By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Macie list_findings() errors.

0

I am attempting to build a lambda (with boto3/python) using the list_findings call. My function is:

response = client.list_findings(
        findingCriteria={
            'criterion': {
                'Job ID': {
                    'eq': ['5e8ff9bf55ba3508199d22e984129be6']
                }
            }
        },
        maxResults=50,
        nextToken='continued',
        sortCriteria={
            'attributeName': 'bucketArn',
            'orderBy': 'DESC'
        }
    )

The Job ID does exist within my Macie console. (And is intentionally 'hard coded' here at the moment however once working will be a variable.). When I attempt to test I receive the below error. Has anyone else ran into this issue? If so how is it corrected?
Response

>{
  "errorMessage": "An error occurred (ValidationException) when calling the ListFindings operation: 1 validation error detected: Value '{Job ID=FindingCondition(gt=null, gte=null, lt=null, lte=null, eq=[5e8ff9bf55ba3508199d22e984129be6], neq=null, eqExactMatch=null)}' at 'findingCriteria.criterion' failed to satisfy constraint: Map keys must satisfy constraint: [Member must have length less than or equal to 255, Member must have length greater than or equal to 1, Member must satisfy regular expression pattern: [\\w\\.]+]",
  "errorType": "ValidationException",
  "stackTrace": [
    "  File \"/var/task/grp_data_public_cloud_sdm_usaa_macie_scalable_solution_src/src/lmbd/list_findings.py\", line 35, in list_findings\n    response = client.list_findings(\n",
    "  File \"/opt/python/botocore/client.py\", line 530, in _api_call\n    return self._make_api_call(operation_name, kwargs)\n",
    "  File \"/opt/python/botocore/client.py\", line 960, in _make_api_call\n    raise error_class(parsed_response, operation_name)\n"
  ]
}

Tried looking at the API documentation at: https://docs.aws.amazon.com/macie/latest/APIReference/findings.html however according to it, none of the fields appear to be required (all show as false). I have also tried it with several variations on the job ID (variable, f string variable, tuple, etc...).

Topics
Security, Identity, & Compliance
Tags
Amazon Macie
Language
English
Brian
asked a year ago353 views
1 Answer
1

Hi Brian,

Does it work if you change to “jobId” or “JobId” instead of “Job ID”?

Here is referenced without space: https://docs.aws.amazon.com/macie/latest/APIReference/jobs-jobid.html and the error in regex does not seem to accept spaces.

Let me know

profile picture
EXPERT
Antonio_Lagrotteria
answered a year ago
  • Chris Simmons
    a year ago

    See also https://docs.aws.amazon.com/macie/latest/user/findings-filter-fields.html for a complete listing of fields that you can use for filtering findings.

  • Brian
    a year ago

    Unfortunately no. when trying jobId it returns

      "errorMessage": "An error occurred (ValidationException) when calling the ListFindings operation: Invalid sortCriteria value",
  "errorType": "ValidationException",

    After chasing through a few different documents to resolve the above error, I got the field name from here: https://docs.aws.amazon.com/macie/latest/user/findings-filter-fields.html .

  • Antonio_Lagrotteria EXPERT
    a year ago

    But now error seems about sortCriteria instead right?

  • Daniel W
    a year ago

    Try using these values for finding criteria and sort criteria.

    findingCriteria={
    'criterion': {
        'classificationDetails.jobId': {
            'eq': ['5e8ff9bf55ba3508199d22e984129be6']
        }
    }
}

    sortCriteria={
    'attributeName': 'resourcesAffected',
    'orderBy': 'DESC'
}
  • Brian
    a year ago

    @daniel - That is where I ended up. @altech thanks for pointing me towards the correct path

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content