CreateScan - Amazon CodeGuru Security
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsSee Also

CreateScan

Use to create a scan using code uploaded to an Amazon S3 bucket.

Request Syntax

POST /scans HTTP/1.1
Content-type: application/json

{
   "analysisType": "string",
   "clientToken": "string",
   "resourceId": { ... },
   "scanName": "string",
   "scanType": "string",
   "tags": { 
      "string" : "string" 
   }
}

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

analysisType

The type of analysis you want CodeGuru Security to perform in the scan, either Security or All. The Security type only generates findings related to security. The All type generates both security findings and quality findings. Defaults to Security type if missing.

Type: String

Valid Values: Security | All

Required: No

clientToken

The idempotency token for the request. Amazon CodeGuru Security uses this value to prevent the accidental creation of duplicate scans if there are failures and retries.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: [\S]+

Required: No

resourceId

The identifier for the resource object to be scanned.

Type: ResourceId object

Note: This object is a Union. Only one member of this object can be specified or returned.

Required: Yes

scanName

The unique name that CodeGuru Security uses to track revisions across multiple scans of the same resource. Only allowed for a STANDARD scan type.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 140.

Pattern: [a-zA-Z0-9-_$:.]*

Required: Yes

scanType

The type of scan, either Standard or Express. Defaults to Standard type if missing.

Express scans run on limited resources and use a limited set of detectors to analyze your code in near-real time. Standard scans have standard resource limits and use the full set of detectors to analyze your code.

Type: String

Valid Values: Standard | Express

Required: No

tags

An array of key-value pairs used to tag a scan. A tag is a custom attribute label with two parts:

  • A tag key. For example, CostCenter, Environment, or Secret. Tag keys are case sensitive.

  • An optional tag value field. For example, 111122223333, Production, or a team name. Omitting the tag value is the same as using an empty string. Tag values are case sensitive.

Type: String to string map

Map Entries: Minimum number of 0 items. Maximum number of 200 items.

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Value Length Constraints: Minimum length of 0. Maximum length of 256.

Required: No

Response Syntax

HTTP/1.1 200
Content-type: application/json

{
   "resourceId": { ... },
   "runId": "string",
   "scanName": "string",
   "scanNameArn": "string",
   "scanState": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

resourceId

The identifier for the resource object that contains resources that were scanned.

Type: ResourceId object

Note: This object is a Union. Only one member of this object can be specified or returned.

runId

UUID that identifies the individual scan run.

Type: String

Pattern: [a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}

scanName

The name of the scan.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 140.

Pattern: [a-zA-Z0-9-_$:.]*

scanNameArn

The ARN for the scan name.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 300.

Pattern: arn:aws:codeguru-security:[\S]+:[\d]{12}:scans\/[a-zA-Z0-9-_$:.]*

scanState

The current state of the scan. Returns either InProgress, Successful, or Failed.

Type: String

Valid Values: InProgress | Successful | Failed

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You do not have sufficient access to perform this action.

errorCode

The identifier for the error.

message

Description of the error.

resourceId

The identifier for the resource you don't have access to.

resourceType

The type of resource you don't have access to.

HTTP Status Code: 403

ConflictException

The requested operation would cause a conflict with the current state of a service resource associated with the request. Resolve the conflict before retrying this request.

errorCode

The identifier for the error.

message

Description of the error.

resourceId

The identifier for the service resource associated with the request.

resourceType

The type of resource associated with the request.

HTTP Status Code: 409

InternalServerException

The server encountered an internal error and is unable to complete the request.

error

The internal error encountered by the server.

message

Description of the error.

HTTP Status Code: 500

ResourceNotFoundException

The resource specified in the request was not found.

errorCode

The identifier for the error.

message

Description of the error.

resourceId

The identifier for the resource that was not found.

resourceType

The type of resource that was not found.

HTTP Status Code: 404

ThrottlingException

The request was denied due to request throttling.

errorCode

The identifier for the error.

message

Description of the error.

quotaCode

The identifier for the originating quota.

serviceCode

The identifier for the originating service.

HTTP Status Code: 429

ValidationException

The input fails to satisfy the specified constraints.

errorCode

The identifier for the error.

fieldList

The field that caused the error, if applicable.

message

Description of the error.

reason

The reason the request failed validation.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: