Ctrl K

List Configuration Findings

Published 4 days ago

List cloud configuration findings (misconfigurations from compliance rule checks), with optional filters by severity, result and status.

Script wiz Verified

Use in Windmill

The script

Submitted by hugo989 Typescript (fetch-only)

Verified 5 days ago

All edits

Permalink

//native

/**
 * List Configuration Findings
 * List cloud configuration findings (misconfigurations from compliance rule checks), with optional filters by severity, result and status.
 */
export async function main(
  auth: RT.Wiz,
  severity: ("NONE" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL")[] | undefined,
  result_filter: ("PASS" | "FAIL" | "ERROR" | "NOT_ASSESSED")[] | undefined,
  status: ("OPEN" | "IN_PROGRESS" | "RESOLVED" | "REJECTED")[] | undefined,
  first: number | undefined,
  after: string | undefined
) {
  const tokenResponse = await fetch(
    auth.auth_url || "https://auth.app.wiz.io/oauth/token",
    {
      method: "POST",
      headers: { "Content-Type": "application/x-www-form-urlencoded" },
      body: new URLSearchParams({
        grant_type: "client_credentials",
        audience: auth.audience || "wiz-api",
        client_id: auth.client_id,
        client_secret: auth.client_secret,
      }),
    }
  )
  if (!tokenResponse.ok) {
    throw new Error(`${tokenResponse.status} ${await tokenResponse.text()}`)
  }
  const { access_token } = (await tokenResponse.json()) as {
    access_token: string
  }

  const filterBy: { [key: string]: any } = {}
  if (severity && severity.length > 0) filterBy.severity = severity
  if (result_filter && result_filter.length > 0) filterBy.result = result_filter
  if (status && status.length > 0) filterBy.status = status

  const query = `
query ListConfigurationFindings($first: Int, $after: String, $filterBy: ConfigurationFindingFilters) {
  configurationFindings(first: $first, after: $after, filterBy: $filterBy) {
    totalCount
    pageInfo { hasNextPage endCursor }
    nodes {
      id
      result
      severity
      status
      resolutionReason
      remediation
      analyzedAt
      rule { id }
      subscription { id }
      resource {
        id
        name
        type
        nativeType
        region
        cloudPlatform
        status
        projects { id }
        tags { key value }
      }
    }
  }
}`

  const response = await fetch(auth.api_endpoint, {
    method: "POST",
    headers: {
      Authorization: `Bearer ${access_token}`,
      "Content-Type": "application/json",
      Accept: "application/json",
    },
    body: JSON.stringify({
      query,
      variables: { first: first ?? 50, after: after || null, filterBy },
    }),
  })

  if (!response.ok) {
    throw new Error(`${response.status} ${await response.text()}`)
  }

  const result = (await response.json()) as { data?: any; errors?: any }
  if (result.errors) {
    throw new Error(JSON.stringify(result.errors))
  }
  return result.data.configurationFindings
}


`1`	`//native`
`2`
`3`	`/**`
`4`	`* List Configuration Findings`
`5`	`* List cloud configuration findings (misconfigurations from compliance rule checks), with optional filters by severity, result and status.`
`6`	`*/`
`7`	`export async function main(`
`8`	`auth: RT.Wiz,`
`9`	`severity: ("NONE" \| "LOW" \| "MEDIUM" \| "HIGH" \| "CRITICAL")[] \| undefined,`
`10`	`result_filter: ("PASS" \| "FAIL" \| "ERROR" \| "NOT_ASSESSED")[] \| undefined,`
`11`	`status: ("OPEN" \| "IN_PROGRESS" \| "RESOLVED" \| "REJECTED")[] \| undefined,`
`12`	`first: number \| undefined,`
`13`	`after: string \| undefined`
`14`	`) {`
`15`	`const tokenResponse = await fetch(`
`16`	`auth.auth_url \|\| "https://auth.app.wiz.io/oauth/token",`
`17`	`{`
`18`	`method: "POST",`
`19`	`headers: { "Content-Type": "application/x-www-form-urlencoded" },`
`20`	`body: new URLSearchParams({`
`21`	`grant_type: "client_credentials",`
`22`	`audience: auth.audience \|\| "wiz-api",`
`23`	`client_id: auth.client_id,`
`24`	`client_secret: auth.client_secret,`
`25`	`}),`
`26`	`}`
`27`	`)`
`28`	`if (!tokenResponse.ok) {`
`29`	throw new Error(`${tokenResponse.status} ${await tokenResponse.text()}`)
`30`	`}`
`31`	`const { access_token } = (await tokenResponse.json()) as {`
`32`	`access_token: string`
`33`	`}`
`34`
`35`	`const filterBy: { [key: string]: any } = {}`
`36`	`if (severity && severity.length > 0) filterBy.severity = severity`
`37`	`if (result_filter && result_filter.length > 0) filterBy.result = result_filter`
`38`	`if (status && status.length > 0) filterBy.status = status`
`39`
`40`	const query = `
`41`	`query ListConfigurationFindings($first: Int, $after: String, $filterBy: ConfigurationFindingFilters) {`
`42`	`configurationFindings(first: $first, after: $after, filterBy: $filterBy) {`
`43`	`totalCount`
`44`	`pageInfo { hasNextPage endCursor }`
`45`	`nodes {`
`46`	`id`
`47`	`result`
`48`	`severity`
`49`	`status`
`50`	`resolutionReason`
`51`	`remediation`
`52`	`analyzedAt`
`53`	`rule { id }`
`54`	`subscription { id }`
`55`	`resource {`
`56`	`id`
`57`	`name`
`58`	`type`
`59`	`nativeType`
`60`	`region`
`61`	`cloudPlatform`
`62`	`status`
`63`	`projects { id }`
`64`	`tags { key value }`
`65`	`}`
`66`	`}`
`67`	`}`
`68`	}`
`69`
`70`	`const response = await fetch(auth.api_endpoint, {`
`71`	`method: "POST",`
`72`	`headers: {`
`73`	Authorization: `Bearer ${access_token}`,
`74`	`"Content-Type": "application/json",`
`75`	`Accept: "application/json",`
`76`	`},`
`77`	`body: JSON.stringify({`
`78`	`query,`
`79`	`variables: { first: first ?? 50, after: after \|\| null, filterBy },`
`80`	`}),`
`81`	`})`
`82`
`83`	`if (!response.ok) {`
`84`	throw new Error(`${response.status} ${await response.text()}`)
`85`	`}`
`86`
`87`	`const result = (await response.json()) as { data?: any; errors?: any }`
`88`	`if (result.errors) {`
`89`	`throw new Error(JSON.stringify(result.errors))`
`90`	`}`
`91`	`return result.data.configurationFindings`
`92`	`}`
`93`