AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2025-08-28 · Documentation low

File: cli/latest/reference/codeguru-security/get-findings.md

Summary

Restructured output parameters for get-findings command, reordering fields and modifying descriptions of security finding details. Added explicit documentation for vulnerability relationships and code location details.

Security assessment

The changes reorganize and enhance documentation about security findings parameters (severity levels, remediation steps, vulnerability relationships) but do not indicate a specific security vulnerability being addressed. The modifications improve clarity of existing security-related documentation rather than responding to a newly discovered issue.

Diff

diff --git a/cli/latest/reference/codeguru-security/get-findings.md b/cli/latest/reference/codeguru-security/get-findings.md
index f432f8738..0d8e1370b 100644
--- a//cli/latest/reference/codeguru-security/get-findings.md
+++ b//cli/latest/reference/codeguru-security/get-findings.md
@@ -15 +15 @@
-  * [AWS CLI 2.28.16 Command Reference](../../index.html) »
+  * [AWS CLI 2.28.19 Command Reference](../../index.html) »
@@ -247,14 +246,0 @@ findings -> (list)
->> detectorId -> (string)
->>
->>> The identifier for the detector that detected the finding in your code. A detector is a defined rule based on industry standards and AWS best practices.
->> 
->> detectorName -> (string)
->>
->>> The name of the detector that identified the security vulnerability in your code.
->> 
->> detectorTags -> (list)
->>
->>> One or more tags or categorizations that are associated with a detector. These tags are defined by type, programming language, or other classification such as maintainability or consistency.
->>> 
->>> (string)
->> 
@@ -269 +255 @@ findings -> (list)
->> remediation -> (structure)
+>> updatedAt -> (timestamp)
@@ -271,29 +257,9 @@ findings -> (list)
->>> An object that contains the details about how to remediate a finding.
->>> 
->>> recommendation -> (structure)
->>>
->>>> An object that contains information about the recommended course of action to remediate a finding.
->>>> 
->>>> text -> (string)
->>>>
->>>>> The recommended course of action to remediate the finding.
->>>> 
->>>> url -> (string)
->>>>
->>>>> The URL address to the recommendation for remediating the finding.
->>> 
->>> suggestedFixes -> (list)
->>>
->>>> A list of `SuggestedFix` objects. Each object contains information about a suggested code fix to remediate the finding.
->>>> 
->>>> (structure)
->>>>
->>>>> Information about the suggested code fix to remediate a finding.
->>>>> 
->>>>> code -> (string)
->>>>>
->>>>>> The suggested code fix. If applicable, includes code patch to replace your source code.
->>>>> 
->>>>> description -> (string)
->>>>>
->>>>>> A description of the suggested code fix and why it is being suggested.
+>>> The time when the finding was last updated. Findings are updated when you remediate them or when the finding code location changes.
+>> 
+>> type -> (string)
+>>
+>>> The type of finding.
+>> 
+>> status -> (string)
+>>
+>>> The status of the finding. A finding status can be open or closed.
@@ -313,24 +278,0 @@ findings -> (list)
->> ruleId -> (string)
->>
->>> The identifier for the rule that generated the finding.
->> 
->> severity -> (string)
->>
->>> The severity of the finding. Severity can be critical, high, medium, low, or informational. For information on severity levels, see [Finding severity](https://docs.aws.amazon.com/codeguru/latest/security-ug/findings-overview.html#severity-distribution) in the _Amazon CodeGuru Security User Guide_ .
->> 
->> status -> (string)
->>
->>> The status of the finding. A finding status can be open or closed.
->> 
->> title -> (string)
->>
->>> The title of the finding.
->> 
->> type -> (string)
->>
->>> The type of finding.
->> 
->> updatedAt -> (timestamp)
->>
->>> The time when the finding was last updated. Findings are updated when you remediate them or when the finding code location changes.
->> 
@@ -341 +283 @@ findings -> (list)
->>> filePath -> (structure)
+>>> referenceUrls -> (list)
@@ -343,17 +285 @@ findings -> (list)
->>>> An object that describes the location of the detected security vulnerability in your code.
->>>> 
->>>> codeSnippet -> (list)
->>>>
->>>>> A list of `CodeLine` objects that describe where the security vulnerability appears in your code.
->>>>> 
->>>>> (structure)
->>>>>
->>>>>> The line of code where a finding was detected.
->>>>>> 
->>>>>> content -> (string)
->>>>>>
->>>>>>> The code that contains a vulnerability.
->>>>>> 
->>>>>> number -> (integer)
->>>>>>
->>>>>>> The code line number.
+>>>> One or more URL addresses that contain details about a vulnerability.
@@ -361 +287,5 @@ findings -> (list)
->>>> endLine -> (integer)
+>>>> (string)
+>>> 
+>>> relatedVulnerabilities -> (list)
+>>>
+>>>> One or more vulnerabilities that are related to the vulnerability being described.
@@ -363 +293,9 @@ findings -> (list)
->>>>> The last line number of the code snippet where the security vulnerability appears in your code.
+>>>> (string)
+>>> 
+>>> id -> (string)
+>>>
+>>>> The identifier for the vulnerability.
+>>> 
+>>> filePath -> (structure)
+>>>
+>>>> An object that describes the location of the detected security vulnerability in your code.
@@ -376,4 +314,20 @@ findings -> (list)
->>> 
->>> id -> (string)
->>>
->>>> The identifier for the vulnerability.
+>>>> 
+>>>> endLine -> (integer)
+>>>>
+>>>>> The last line number of the code snippet where the security vulnerability appears in your code.
+>>>> 
+>>>> codeSnippet -> (list)
+>>>>
+>>>>> A list of `CodeLine` objects that describe where the security vulnerability appears in your code.
+>>>>> 
+>>>>> (structure)
+>>>>>
+>>>>>> The line of code where a finding was detected.
+>>>>>> 
+>>>>>> number -> (integer)
+>>>>>>
+>>>>>>> The code line number.
+>>>>>> 
+>>>>>> content -> (string)
+>>>>>>
+>>>>>>> The code that contains a vulnerability.
@@ -383,0 +338,8 @@ findings -> (list)
+>> 
+>> severity -> (string)
+>>
+>>> The severity of the finding. Severity can be critical, high, medium, low, or informational. For information on severity levels, see [Finding severity](https://docs.aws.amazon.com/codeguru/latest/security-ug/findings-overview.html#severity-distribution) in the _Amazon CodeGuru Security User Guide_ .
+>> 
+>> remediation -> (structure)
+>>
+>>> An object that contains the details about how to remediate a finding.
@@ -385 +347 @@ findings -> (list)
->>> referenceUrls -> (list)
+>>> recommendation -> (structure)
@@ -387 +349 @@ findings -> (list)
->>>> One or more URL addresses that contain details about a vulnerability.
+>>>> An object that contains information about the recommended course of action to remediate a finding.
@@ -389 +351,7 @@ findings -> (list)
->>>> (string)
+>>>> text -> (string)
+>>>>
+>>>>> The recommended course of action to remediate the finding.
+>>>> 
+>>>> url -> (string)
+>>>>
+>>>>> The URL address to the recommendation for remediating the finding.
@@ -391 +359 @@ findings -> (list)
->>> relatedVulnerabilities -> (list)
+>>> suggestedFixes -> (list)
@@ -393 +361 @@ findings -> (list)
->>>> One or more vulnerabilities that are related to the vulnerability being described.
+>>>> A list of `SuggestedFix` objects. Each object contains information about a suggested code fix to remediate the finding.
@@ -395 +363,33 @@ findings -> (list)
->>>> (string)
+>>>> (structure)
+>>>>
+>>>>> Information about the suggested code fix to remediate a finding.
+>>>>> 
+>>>>> description -> (string)
+>>>>>
+>>>>>> A description of the suggested code fix and why it is being suggested.
+>>>>> 
+>>>>> code -> (string)
+>>>>>
+>>>>>> The suggested code fix. If applicable, includes code patch to replace your source code.
+>> 
+>> title -> (string)
+>>