of resource.

                  
                

                - **resourceIdentifier** *(dict) --* 

                  Information that identifies the resource.

                  
                  

                  - **deviceCertificateId** *(string) --* 

                    The ID of the certificate attached to the resource.

                    
                  

                  - **caCertificateId** *(string) --* 

                    The ID of the CA certificate used to authorize the certificate.

                    
                  

                  - **cognitoIdentityPoolId** *(string) --* 

                    The ID of the Amazon Cognito identity pool.

                    
                  

                  - **clientId** *(string) --* 

                    The client ID.

                    
                  

                  - **policyVersionIdentifier** *(dict) --* 

                    The version of the policy associated with the resource.

                    
                    

                    - **policyName** *(string) --* 

                      The name of the policy.

                      
                    

                    - **policyVersionId** *(string) --* 

                      The ID of the version of the policy associated with the resource.

                      
                
                  

                  - **account** *(string) --* 

                    The account with which the resource is associated.

                    
                  

                  - **iamRoleArn** *(string) --* 

                    The ARN of the IAM role that has overly permissive actions.

                    
                  

                  - **roleAliasArn** *(string) --* 

                    The ARN of the role alias that has overly permissive actions.

                    
                  

                  - **issuerCertificateIdentifier** *(dict) --* 

                    The issuer certificate identifier.

                    
                    

                    - **issuerCertificateSubject** *(string) --* 

                      The subject of the issuer certificate.

                      
                    

                    - **issuerId** *(string) --* 

                      The issuer ID.

                      
                    

                    - **issuerCertificateSerialNumber** *(string) --* 

                      The issuer certificate serial number.

                      
                
                  

                  - **deviceCertificateArn** *(string) --* 

                    The ARN of the identified device certificate.

                    
              
                

                - **additionalInfo** *(dict) --* 

                  Other information about the resource.

                  
                  

                  - *(string) --* 
                    

                    - *(string) --* 
              
            
            
          
            

            - **reasonForNonCompliance** *(string) --* 

              The reason the resource was noncompliant.

              
            

            - **reasonForNonComplianceCode** *(string) --* 

              A code that indicates the reason that the resource was noncompliant.

              
            

            - **isSuppressed** *(boolean) --* 

              Indicates whether the audit finding was suppressed or not during reporting.

              
        
      
        

        - **NextToken** *(string) --* 

          A token to resume pagination.

          
    