FindingSummaryV2
Contains information about a finding.
Contents
- analyzedAt
-
The time at which the resource-based policy or IAM entity that generated the finding was analyzed.
Type: Timestamp
Required: Yes
- createdAt
-
The time at which the finding was created.
Type: Timestamp
Required: Yes
- id
-
The ID of the finding.
Type: String
Required: Yes
- resourceOwnerAccount
-
The AWS account ID that owns the resource.
Type: String
Required: Yes
- resourceType
-
The type of the resource that the external principal has access to.
Type: String
Valid Values:
AWS::S3::Bucket | AWS::IAM::Role | AWS::SQS::Queue | AWS::Lambda::Function | AWS::Lambda::LayerVersion | AWS::KMS::Key | AWS::SecretsManager::Secret | AWS::EFS::FileSystem | AWS::EC2::Snapshot | AWS::ECR::Repository | AWS::RDS::DBSnapshot | AWS::RDS::DBClusterSnapshot | AWS::SNS::Topic | AWS::S3Express::DirectoryBucket | AWS::DynamoDB::Table | AWS::DynamoDB::Stream | AWS::IAM::UserRequired: Yes
- status
-
The status of the finding.
Type: String
Valid Values:
ACTIVE | ARCHIVED | RESOLVEDRequired: Yes
- updatedAt
-
The time at which the finding was most recently updated.
Type: Timestamp
Required: Yes
- error
-
The error that resulted in an Error finding.
Type: String
Required: No
- findingType
-
The type of the access finding. For external access analyzers, the type is
ExternalAccess. For unused access analyzers, the type can beUnusedIAMRole,UnusedIAMUserAccessKey,UnusedIAMUserPassword, orUnusedPermission. For internal access analyzers, the type isInternalAccess.Type: String
Valid Values:
ExternalAccess | UnusedIAMRole | UnusedIAMUserAccessKey | UnusedIAMUserPassword | UnusedPermission | InternalAccessRequired: No
- resource
-
The resource that the external principal has access to.
Type: String
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
