Skip to content

/AWS1/CL_AANFINDING

Contains information about a finding.

CONSTRUCTOR

IMPORTING

Required arguments:

iv_id TYPE /AWS1/AANFINDINGID /AWS1/AANFINDINGID

The ID of the finding.

iv_resourcetype TYPE /AWS1/AANRESOURCETYPE /AWS1/AANRESOURCETYPE

The type of the resource identified in the finding.

it_condition TYPE /AWS1/CL_AANCONDITIONKEYMAP_W=>TT_CONDITIONKEYMAP TT_CONDITIONKEYMAP

The condition in the analyzed policy statement that resulted in a finding.

iv_createdat TYPE /AWS1/AANTIMESTAMP /AWS1/AANTIMESTAMP

The time at which the finding was generated.

iv_analyzedat TYPE /AWS1/AANTIMESTAMP /AWS1/AANTIMESTAMP

The time at which the resource was analyzed.

iv_updatedat TYPE /AWS1/AANTIMESTAMP /AWS1/AANTIMESTAMP

The time at which the finding was updated.

iv_status TYPE /AWS1/AANFINDINGSTATUS /AWS1/AANFINDINGSTATUS

The current status of the finding.

iv_resourceowneraccount TYPE /AWS1/AANSTRING /AWS1/AANSTRING

The Amazon Web Services account ID that owns the resource.

Optional arguments:

it_principal TYPE /AWS1/CL_AANPRINCIPALMAP_W=>TT_PRINCIPALMAP TT_PRINCIPALMAP

The external principal that has access to a resource within the zone of trust.

it_action TYPE /AWS1/CL_AANACTIONLIST_W=>TT_ACTIONLIST TT_ACTIONLIST

The action in the analyzed policy statement that an external principal has permission to use.

iv_resource TYPE /AWS1/AANSTRING /AWS1/AANSTRING

The resource that an external principal has access to.

iv_ispublic TYPE /AWS1/AANBOOLEAN /AWS1/AANBOOLEAN

Indicates whether the policy that generated the finding allows public access to the resource.

iv_error TYPE /AWS1/AANSTRING /AWS1/AANSTRING

An error.

it_sources TYPE /AWS1/CL_AANFINDINGSOURCE=>TT_FINDINGSOURCELIST TT_FINDINGSOURCELIST

The sources of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.

iv_resourcectlplyrestriction TYPE /AWS1/AANRESRCCTLPLYRESTRICT00 /AWS1/AANRESRCCTLPLYRESTRICT00

The type of restriction applied to the finding by the resource owner with an Organizations resource control policy (RCP).

Queryable Attributes

id

The ID of the finding.

Accessible with the following methods

Method Description
GET_ID() Getter for ID, with configurable default
ASK_ID() Getter for ID w/ exceptions if field has no value
HAS_ID() Determine if ID has a value

principal

The external principal that has access to a resource within the zone of trust.

Accessible with the following methods

Method Description
GET_PRINCIPAL() Getter for PRINCIPAL, with configurable default
ASK_PRINCIPAL() Getter for PRINCIPAL w/ exceptions if field has no value
HAS_PRINCIPAL() Determine if PRINCIPAL has a value

action

The action in the analyzed policy statement that an external principal has permission to use.

Accessible with the following methods

Method Description
GET_ACTION() Getter for ACTION, with configurable default
ASK_ACTION() Getter for ACTION w/ exceptions if field has no value
HAS_ACTION() Determine if ACTION has a value

resource

The resource that an external principal has access to.

Accessible with the following methods

Method Description
GET_RESOURCE() Getter for RESOURCE, with configurable default
ASK_RESOURCE() Getter for RESOURCE w/ exceptions if field has no value
HAS_RESOURCE() Determine if RESOURCE has a value

isPublic

Indicates whether the policy that generated the finding allows public access to the resource.

Accessible with the following methods

Method Description
GET_ISPUBLIC() Getter for ISPUBLIC, with configurable default
ASK_ISPUBLIC() Getter for ISPUBLIC w/ exceptions if field has no value
HAS_ISPUBLIC() Determine if ISPUBLIC has a value

resourceType

The type of the resource identified in the finding.

Accessible with the following methods

Method Description
GET_RESOURCETYPE() Getter for RESOURCETYPE, with configurable default
ASK_RESOURCETYPE() Getter for RESOURCETYPE w/ exceptions if field has no value
HAS_RESOURCETYPE() Determine if RESOURCETYPE has a value

condition

The condition in the analyzed policy statement that resulted in a finding.

Accessible with the following methods

Method Description
GET_CONDITION() Getter for CONDITION, with configurable default
ASK_CONDITION() Getter for CONDITION w/ exceptions if field has no value
HAS_CONDITION() Determine if CONDITION has a value

createdAt

The time at which the finding was generated.

Accessible with the following methods

Method Description
GET_CREATEDAT() Getter for CREATEDAT, with configurable default
ASK_CREATEDAT() Getter for CREATEDAT w/ exceptions if field has no value
HAS_CREATEDAT() Determine if CREATEDAT has a value

analyzedAt

The time at which the resource was analyzed.

Accessible with the following methods

Method Description
GET_ANALYZEDAT() Getter for ANALYZEDAT, with configurable default
ASK_ANALYZEDAT() Getter for ANALYZEDAT w/ exceptions if field has no value
HAS_ANALYZEDAT() Determine if ANALYZEDAT has a value

updatedAt

The time at which the finding was updated.

Accessible with the following methods

Method Description
GET_UPDATEDAT() Getter for UPDATEDAT, with configurable default
ASK_UPDATEDAT() Getter for UPDATEDAT w/ exceptions if field has no value
HAS_UPDATEDAT() Determine if UPDATEDAT has a value

status

The current status of the finding.

Accessible with the following methods

Method Description
GET_STATUS() Getter for STATUS, with configurable default
ASK_STATUS() Getter for STATUS w/ exceptions if field has no value
HAS_STATUS() Determine if STATUS has a value

resourceOwnerAccount

The Amazon Web Services account ID that owns the resource.

Accessible with the following methods

Method Description
GET_RESOURCEOWNERACCOUNT() Getter for RESOURCEOWNERACCOUNT, with configurable default
ASK_RESOURCEOWNERACCOUNT() Getter for RESOURCEOWNERACCOUNT w/ exceptions if field has n
HAS_RESOURCEOWNERACCOUNT() Determine if RESOURCEOWNERACCOUNT has a value

error

An error.

Accessible with the following methods

Method Description
GET_ERROR() Getter for ERROR, with configurable default
ASK_ERROR() Getter for ERROR w/ exceptions if field has no value
HAS_ERROR() Determine if ERROR has a value

sources

The sources of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.

Accessible with the following methods

Method Description
GET_SOURCES() Getter for SOURCES, with configurable default
ASK_SOURCES() Getter for SOURCES w/ exceptions if field has no value
HAS_SOURCES() Determine if SOURCES has a value

resourceControlPolicyRestriction

The type of restriction applied to the finding by the resource owner with an Organizations resource control policy (RCP).

Accessible with the following methods

Method Description
GET_RESRCCTLPLYRESTRICTION() Getter for RESOURCECTLPOLICYRESTRICTION, with configurable d
ASK_RESRCCTLPLYRESTRICTION() Getter for RESOURCECTLPOLICYRESTRICTION w/ exceptions if fie
HAS_RESRCCTLPLYRESTRICTION() Determine if RESOURCECTLPOLICYRESTRICTION has a value