DescribeAuditFinding

Gets information about a single audit finding. Properties include the reason for noncompliance, the severity of the issue, and the start time when the audit that returned the finding.

Requires permission to access the DescribeAuditFinding action.

Request Syntax

GET /audit/findings/findingId HTTP/1.1

URI Request Parameters

The request uses the following URI parameters.

findingId

A unique identifier for a single audit finding. You can use this identifier to apply mitigation actions to the finding.

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [a-zA-Z0-9_-]+

Required: Yes

Request Body

The request does not have a request body.

Response Syntax

HTTP/1.1 200
Content-type: application/json

{
   "finding": { 
      "checkName": "string",
      "findingId": "string",
      "findingTime": number,
      "isSuppressed": boolean,
      "nonCompliantResource": { 
         "additionalInfo": { 
            "string" : "string" 
         },
         "resourceIdentifier": { 
            "account": "string",
            "caCertificateId": "string",
            "clientId": "string",
            "cognitoIdentityPoolId": "string",
            "deviceCertificateArn": "string",
            "deviceCertificateId": "string",
            "iamRoleArn": "string",
            "issuerCertificateIdentifier": { 
               "issuerCertificateSerialNumber": "string",
               "issuerCertificateSubject": "string",
               "issuerId": "string"
            },
            "policyVersionIdentifier": { 
               "policyName": "string",
               "policyVersionId": "string"
            },
            "roleAliasArn": "string"
         },
         "resourceType": "string"
      },
      "reasonForNonCompliance": "string",
      "reasonForNonComplianceCode": "string",
      "relatedResources": [ 
         { 
            "additionalInfo": { 
               "string" : "string" 
            },
            "resourceIdentifier": { 
               "account": "string",
               "caCertificateId": "string",
               "clientId": "string",
               "cognitoIdentityPoolId": "string",
               "deviceCertificateArn": "string",
               "deviceCertificateId": "string",
               "iamRoleArn": "string",
               "issuerCertificateIdentifier": { 
                  "issuerCertificateSerialNumber": "string",
                  "issuerCertificateSubject": "string",
                  "issuerId": "string"
               },
               "policyVersionIdentifier": { 
                  "policyName": "string",
                  "policyVersionId": "string"
               },
               "roleAliasArn": "string"
            },
            "resourceType": "string"
         }
      ],
      "severity": "string",
      "taskId": "string",
      "taskStartTime": number
   }
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

finding

The findings (results) of the audit.

Type: AuditFinding object

Errors

InternalFailureException

An unexpected error has occurred.

HTTP Status Code: 500

InvalidRequestException

The request is not valid.

HTTP Status Code: 400

ResourceNotFoundException

The specified resource does not exist.

HTTP Status Code: 404

ThrottlingException

The rate exceeds the limit.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS Command Line Interface

• AWS SDK for .NET

• AWS SDK for C++

• AWS SDK for Go v2

• AWS SDK for Java V2

• AWS SDK for JavaScript V3

• AWS SDK for PHP V3

• AWS SDK for Python

• AWS SDK for Ruby V3