boto3 icon indicating copy to clipboard operation
boto3 copied to clipboard

Published 20 hours ago verified publisher icon boto

inspector2 list_findings: cannot filter by updatedAt

Open Rogdham opened this issue 2 years ago • 3 comments

Describe the bug Hello,

When accessing the list_findings endpoint on inspector2, no findings are ever returned when specifying an updatedAt in filterCriteria.

Steps to reproduce

The following code has been used:

client = boto3.client(
    "inspector2",
    aws_access_key_id=creds["aws_access_key_id"],
    aws_secret_access_key=creds["aws_secret_access_key"],
    config=Config(region_name="eu-west-3"),
)
filters = {
    "findingStatus": [{"comparison": "EQUALS", "value": "CLOSED"}],
    # ##### uncomment this part to show the usse #####
    # "updatedAt": [
    #     {
    #         "startInclusive": datetime(2022, 1, 1),
    #     }
    # ],
}
finding = client.list_findings(filterCriteria=filters, maxResults=1)['findings'][0]
print(finding['updatedAt'])  # 2022-03-08 14:41:49.666000+01:00

When uncommenting the updatedAt part in filters, no findings are returned by client.list_findings, despite having a finding with an updatedAt value greater than the requested one (as seen by running the code not commented).

Expected behavior A finding should be returned amongst those with updatedAt after the startInclusive date.

Debug logs I used a proxy to see the requests/responses when running the code:

  • Without the updatedAt filterCriteria (i.e. normal behavior): (the response has been truncated for clarity)

support0

:arrow_forward: we can see the value of 1.646746909666E9 for the updatedAt field on the finding, which is this month (so after Jan 2022).

  • With the updatedAt filterCriteria (i.e. displaying the bug):

support1

Full stack trace by adding `boto3.set_stream_logger('')` to your code. 
2022-03-08 17:59:41,531 botocore.hooks [DEBUG] Changing event name from creating-client-class.iot-data to creating-client-class.iot-data-plane
2022-03-08 17:59:41,532 botocore.hooks [DEBUG] Changing event name from before-call.apigateway to before-call.api-gateway
2022-03-08 17:59:41,533 botocore.hooks [DEBUG] Changing event name from request-created.machinelearning.Predict to request-created.machine-learning.Predict
2022-03-08 17:59:41,534 botocore.hooks [DEBUG] Changing event name from before-parameter-build.autoscaling.CreateLaunchConfiguration to before-parameter-build.auto-scaling.CreateLaunchConfiguration
2022-03-08 17:59:41,534 botocore.hooks [DEBUG] Changing event name from before-parameter-build.route53 to before-parameter-build.route-53
2022-03-08 17:59:41,535 botocore.hooks [DEBUG] Changing event name from request-created.cloudsearchdomain.Search to request-created.cloudsearch-domain.Search
2022-03-08 17:59:41,535 botocore.hooks [DEBUG] Changing event name from docs.*.autoscaling.CreateLaunchConfiguration.complete-section to docs.*.auto-scaling.CreateLaunchConfiguration.complete-section
2022-03-08 17:59:41,538 botocore.hooks [DEBUG] Changing event name from before-parameter-build.logs.CreateExportTask to before-parameter-build.cloudwatch-logs.CreateExportTask
2022-03-08 17:59:41,538 botocore.hooks [DEBUG] Changing event name from docs.*.logs.CreateExportTask.complete-section to docs.*.cloudwatch-logs.CreateExportTask.complete-section
2022-03-08 17:59:41,538 botocore.hooks [DEBUG] Changing event name from before-parameter-build.cloudsearchdomain.Search to before-parameter-build.cloudsearch-domain.Search
2022-03-08 17:59:41,538 botocore.hooks [DEBUG] Changing event name from docs.*.cloudsearchdomain.Search.complete-section to docs.*.cloudsearch-domain.Search.complete-section
2022-03-08 17:59:41,543 botocore.loaders [DEBUG] Loading JSON file: /tmp/venv/lib/python3.8/site-packages/botocore/data/endpoints.json
2022-03-08 17:59:41,552 botocore.loaders [DEBUG] Loading JSON file: /tmp/venv/lib/python3.8/site-packages/botocore/data/sdk-default-configuration.json
2022-03-08 17:59:41,553 botocore.hooks [DEBUG] Event choose-service-name: calling handler <function handle_service_name_alias at 0x7fbce5fe3e50>
2022-03-08 17:59:41,560 botocore.loaders [DEBUG] Loading JSON file: /tmp/venv/lib/python3.8/site-packages/botocore/data/inspector2/2020-06-08/service-2.json
2022-03-08 17:59:41,562 botocore.hooks [DEBUG] Event creating-client-class.inspector2: calling handler <function add_generate_presigned_url at 0x7fbce600f550>
2022-03-08 17:59:41,564 botocore.endpoint [DEBUG] Setting inspector2 timeout as (60, 60)
2022-03-08 17:59:41,566 botocore.loaders [DEBUG] Loading JSON file: /tmp/venv/lib/python3.8/site-packages/botocore/data/_retry.json
2022-03-08 17:59:41,566 botocore.client [DEBUG] Registering retry handlers for service: inspector2
2022-03-08 17:59:41,567 botocore.hooks [DEBUG] Event before-parameter-build.inspector2.ListFindings: calling handler <function generate_idempotent_uuid at 0x7fbce5f804c0>
2022-03-08 17:59:41,568 botocore.hooks [DEBUG] Event before-call.inspector2.ListFindings: calling handler <function add_recursion_detection_header at 0x7fbce5f80160>
2022-03-08 17:59:41,568 botocore.hooks [DEBUG] Event before-call.inspector2.ListFindings: calling handler <function inject_api_version_header_if_needed at 0x7fbce5f84d30>
2022-03-08 17:59:41,568 botocore.endpoint [DEBUG] Making request for OperationModel(name=ListFindings) with params: {'url_path': '/findings/list', 'query_string': {}, 'method': 'POST', 'headers': {'Content-Type': 'application/json', 'User-Agent': 'Boto3/1.21.4 Python/3.8.12 Linux/5.16.12-arch1-1 Botocore/1.24.6'}, 'body': b'{"filterCriteria": {"findingStatus": [{"comparison": "EQUALS", "value": "CLOSED"}], "updatedAt": [{"startInclusive": 1640995200}]}, "maxResults": 1}', 'url': 'https://inspector2.eu-west-3.amazonaws.com/findings/list', 'context': {'client_region': 'eu-west-3', 'client_config': <botocore.config.Config object at 0x7fbce5a466d0>, 'has_streaming_input': False, 'auth_type': None}}
2022-03-08 17:59:41,568 botocore.hooks [DEBUG] Event request-created.inspector2.ListFindings: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x7fbce5a465b0>>
2022-03-08 17:59:41,568 botocore.hooks [DEBUG] Event choose-signer.inspector2.ListFindings: calling handler <function set_operation_specific_signer at 0x7fbce5f803a0>
2022-03-08 17:59:41,569 botocore.auth [DEBUG] Calculating signature using v4 auth.
2022-03-08 17:59:41,569 botocore.auth [DEBUG] CanonicalRequest:
POST
/findings/list

content-type:application/json
host:inspector2.eu-west-3.amazonaws.com
x-amz-date:20220308T165941Z

content-type;host;x-amz-date
redacted
2022-03-08 17:59:41,569 botocore.auth [DEBUG] StringToSign:
AWS4-HMAC-SHA256
20220308T165941Z
20220308/eu-west-3/inspector2/aws4_request
redacted
2022-03-08 17:59:41,569 botocore.auth [DEBUG] Signature:
redacted
2022-03-08 17:59:41,569 botocore.hooks [DEBUG] Event request-created.inspector2.ListFindings: calling handler <function add_retry_headers at 0x7fbce5f85430>
2022-03-08 17:59:41,569 botocore.endpoint [DEBUG] Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://inspector2.eu-west-3.amazonaws.com/findings/list, headers={'Content-Type': b'application/json', 'User-Agent': b'Boto3/1.21.4 Python/3.8.12 Linux/5.16.12-arch1-1 Botocore/1.24.6', 'X-Amz-Date': b'20220308T165941Z', 'Authorization': b'AWS4-HMAC-SHA256 Credential=redacted/20220308/eu-west-3/inspector2/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=redacted', 'amz-sdk-invocation-id': b'redacted', 'amz-sdk-request': b'attempt=1', 'Content-Length': '148'}>
2022-03-08 17:59:41,570 urllib3.connectionpool [DEBUG] Starting new HTTPS connection (1): inspector2.eu-west-3.amazonaws.com:443
2022-03-08 17:59:41,907 urllib3.connectionpool [DEBUG] https://inspector2.eu-west-3.amazonaws.com:443 "POST /findings/list HTTP/1.1" 200 15
2022-03-08 17:59:41,908 botocore.parsers [DEBUG] Response headers: {'Date': 'Tue, 08 Mar 2022 16:59:41 GMT', 'Content-Type': 'application/json', 'Content-Length': '15', 'X-Amzn-Requestid': 'redacted', 'X-Amz-Apigw-Id': 'redacted', 'X-Amzn-Trace-Id': 'redacted'}
2022-03-08 17:59:41,909 botocore.parsers [DEBUG] Response body:
b'{"findings":[]}'
2022-03-08 17:59:41,910 botocore.hooks [DEBUG] Event needs-retry.inspector2.ListFindings: calling handler <botocore.retryhandler.RetryHandler object at 0x7fbce59fe0a0>
2022-03-08 17:59:41,910 botocore.retryhandler [DEBUG] No retry needed.

Python 3.8, boto3 v1.21.4

Rogdham avatar Mar 08 '22 17:03 Rogdham

Hi @Rogdham, Thank you for submitting the issue. I can confirm that this seems to be a service-api problem and will keep updating the issue as soon as I have more information.

I would also like to encourage you to make a post on AWS re:Post, which is a community of AWS customers, partners, and employee to get a faster response.

aaoswal avatar Mar 10 '22 22:03 aaoswal

Thank you for the pointer! I've submitted the question on re:Post.

Rogdham avatar Mar 11 '22 07:03 Rogdham

INSPECTOR-12131

aaoswal avatar Mar 11 '22 19:03 aaoswal

Thanks for your patience. The Inspector team acknowledged the issue and have plans to addressed this. As this is a service API issue rather than directly a boto3 issue, I created a new issue for tracking going forward: https://github.com/aws/aws-sdk/issues/416. I just reached out to the service team for an update on this and will comment on that issue when I hear back.

tim-finnigan avatar Nov 18 '22 18:11 tim-finnigan