tatum-cnapp-cloud-scan-report-batch
Get cloud scan reports from the Tatum CNAPP service based on the connect profile and scan ID passed as the input record.
tatum-cnapp-cloud-scan-report-batch [profile=PROFILE]
- profile=PROFILE
- Tatum CNAPP connect profile code
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| profile | String | Connect profile | Connect profile code of Tatum CNAPP. |
| scan_id | String | Scan history ID | Unique ID of scan history |
| cloud_alias | String | Cloud alias | Alias name of the cloud account |
| cloud_provider | String | Cloud service provider | e.g. AWS, AZURE, GCP |
| cloud_name | String | Cloud name | Name of the cloud account |
| cloud_account | String | Cloud account | 12 digits for AWS |
| started_by | String | Started by | e.g. SCHEDULER |
| scheduled_time | String | Scheduled time | Scheduled time for the scan |
| start_time | String | Start time | Scan start time |
| end_time | String | End time | Scan end time |
| total_asset_count | Integer | Total asset count | Number of target assets |
| total_scan_count | Integer | Total scan count | Number of scan performed |
| api_call_count | Integer | API call count | Total number of API calls made during the scan |
| status | String | Status | e.g. WAITING, PROCESSING, DONE |
| summary_status | String | Summary status | e.g. DONE |
| scan_type | String | Scan type | e.g. MANUAL, AUTO |
| is_disabled_view_log | Bool | Is disabled view log | true or false |
| cloud_id | String | Cloud ID | e.g. 67778745c1c389327fc4d6cc |
| created | Date | Created time | Creation date and time. |
| updated | Date | Updated time | Last updated date and time. |
| compliance_id | String | Compliance ID | e.g. CIS-AWS_4.0.0 |
| compliance_name | String | Compliance name | e.g. AWS CIS Benchmark |
| category0 | String | Category 0 | e.g. 1. Identity and Access Management |
| category1 | String | Category 1 | e.g. 1.10. Check MFA for all access |
| category2 | String | Category 2 | e.g. 1.10.1. Check MFA for all access |
| cloud_resource_type | String | Cloud resource type | e.g. aws_iam_user |
| policy_id | String | Tatum policy ID | e.g. AWS-IAM-005 |
| policy_name | String | Tatum policy name | e.g. Check MFA for all access |
| severity | String | Severity | e.g. HIGH, MEDIUM, LOW |
| asset_count | String | Asset count | Number of target assets. |
| pass_count | Integer | Pass count | The number of assets that passed the policy check. |
| fail_count | Integer | Fail count | The number of assets that failed the policy check. |
| unknown_count | Integer | Unknown count | The number of assets that were not checked. |
| policy_summary | String | Policy summary | Brief description of the policy. |
| policy_detail | String | Policy detail | Detailed description of the policy. |
| policy_criteria | String | Policy criteria | Criteria for determining good/vulnerable status. |
| policy_audit | String | Policy audit | Audit methods and procedures. |
| policy_remediation | String | Policy remediation | Remediation methods and guidelines. |
| policy_reference | String | Policy reference | Reference to the policy. |
| policy_display_id | String | Policy display ID | e.g. AWS-IAM-005 |
| policy_setting_path | String | Policy setting path info. | Configuration-related paths. |
| policy_rule | String | Policy rule info. | Policy evaluation rules. |
| policy_state | String | Policy state info. | e.g. UPDATED |
| policy_count | Integer | Policy count | Number of policies. |
| policy_created_by | String | Policy created by | First editor. e.g. SYSTEM |
| policy_updated_by | String | Policy updated by | Last editor. e.g. SYSTEM |
| policy_change_version | Integer | Policy change version | e.g. 26 |
| is_not_reported | Bool | Is not reported | true or false |
| scan_report_created | Date | Created time | Creation date and time. |
| scan_report_updated | Date | Updated time | Last updated date and time. |