aws_codeguru_security_finding

account_id

Type: STRING

created_at

Type: TIMESTAMP
Provider name: createdAt
Description: The time when the finding was created.

description

Type: STRING
Provider name: description
Description: A description of the finding.

detector_id

Type: STRING
Provider name: detectorId
Description: The identifier for the detector that detected the finding in your code. A detector is a defined rule based on industry standards and AWS best practices.

detector_name

Type: STRING
Provider name: detectorName
Description: The name of the detector that identified the security vulnerability in your code.

detector_tags

Type: UNORDERED_LIST_STRING
Provider name: detectorTags
Description: One or more tags or categorizations that are associated with a detector. These tags are defined by type, programming language, or other classification such as maintainability or consistency.

generator_id

Type: STRING
Provider name: generatorId
Description: The identifier for the component that generated a finding such as AmazonCodeGuruSecurity.

id

Type: STRING
Provider name: id
Description: The identifier for a finding.

remediation

Type: STRUCT
Provider name: remediation
Description: An object that contains the details about how to remediate a finding.

• recommendation
  Type: STRUCT
  Provider name: recommendation
  Description: An object that contains information about the recommended course of action to remediate a finding.
  
  • text
    Type: STRING
    Provider name: text
    Description: The recommended course of action to remediate the finding.
    
  • url
    Type: STRING
    Provider name: url
    Description: The URL address to the recommendation for remediating the finding.
    
• suggested_fixes
  Type: UNORDERED_LIST_STRUCT
  Provider name: suggestedFixes
  Description: A list of SuggestedFix objects. Each object contains information about a suggested code fix to remediate the finding.
  
  • code
    Type: STRING
    Provider name: code
    Description: The suggested code fix. If applicable, includes code patch to replace your source code.
    
  • description
    Type: STRING
    Provider name: description
    Description: A description of the suggested code fix and why it is being suggested.
    

resource

Type: STRUCT
Provider name: resource
Description: The resource where Amazon CodeGuru Security detected a finding.

• id
  Type: STRING
  Provider name: id
  Description: The scanName of the scan that was run on the resource.
  
• sub_resource_id
  Type: STRING
  Provider name: subResourceId
  Description: The identifier for a section of the resource.
  

rule_id

Type: STRING
Provider name: ruleId
Description: The identifier for the rule that generated the finding.

severity

Type: STRING
Provider name: severity
Description: The severity of the finding. Severity can be critical, high, medium, low, or informational. For information on severity levels, see Finding severity in the Amazon CodeGuru Security User Guide.

status

Type: STRING
Provider name: status
Description: The status of the finding. A finding status can be open or closed.

tags

Type: UNORDERED_LIST_STRING

title

Type: STRING
Provider name: title
Description: The title of the finding.

type

Type: STRING
Provider name: type
Description: The type of finding.

updated_at

Type: TIMESTAMP
Provider name: updatedAt
Description: The time when the finding was last updated. Findings are updated when you remediate them or when the finding code location changes.

vulnerability

Type: STRUCT
Provider name: vulnerability
Description: An object that describes the detected security vulnerability.

• file_path
  Type: STRUCT
  Provider name: filePath
  Description: An object that describes the location of the detected security vulnerability in your code.
  
  • code_snippet
    Type: UNORDERED_LIST_STRUCT
    Provider name: codeSnippet
    Description: A list of CodeLine objects that describe where the security vulnerability appears in your code.
    
    • content
      Type: STRING
      Provider name: content
      Description: The code that contains a vulnerability.
      
    • number
      Type: INT32
      Provider name: number
      Description: The code line number.
      
  • end_line
    Type: INT32
    Provider name: endLine
    Description: The last line number of the code snippet where the security vulnerability appears in your code.
    
  • name
    Type: STRING
    Provider name: name
    Description: The name of the file.
    
  • path
    Type: STRING
    Provider name: path
    Description: The path to the resource with the security vulnerability.
    
  • start_line
    Type: INT32
    Provider name: startLine
    Description: The first line number of the code snippet where the security vulnerability appears in your code.
    
• id
  Type: STRING
  Provider name: id
  Description: The identifier for the vulnerability.
  
• item_count
  Type: INT32
  Provider name: itemCount
  Description: The number of times the vulnerability appears in your code.
  
• reference_urls
  Type: UNORDERED_LIST_STRING
  Provider name: referenceUrls
  Description: One or more URL addresses that contain details about a vulnerability.
  
• related_vulnerabilities
  Type: UNORDERED_LIST_STRING
  Provider name: relatedVulnerabilities
  Description: One or more vulnerabilities that are related to the vulnerability being described.