SecurityHub / Paginator / GetRecommendedPolicyV2

GetRecommendedPolicyV2

class SecurityHub.Paginator.GetRecommendedPolicyV2
paginator = client.get_paginator('get_recommended_policy_v2')
paginate(**kwargs)

Creates an iterator that will paginate through responses from SecurityHub.Client.get_recommended_policy_v2().

See also: AWS API Documentation

Request Syntax

response_iterator = paginator.paginate(
    MetadataUid='string',
    PaginationConfig={
        'MaxItems': 123,
        'PageSize': 123,
        'StartingToken': 'string'
    }
)
Parameters:

  • MetadataUid (string) –

    [REQUIRED]

    The unique identifier (ID) of Security Hub OCSF findings found under the metadata.uid field of the finding.

  • PaginationConfig (dict) –

    A dictionary that provides parameters to control pagination.

    • MaxItems (integer) –

      The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.

    • PageSize (integer) –

      The size of each page.

    • StartingToken (string) –

      A token to specify where to start paginating. This is the NextToken from a previous response.

Return type:

dict

Returns:

Response Syntax

{
    'RecommendationType': 'UNUSED_PERMISSION_RECOMMENDATION',
    'RecommendationSteps': [
        {
            'UnusedPermissions': {
                'RecommendedAction': 'string',
                'ExistingPolicy': 'string',
                'ExistingPolicyId': 'string',
                'PolicyUpdatedAt': datetime(2015, 1, 1),
                'RecommendedPolicy': 'string'
            }
        },
    ],
    'Error': {
        'Code': 'string',
        'Message': 'string'
    },
    'Status': 'IN_PROGRESS'|'SUCCEEDED'|'FAILED',
    'ResourceArn': 'string'
}

Response Structure

  • (dict) –

    • RecommendationType (string) –

      The type of recommendation for the finding.

    • RecommendationSteps (list) –

      The recommended steps to take to resolve the finding.

      • (dict) –

        Contains information about a recommended step to remediate a Security Hub finding.

        Note

        This is a Tagged Union structure. Only one of the following top level keys will be set: UnusedPermissions. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:

        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}

        • UnusedPermissions (dict) –

          A recommended step to remediate an unused permissions finding.

          • RecommendedAction (string) –

            A recommendation of whether to create or detach a policy for an unused permissions finding.

          • ExistingPolicy (string) –

            The contents of the existing policy identified by ExistingPolicyId which needs to be replaced, when the RecommendedAction is CREATE_POLICY.

          • ExistingPolicyId (string) –

            The ID of an existing policy to be replaced or detached.

          • PolicyUpdatedAt (datetime) –

            The time at which the existing policy for the unused permissions finding was last updated.

          • RecommendedPolicy (string) –

            The contents of the least-privileged recommended replacement for ExistingPolicyId, when the RecommendedAction is CREATE_POLICY.

    • Error (dict) –

      Detailed information for a FAILED retrieval status.

      • Code (string) –

        The error code for a failed retrieval of a recommended policy for a finding.

      • Message (string) –

        The error message for a failed retrieval of a recommended policy for a finding.

    • Status (string) –

      The current status of the recommended policy retrieval.

    • ResourceArn (string) –

      The ARN of the resource of the finding.