List Vulnerabilities
Retrieve a list of vulnerabilities detected by Amazon Inspector2 within a specified time range. This API provides options to filter findings by start and end times and allows setting a limit on the number of results returned.
For more information on setting up Amazon Inspector2 and its API, see Amazon Inspector2 Documentation (opens in a new tab)
from admyral.actions import list_amazon_inspector2_vulnerabilitiesArguments:
| Argument Name | Description | Required |
|---|---|---|
Start Time start_time | The start time of the findings as an ISO-8601 formatted string (inclusive). | - |
End Time end_time | The end time of the findings as an ISO-8601 formatted string (inclusive). | - |
Limit limit | The maximum number of findings to return. Default: 1000 | - |
Returns
A JSON array of JSON objects.
Required Secrets
| Secret Placeholder | Description |
|---|---|
AWS_SECRET | Amazon Inspector2 secret. See Amazon Inspector2 setup |
SDK Example
vulnerabilities = list_amazon_inspector2_vulnerabilities(
start_time="2024-09-21T00:00:00Z",
end_time="2024-09-22T00:00:00Z",,
limit=10,
secrets={
"AWS_SECRET": "my_stored_aws_secret"
}
)Example Output:
[
{
"awsAccountId": "string",
"codeVulnerabilityDetails": {
"cwes": [
"string",
],
"detectorId": "string",
"detectorName": "string",
"detectorTags": [
"string",
],
"filePath": {
"endLine": 123,
"fileName": "string",
"filePath": "string",
"startLine": 123
},
"referenceUrls": [
"string",
],
"ruleId": "string",
"sourceLambdaLayerArn": "string"
},
"description": "string",
"epss": {
"score": 123.0
},
"exploitAvailable": "YES",
"exploitabilityDetails": {
"lastKnownExploitAt": 1724583919
},
"findingArn": "string",
"firstObservedAt": 1724583919,
"fixAvailable": "YES",
"inspectorScore": 123.0,
"inspectorScoreDetails": {
"adjustedCvss": {
"adjustments": [
{
"metric": "string",
"reason": "string"
},
],
"cvssSource": "string",
"score": 123.0,
"scoreSource": "string",
"scoringVector": "string",
"version": "string"
}
},
"lastObservedAt": 1724583919,
"networkReachabilityDetails": {
"networkPath": {
"steps": [
{
"componentId": "string",
"componentType": "string"
},
]
},
"openPortRange": {
"begin": 123,
"end": 123
},
"protocol": "TCP"
},
"packageVulnerabilityDetails": {
"cvss": [
{
"baseScore": 123.0,
"scoringVector": "string",
"source": "string",
"version": "string"
},
],
"referenceUrls": [
"string",
],
"relatedVulnerabilities": [
"string",
],
"source": "string",
"sourceUrl": "string",
"vendorCreatedAt": 1724583919,
"vendorSeverity": "string",
"vendorUpdatedAt": 1724583919,
"vulnerabilityId": "string",
"vulnerablePackages": [
{
"arch": "string",
"epoch": 123,
"filePath": "string",
"fixedInVersion": "string",
"name": "string",
"packageManager": "BUNDLER",
"release": "string",
"remediation": "string",
"sourceLambdaLayerArn": "string",
"sourceLayerHash": "string",
"version": "string"
},
]
},
"remediation": {
"recommendation": {
"Url": "string",
"text": "string"
}
},
"resources": [
{
"details": {
"awsEc2Instance": {
"iamInstanceProfileArn": "string",
"imageId": "string",
"ipV4Addresses": [
"string",
],
"ipV6Addresses": [
"string",
],
"keyName": "string",
"launchedAt": 1724583919,
"platform": "string",
"subnetId": "string",
"type": "string",
"vpcId": "string"
},
"awsEcrContainerImage": {
"architecture": "string",
"author": "string",
"imageHash": "string",
"imageTags": [
"string",
],
"platform": "string",
"pushedAt": 1724583919,
"registry": "string",
"repositoryName": "string"
},
"awsLambdaFunction": {
"architectures": [
"X86_64"|"ARM64",
],
"codeSha256": "string",
"executionRoleArn": "string",
"functionName": "string",
"lastModifiedAt": 1724583919,
"layers": [
"string",
],
"packageType": "IMAGE",
"runtime": "NODEJS",
"version": "string",
"vpcConfig": {
"securityGroupIds": [
"string",
],
"subnetIds": [
"string",
],
"vpcId": "string"
}
}
},
"id": "string",
"partition": "string",
"region": "string",
"tags": {
"string": "string"
},
"type": "AWS_EC2_INSTANCE"
},
],
"severity": "CRITICAL",
"status": "ACTIVE",
"title": "string",
"type": "NETWORK_REACHABILITY",
"updatedAt": 1724583919
}
]