Inspector2 2020-06-08
- Client: Aws\Inspector2\Inspector2Client
- Service ID: inspector2
- Version: 2020-06-08
This page describes the parameters and results for the operations of the Inspector2 (2020-06-08), and shows how to use the Aws\Inspector2\Inspector2Client object to call the described operations. This documentation is specific to the 2020-06-08 API version of the service.
Operation Summary
Each of the following operations can be created from a client using
$client->getCommand('CommandName'), where "CommandName" is the
name of one of the following operations. Note: a command is a value that
encapsulates an operation and the parameters used to create an HTTP request.
You can also create and send a command immediately using the magic methods
available on a client object: $client->commandName(/* parameters */).
You can send the command asynchronously (returning a promise) by appending the
word "Async" to the operation name: $client->commandNameAsync(/* parameters */).
- AssociateMember ( array $params = [] )
Associates an Amazon Web Services account with an Amazon Inspector delegated administrator.
- BatchGetAccountStatus ( array $params = [] )
Retrieves the Amazon Inspector status of multiple Amazon Web Services accounts within your environment.
- BatchGetFreeTrialInfo ( array $params = [] )
Gets free trial status for multiple Amazon Web Services accounts.
- CancelFindingsReport ( array $params = [] )
Cancels the given findings report.
- CreateFilter ( array $params = [] )
Creates a filter resource using specified filter criteria.
- CreateFindingsReport ( array $params = [] )
Creates a finding report.
- DeleteFilter ( array $params = [] )
Deletes a filter resource.
- DescribeOrganizationConfiguration ( array $params = [] )
Describe Amazon Inspector configuration settings for an Amazon Web Services organization.
- Disable ( array $params = [] )
Disables Amazon Inspector scans for one or more Amazon Web Services accounts.
- DisableDelegatedAdminAccount ( array $params = [] )
Disables the Amazon Inspector delegated administrator for your organization.
- DisassociateMember ( array $params = [] )
Disassociates a member account from an Amazon Inspector delegated administrator.
- Enable ( array $params = [] )
Enables Amazon Inspector scans for one or more Amazon Web Services accounts.
- EnableDelegatedAdminAccount ( array $params = [] )
Enables the Amazon Inspector delegated administrator for your Organizations organization.
- GetConfiguration ( array $params = [] )
Retrieves setting configurations for Inspector scans.
- GetDelegatedAdminAccount ( array $params = [] )
Retrieves information about the Amazon Inspector delegated administrator for your organization.
- GetFindingsReportStatus ( array $params = [] )
Gets the status of a findings report.
- GetMember ( array $params = [] )
Gets member information for your organization.
- ListAccountPermissions ( array $params = [] )
Lists the permissions an account has to configure Amazon Inspector.
- ListCoverage ( array $params = [] )
Lists coverage details for you environment.
- ListCoverageStatistics ( array $params = [] )
Lists Amazon Inspector coverage statistics for your environment.
- ListDelegatedAdminAccounts ( array $params = [] )
Lists information about the Amazon Inspector delegated administrator of your organization.
- ListFilters ( array $params = [] )
Lists the filters associated with your account.
- ListFindingAggregations ( array $params = [] )
Lists aggregated finding data for your environment based on specific criteria.
- ListFindings ( array $params = [] )
Lists findings for your environment.
- ListMembers ( array $params = [] )
List members associated with the Amazon Inspector delegated administrator for your organization.
- ListTagsForResource ( array $params = [] )
Lists all tags attached to a given resource.
- ListUsageTotals ( array $params = [] )
Lists the Amazon Inspector usage totals over the last 30 days.
- TagResource ( array $params = [] )
Adds tags to a resource.
- UntagResource ( array $params = [] )
Removes tags from a resource.
- UpdateConfiguration ( array $params = [] )
Updates setting configurations for your Amazon Inspector account.
- UpdateFilter ( array $params = [] )
Specifies the action that is to be applied to the findings that match the filter.
- UpdateOrganizationConfiguration ( array $params = [] )
Updates the configurations for your Amazon Inspector organization.
Paginators
Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:
Operations
AssociateMember
$result = $client->associateMember([/* ... */]); $promise = $client->associateMemberAsync([/* ... */]);
Associates an Amazon Web Services account with an Amazon Inspector delegated administrator.
Parameter Syntax
$result = $client->associateMember([
'accountId' => '<string>', // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'accountId' => '<string>',
]
Result Details
Members
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
BatchGetAccountStatus
$result = $client->batchGetAccountStatus([/* ... */]); $promise = $client->batchGetAccountStatusAsync([/* ... */]);
Retrieves the Amazon Inspector status of multiple Amazon Web Services accounts within your environment.
Parameter Syntax
$result = $client->batchGetAccountStatus([
'accountIds' => ['<string>', ...],
]);
Parameter Details
Members
Result Syntax
[
'accounts' => [
[
'accountId' => '<string>',
'resourceState' => [
'ec2' => [
'errorCode' => 'ALREADY_ENABLED|ENABLE_IN_PROGRESS|DISABLE_IN_PROGRESS|SUSPEND_IN_PROGRESS|RESOURCE_NOT_FOUND|ACCESS_DENIED|INTERNAL_ERROR|SSM_UNAVAILABLE|SSM_THROTTLED|EVENTBRIDGE_UNAVAILABLE|EVENTBRIDGE_THROTTLED|RESOURCE_SCAN_NOT_DISABLED|DISASSOCIATE_ALL_MEMBERS|ACCOUNT_IS_ISOLATED',
'errorMessage' => '<string>',
'status' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
'ecr' => [
'errorCode' => 'ALREADY_ENABLED|ENABLE_IN_PROGRESS|DISABLE_IN_PROGRESS|SUSPEND_IN_PROGRESS|RESOURCE_NOT_FOUND|ACCESS_DENIED|INTERNAL_ERROR|SSM_UNAVAILABLE|SSM_THROTTLED|EVENTBRIDGE_UNAVAILABLE|EVENTBRIDGE_THROTTLED|RESOURCE_SCAN_NOT_DISABLED|DISASSOCIATE_ALL_MEMBERS|ACCOUNT_IS_ISOLATED',
'errorMessage' => '<string>',
'status' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
'lambda' => [
'errorCode' => 'ALREADY_ENABLED|ENABLE_IN_PROGRESS|DISABLE_IN_PROGRESS|SUSPEND_IN_PROGRESS|RESOURCE_NOT_FOUND|ACCESS_DENIED|INTERNAL_ERROR|SSM_UNAVAILABLE|SSM_THROTTLED|EVENTBRIDGE_UNAVAILABLE|EVENTBRIDGE_THROTTLED|RESOURCE_SCAN_NOT_DISABLED|DISASSOCIATE_ALL_MEMBERS|ACCOUNT_IS_ISOLATED',
'errorMessage' => '<string>',
'status' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
],
'state' => [
'errorCode' => 'ALREADY_ENABLED|ENABLE_IN_PROGRESS|DISABLE_IN_PROGRESS|SUSPEND_IN_PROGRESS|RESOURCE_NOT_FOUND|ACCESS_DENIED|INTERNAL_ERROR|SSM_UNAVAILABLE|SSM_THROTTLED|EVENTBRIDGE_UNAVAILABLE|EVENTBRIDGE_THROTTLED|RESOURCE_SCAN_NOT_DISABLED|DISASSOCIATE_ALL_MEMBERS|ACCOUNT_IS_ISOLATED',
'errorMessage' => '<string>',
'status' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
],
// ...
],
'failedAccounts' => [
[
'accountId' => '<string>',
'errorCode' => 'ALREADY_ENABLED|ENABLE_IN_PROGRESS|DISABLE_IN_PROGRESS|SUSPEND_IN_PROGRESS|RESOURCE_NOT_FOUND|ACCESS_DENIED|INTERNAL_ERROR|SSM_UNAVAILABLE|SSM_THROTTLED|EVENTBRIDGE_UNAVAILABLE|EVENTBRIDGE_THROTTLED|RESOURCE_SCAN_NOT_DISABLED|DISASSOCIATE_ALL_MEMBERS|ACCOUNT_IS_ISOLATED',
'errorMessage' => '<string>',
'resourceStatus' => [
'ec2' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
'ecr' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
'lambda' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
'status' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
// ...
],
]
Result Details
Members
- accounts
-
- Required: Yes
- Type: Array of AccountState structures
An array of objects that provide details on the status of Amazon Inspector for each of the requested accounts.
- failedAccounts
-
- Type: Array of FailedAccount structures
An array of objects detailing any accounts that failed to enable Amazon Inspector and why.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
BatchGetFreeTrialInfo
$result = $client->batchGetFreeTrialInfo([/* ... */]); $promise = $client->batchGetFreeTrialInfoAsync([/* ... */]);
Gets free trial status for multiple Amazon Web Services accounts.
Parameter Syntax
$result = $client->batchGetFreeTrialInfo([
'accountIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'accounts' => [
[
'accountId' => '<string>',
'freeTrialInfo' => [
[
'end' => <DateTime>,
'start' => <DateTime>,
'status' => 'ACTIVE|INACTIVE',
'type' => 'EC2|ECR|LAMBDA',
],
// ...
],
],
// ...
],
'failedAccounts' => [
[
'accountId' => '<string>',
'code' => 'ACCESS_DENIED|INTERNAL_ERROR',
'message' => '<string>',
],
// ...
],
]
Result Details
Members
- accounts
-
- Required: Yes
- Type: Array of FreeTrialAccountInfo structures
An array of objects that provide Amazon Inspector free trial details for each of the requested accounts.
- failedAccounts
-
- Required: Yes
- Type: Array of FreeTrialInfoError structures
An array of objects detailing any accounts that free trial data could not be returned for.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
CancelFindingsReport
$result = $client->cancelFindingsReport([/* ... */]); $promise = $client->cancelFindingsReportAsync([/* ... */]);
Cancels the given findings report.
Parameter Syntax
$result = $client->cancelFindingsReport([
'reportId' => '<string>', // REQUIRED
]);
Parameter Details
Result Syntax
[
'reportId' => '<string>',
]
Result Details
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
CreateFilter
$result = $client->createFilter([/* ... */]); $promise = $client->createFilterAsync([/* ... */]);
Creates a filter resource using specified filter criteria.
Parameter Syntax
$result = $client->createFilter([
'action' => 'NONE|SUPPRESS', // REQUIRED
'description' => '<string>',
'filterCriteria' => [ // REQUIRED
'awsAccountId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'componentId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'componentType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceImageId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceSubnetId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceVpcId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageArchitecture' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageHash' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImagePushedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'ecrImageRegistry' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageRepositoryName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageTags' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'exploitAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingStatus' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'firstObservedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'fixAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'inspectorScore' => [
[
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
// ...
],
'lambdaFunctionExecutionRoleArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionLastModifiedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'lambdaFunctionLayers' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionRuntime' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lastObservedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'networkProtocol' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'portRange' => [
[
'beginInclusive' => <integer>,
'endInclusive' => <integer>,
],
// ...
],
'relatedVulnerabilities' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceTags' => [
[
'comparison' => 'EQUALS', // REQUIRED
'key' => '<string>', // REQUIRED
'value' => '<string>',
],
// ...
],
'resourceType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'severity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'title' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'updatedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'vendorSeverity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerabilityId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerabilitySource' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerablePackages' => [
[
'architecture' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'epoch' => [
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
'name' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'release' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'sourceLambdaLayerArn' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'sourceLayerHash' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'version' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
],
// ...
],
],
'name' => '<string>', // REQUIRED
'reason' => '<string>',
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- action
-
- Required: Yes
- Type: string
Defines the action that is to be applied to the findings that match the filter.
- description
-
- Type: string
A description of the filter.
- filterCriteria
-
- Required: Yes
- Type: FilterCriteria structure
Defines the criteria to be used in the filter for querying findings.
- name
-
- Required: Yes
- Type: string
The name of the filter. Minimum length of 3. Maximum length of 64. Valid characters include alphanumeric characters, dot (.), underscore (_), and dash (-). Spaces are not allowed.
- reason
-
- Type: string
The reason for creating the filter.
- tags
-
- Type: Associative array of custom strings keys (MapKey) to strings
A list of tags for the filter.
Result Syntax
[
'arn' => '<string>',
]
Result Details
Members
Errors
-
ServiceQuotaExceededException:
You have exceeded your service quota. To perform the requested action, remove some of the relevant resources, or use Service Quotas to request a service quota increase.
-
One or more tags submitted as part of the request is not valid.
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
CreateFindingsReport
$result = $client->createFindingsReport([/* ... */]); $promise = $client->createFindingsReportAsync([/* ... */]);
Creates a finding report.
Parameter Syntax
$result = $client->createFindingsReport([
'filterCriteria' => [
'awsAccountId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'componentId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'componentType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceImageId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceSubnetId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceVpcId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageArchitecture' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageHash' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImagePushedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'ecrImageRegistry' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageRepositoryName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageTags' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'exploitAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingStatus' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'firstObservedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'fixAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'inspectorScore' => [
[
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
// ...
],
'lambdaFunctionExecutionRoleArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionLastModifiedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'lambdaFunctionLayers' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionRuntime' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lastObservedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'networkProtocol' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'portRange' => [
[
'beginInclusive' => <integer>,
'endInclusive' => <integer>,
],
// ...
],
'relatedVulnerabilities' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceTags' => [
[
'comparison' => 'EQUALS', // REQUIRED
'key' => '<string>', // REQUIRED
'value' => '<string>',
],
// ...
],
'resourceType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'severity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'title' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'updatedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'vendorSeverity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerabilityId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerabilitySource' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerablePackages' => [
[
'architecture' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'epoch' => [
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
'name' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'release' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'sourceLambdaLayerArn' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'sourceLayerHash' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'version' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
],
// ...
],
],
'reportFormat' => 'CSV|JSON', // REQUIRED
's3Destination' => [ // REQUIRED
'bucketName' => '<string>', // REQUIRED
'keyPrefix' => '<string>',
'kmsKeyArn' => '<string>', // REQUIRED
],
]);
Parameter Details
Members
- filterCriteria
-
- Type: FilterCriteria structure
The filter criteria to apply to the results of the finding report.
- reportFormat
-
- Required: Yes
- Type: string
The format to generate the report in.
- s3Destination
-
- Required: Yes
- Type: Destination structure
The Amazon S3 export destination for the report.
Result Syntax
[
'reportId' => '<string>',
]
Result Details
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
DeleteFilter
$result = $client->deleteFilter([/* ... */]); $promise = $client->deleteFilterAsync([/* ... */]);
Deletes a filter resource.
Parameter Syntax
$result = $client->deleteFilter([
'arn' => '<string>', // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'arn' => '<string>',
]
Result Details
Members
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
DescribeOrganizationConfiguration
$result = $client->describeOrganizationConfiguration([/* ... */]); $promise = $client->describeOrganizationConfigurationAsync([/* ... */]);
Describe Amazon Inspector configuration settings for an Amazon Web Services organization.
Parameter Syntax
$result = $client->describeOrganizationConfiguration([ ]);
Parameter Details
Members
Result Syntax
[
'autoEnable' => [
'ec2' => true || false,
'ecr' => true || false,
'lambda' => true || false,
],
'maxAccountLimitReached' => true || false,
]
Result Details
Members
- autoEnable
-
- Type: AutoEnable structure
The scan types are automatically enabled for new members of your organization.
- maxAccountLimitReached
-
- Type: boolean
Represents whether your organization has reached the maximum Amazon Web Services account limit for Amazon Inspector.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
Disable
$result = $client->disable([/* ... */]); $promise = $client->disableAsync([/* ... */]);
Disables Amazon Inspector scans for one or more Amazon Web Services accounts. Disabling all scan types in an account disables the Amazon Inspector service.
Parameter Syntax
$result = $client->disable([
'accountIds' => ['<string>', ...],
'resourceTypes' => ['<string>', ...],
]);
Parameter Details
Members
Result Syntax
[
'accounts' => [
[
'accountId' => '<string>',
'resourceStatus' => [
'ec2' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
'ecr' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
'lambda' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
'status' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
// ...
],
'failedAccounts' => [
[
'accountId' => '<string>',
'errorCode' => 'ALREADY_ENABLED|ENABLE_IN_PROGRESS|DISABLE_IN_PROGRESS|SUSPEND_IN_PROGRESS|RESOURCE_NOT_FOUND|ACCESS_DENIED|INTERNAL_ERROR|SSM_UNAVAILABLE|SSM_THROTTLED|EVENTBRIDGE_UNAVAILABLE|EVENTBRIDGE_THROTTLED|RESOURCE_SCAN_NOT_DISABLED|DISASSOCIATE_ALL_MEMBERS|ACCOUNT_IS_ISOLATED',
'errorMessage' => '<string>',
'resourceStatus' => [
'ec2' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
'ecr' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
'lambda' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
'status' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
// ...
],
]
Result Details
Members
- accounts
-
- Required: Yes
- Type: Array of Account structures
Information on the accounts that have had Amazon Inspector scans successfully disabled. Details are provided for each account.
- failedAccounts
-
- Type: Array of FailedAccount structures
Information on any accounts for which Amazon Inspector scans could not be disabled. Details are provided for each account.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
DisableDelegatedAdminAccount
$result = $client->disableDelegatedAdminAccount([/* ... */]); $promise = $client->disableDelegatedAdminAccountAsync([/* ... */]);
Disables the Amazon Inspector delegated administrator for your organization.
Parameter Syntax
$result = $client->disableDelegatedAdminAccount([
'delegatedAdminAccountId' => '<string>', // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'delegatedAdminAccountId' => '<string>',
]
Result Details
Members
Errors
-
A conflict occurred.
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
DisassociateMember
$result = $client->disassociateMember([/* ... */]); $promise = $client->disassociateMemberAsync([/* ... */]);
Disassociates a member account from an Amazon Inspector delegated administrator.
Parameter Syntax
$result = $client->disassociateMember([
'accountId' => '<string>', // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'accountId' => '<string>',
]
Result Details
Members
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
Enable
$result = $client->enable([/* ... */]); $promise = $client->enableAsync([/* ... */]);
Enables Amazon Inspector scans for one or more Amazon Web Services accounts.
Parameter Syntax
$result = $client->enable([
'accountIds' => ['<string>', ...],
'clientToken' => '<string>',
'resourceTypes' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'accounts' => [
[
'accountId' => '<string>',
'resourceStatus' => [
'ec2' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
'ecr' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
'lambda' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
'status' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
// ...
],
'failedAccounts' => [
[
'accountId' => '<string>',
'errorCode' => 'ALREADY_ENABLED|ENABLE_IN_PROGRESS|DISABLE_IN_PROGRESS|SUSPEND_IN_PROGRESS|RESOURCE_NOT_FOUND|ACCESS_DENIED|INTERNAL_ERROR|SSM_UNAVAILABLE|SSM_THROTTLED|EVENTBRIDGE_UNAVAILABLE|EVENTBRIDGE_THROTTLED|RESOURCE_SCAN_NOT_DISABLED|DISASSOCIATE_ALL_MEMBERS|ACCOUNT_IS_ISOLATED',
'errorMessage' => '<string>',
'resourceStatus' => [
'ec2' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
'ecr' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
'lambda' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
'status' => 'ENABLING|ENABLED|DISABLING|DISABLED|SUSPENDING|SUSPENDED',
],
// ...
],
]
Result Details
Members
- accounts
-
- Required: Yes
- Type: Array of Account structures
Information on the accounts that have had Amazon Inspector scans successfully enabled. Details are provided for each account.
- failedAccounts
-
- Type: Array of FailedAccount structures
Information on any accounts for which Amazon Inspector scans could not be enabled. Details are provided for each account.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
EnableDelegatedAdminAccount
$result = $client->enableDelegatedAdminAccount([/* ... */]); $promise = $client->enableDelegatedAdminAccountAsync([/* ... */]);
Enables the Amazon Inspector delegated administrator for your Organizations organization.
Parameter Syntax
$result = $client->enableDelegatedAdminAccount([
'clientToken' => '<string>',
'delegatedAdminAccountId' => '<string>', // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'delegatedAdminAccountId' => '<string>',
]
Result Details
Members
Errors
-
A conflict occurred.
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
GetConfiguration
$result = $client->getConfiguration([/* ... */]); $promise = $client->getConfigurationAsync([/* ... */]);
Retrieves setting configurations for Inspector scans.
Parameter Syntax
$result = $client->getConfiguration([ ]);
Parameter Details
Members
Result Syntax
[
'ecrConfiguration' => [
'rescanDurationState' => [
'rescanDuration' => 'LIFETIME|DAYS_30|DAYS_180',
'status' => 'SUCCESS|PENDING|FAILED',
'updatedAt' => <DateTime>,
],
],
]
Result Details
Members
- ecrConfiguration
-
- Type: EcrConfigurationState structure
Specifies how the ECR automated re-scan duration is currently configured for your environment.
Errors
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
GetDelegatedAdminAccount
$result = $client->getDelegatedAdminAccount([/* ... */]); $promise = $client->getDelegatedAdminAccountAsync([/* ... */]);
Retrieves information about the Amazon Inspector delegated administrator for your organization.
Parameter Syntax
$result = $client->getDelegatedAdminAccount([ ]);
Parameter Details
Members
Result Syntax
[
'delegatedAdmin' => [
'accountId' => '<string>',
'relationshipStatus' => 'CREATED|INVITED|DISABLED|ENABLED|REMOVED|RESIGNED|DELETED|EMAIL_VERIFICATION_IN_PROGRESS|EMAIL_VERIFICATION_FAILED|REGION_DISABLED|ACCOUNT_SUSPENDED|CANNOT_CREATE_DETECTOR_IN_ORG_MASTER',
],
]
Result Details
Members
- delegatedAdmin
-
- Type: DelegatedAdmin structure
The Amazon Web Services account ID of the Amazon Inspector delegated administrator.
Errors
-
You do not have sufficient access to perform this action.
-
The request has failed validation due to missing required fields or having invalid inputs.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
GetFindingsReportStatus
$result = $client->getFindingsReportStatus([/* ... */]); $promise = $client->getFindingsReportStatusAsync([/* ... */]);
Gets the status of a findings report.
Parameter Syntax
$result = $client->getFindingsReportStatus([
'reportId' => '<string>',
]);
Parameter Details
Result Syntax
[
'destination' => [
'bucketName' => '<string>',
'keyPrefix' => '<string>',
'kmsKeyArn' => '<string>',
],
'errorCode' => 'INTERNAL_ERROR|INVALID_PERMISSIONS|NO_FINDINGS_FOUND|BUCKET_NOT_FOUND|INCOMPATIBLE_BUCKET_REGION|MALFORMED_KMS_KEY',
'errorMessage' => '<string>',
'filterCriteria' => [
'awsAccountId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'componentId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'componentType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ec2InstanceImageId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ec2InstanceSubnetId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ec2InstanceVpcId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ecrImageArchitecture' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ecrImageHash' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ecrImagePushedAt' => [
[
'endInclusive' => <DateTime>,
'startInclusive' => <DateTime>,
],
// ...
],
'ecrImageRegistry' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ecrImageRepositoryName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ecrImageTags' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'exploitAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'findingArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'findingStatus' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'findingType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'firstObservedAt' => [
[
'endInclusive' => <DateTime>,
'startInclusive' => <DateTime>,
],
// ...
],
'fixAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'inspectorScore' => [
[
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
// ...
],
'lambdaFunctionExecutionRoleArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'lambdaFunctionLastModifiedAt' => [
[
'endInclusive' => <DateTime>,
'startInclusive' => <DateTime>,
],
// ...
],
'lambdaFunctionLayers' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'lambdaFunctionName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'lambdaFunctionRuntime' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'lastObservedAt' => [
[
'endInclusive' => <DateTime>,
'startInclusive' => <DateTime>,
],
// ...
],
'networkProtocol' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'portRange' => [
[
'beginInclusive' => <integer>,
'endInclusive' => <integer>,
],
// ...
],
'relatedVulnerabilities' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'resourceId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'resourceTags' => [
[
'comparison' => 'EQUALS',
'key' => '<string>',
'value' => '<string>',
],
// ...
],
'resourceType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'severity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'title' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'updatedAt' => [
[
'endInclusive' => <DateTime>,
'startInclusive' => <DateTime>,
],
// ...
],
'vendorSeverity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'vulnerabilityId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'vulnerabilitySource' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'vulnerablePackages' => [
[
'architecture' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
'epoch' => [
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
'name' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
'release' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
'sourceLambdaLayerArn' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
'sourceLayerHash' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
'version' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
],
// ...
],
],
'reportId' => '<string>',
'status' => 'SUCCEEDED|IN_PROGRESS|CANCELLED|FAILED',
]
Result Details
Members
- destination
-
- Type: Destination structure
The destination of the report.
- errorCode
-
- Type: string
The error code of the report.
- errorMessage
-
- Type: string
The error message of the report.
- filterCriteria
-
- Type: FilterCriteria structure
The filter criteria associated with the report.
- reportId
-
- Type: string
The ID of the report.
- status
-
- Type: string
The status of the report.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
GetMember
$result = $client->getMember([/* ... */]); $promise = $client->getMemberAsync([/* ... */]);
Gets member information for your organization.
Parameter Syntax
$result = $client->getMember([
'accountId' => '<string>', // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'member' => [
'accountId' => '<string>',
'delegatedAdminAccountId' => '<string>',
'relationshipStatus' => 'CREATED|INVITED|DISABLED|ENABLED|REMOVED|RESIGNED|DELETED|EMAIL_VERIFICATION_IN_PROGRESS|EMAIL_VERIFICATION_FAILED|REGION_DISABLED|ACCOUNT_SUSPENDED|CANNOT_CREATE_DETECTOR_IN_ORG_MASTER',
'updatedAt' => <DateTime>,
],
]
Result Details
Members
- member
-
- Type: Member structure
Details of the retrieved member account.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
ListAccountPermissions
$result = $client->listAccountPermissions([/* ... */]); $promise = $client->listAccountPermissionsAsync([/* ... */]);
Lists the permissions an account has to configure Amazon Inspector.
Parameter Syntax
$result = $client->listAccountPermissions([
'maxResults' => <integer>,
'nextToken' => '<string>',
'service' => 'EC2|ECR|LAMBDA',
]);
Parameter Details
Members
- maxResults
-
- Type: int
The maximum number of results to return in the response.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page. - service
-
- Type: string
The service scan type to check permissions for.
Result Syntax
[
'nextToken' => '<string>',
'permissions' => [
[
'operation' => 'ENABLE_SCANNING|DISABLE_SCANNING|ENABLE_REPOSITORY|DISABLE_REPOSITORY',
'service' => 'EC2|ECR|LAMBDA',
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page. - permissions
-
- Required: Yes
- Type: Array of Permission structures
Contains details on the permissions an account has to configure Amazon Inspector.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
ListCoverage
$result = $client->listCoverage([/* ... */]); $promise = $client->listCoverageAsync([/* ... */]);
Lists coverage details for you environment.
Parameter Syntax
$result = $client->listCoverage([
'filterCriteria' => [
'accountId' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceTags' => [
[
'comparison' => 'EQUALS', // REQUIRED
'key' => '<string>', // REQUIRED
'value' => '<string>',
],
// ...
],
'ecrImageTags' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrRepositoryName' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionName' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionRuntime' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionTags' => [
[
'comparison' => 'EQUALS', // REQUIRED
'key' => '<string>', // REQUIRED
'value' => '<string>',
],
// ...
],
'resourceId' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceType' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'scanStatusCode' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'scanStatusReason' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'scanType' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
],
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- filterCriteria
-
- Type: CoverageFilterCriteria structure
An object that contains details on the filters to apply to the coverage data for your environment.
- maxResults
-
- Type: int
The maximum number of results to return in the response.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page.
Result Syntax
[
'coveredResources' => [
[
'accountId' => '<string>',
'resourceId' => '<string>',
'resourceMetadata' => [
'ec2' => [
'amiId' => '<string>',
'platform' => 'WINDOWS|LINUX|UNKNOWN',
'tags' => ['<string>', ...],
],
'ecrImage' => [
'tags' => ['<string>', ...],
],
'ecrRepository' => [
'name' => '<string>',
'scanFrequency' => 'MANUAL|SCAN_ON_PUSH|CONTINUOUS_SCAN',
],
'lambdaFunction' => [
'functionName' => '<string>',
'functionTags' => ['<string>', ...],
'layers' => ['<string>', ...],
'runtime' => 'NODEJS|NODEJS_12_X|NODEJS_14_X|NODEJS_16_X|JAVA_8|JAVA_8_AL2|JAVA_11|PYTHON_3_7|PYTHON_3_8|PYTHON_3_9|UNSUPPORTED|NODEJS_18_X|GO_1_X',
],
],
'resourceType' => 'AWS_EC2_INSTANCE|AWS_ECR_CONTAINER_IMAGE|AWS_ECR_REPOSITORY|AWS_LAMBDA_FUNCTION',
'scanStatus' => [
'reason' => 'PENDING_INITIAL_SCAN|ACCESS_DENIED|INTERNAL_ERROR|UNMANAGED_EC2_INSTANCE|UNSUPPORTED_OS|SCAN_ELIGIBILITY_EXPIRED|RESOURCE_TERMINATED|SUCCESSFUL|NO_RESOURCES_FOUND|IMAGE_SIZE_EXCEEDED|SCAN_FREQUENCY_MANUAL|SCAN_FREQUENCY_SCAN_ON_PUSH|EC2_INSTANCE_STOPPED|PENDING_DISABLE|NO_INVENTORY|STALE_INVENTORY|EXCLUDED_BY_TAG|UNSUPPORTED_RUNTIME',
'statusCode' => 'ACTIVE|INACTIVE',
],
'scanType' => 'NETWORK|PACKAGE',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- coveredResources
-
- Type: Array of CoveredResource structures
An object that contains details on the covered resources in your environment.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
ListCoverageStatistics
$result = $client->listCoverageStatistics([/* ... */]); $promise = $client->listCoverageStatisticsAsync([/* ... */]);
Lists Amazon Inspector coverage statistics for your environment.
Parameter Syntax
$result = $client->listCoverageStatistics([
'filterCriteria' => [
'accountId' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceTags' => [
[
'comparison' => 'EQUALS', // REQUIRED
'key' => '<string>', // REQUIRED
'value' => '<string>',
],
// ...
],
'ecrImageTags' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrRepositoryName' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionName' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionRuntime' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionTags' => [
[
'comparison' => 'EQUALS', // REQUIRED
'key' => '<string>', // REQUIRED
'value' => '<string>',
],
// ...
],
'resourceId' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceType' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'scanStatusCode' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'scanStatusReason' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'scanType' => [
[
'comparison' => 'EQUALS|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
],
'groupBy' => 'SCAN_STATUS_CODE|SCAN_STATUS_REASON|ACCOUNT_ID|RESOURCE_TYPE|ECR_REPOSITORY_NAME',
'nextToken' => '<string>',
]);
Parameter Details
Members
- filterCriteria
-
- Type: CoverageFilterCriteria structure
An object that contains details on the filters to apply to the coverage data for your environment.
- groupBy
-
- Type: string
The value to group the results by.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page.
Result Syntax
[
'countsByGroup' => [
[
'count' => <integer>,
'groupKey' => 'SCAN_STATUS_CODE|SCAN_STATUS_REASON|ACCOUNT_ID|RESOURCE_TYPE|ECR_REPOSITORY_NAME',
],
// ...
],
'nextToken' => '<string>',
'totalCounts' => <integer>,
]
Result Details
Members
- countsByGroup
-
- Type: Array of Counts structures
An array with the number for each group.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page. - totalCounts
-
- Required: Yes
- Type: long (int|float)
The total number for all groups.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
ListDelegatedAdminAccounts
$result = $client->listDelegatedAdminAccounts([/* ... */]); $promise = $client->listDelegatedAdminAccountsAsync([/* ... */]);
Lists information about the Amazon Inspector delegated administrator of your organization.
Parameter Syntax
$result = $client->listDelegatedAdminAccounts([
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- maxResults
-
- Type: int
The maximum number of results to return in the response.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page.
Result Syntax
[
'delegatedAdminAccounts' => [
[
'accountId' => '<string>',
'status' => 'ENABLED|DISABLE_IN_PROGRESS',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- delegatedAdminAccounts
-
- Type: Array of DelegatedAdminAccount structures
Details of the Amazon Inspector delegated administrator of your organization.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
ListFilters
$result = $client->listFilters([/* ... */]); $promise = $client->listFiltersAsync([/* ... */]);
Lists the filters associated with your account.
Parameter Syntax
$result = $client->listFilters([
'action' => 'NONE|SUPPRESS',
'arns' => ['<string>', ...],
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- action
-
- Type: string
The action the filter applies to matched findings.
- arns
-
- Type: Array of strings
The Amazon resource number (ARN) of the filter.
- maxResults
-
- Type: int
The maximum number of results to return in the response.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page.
Result Syntax
[
'filters' => [
[
'action' => 'NONE|SUPPRESS',
'arn' => '<string>',
'createdAt' => <DateTime>,
'criteria' => [
'awsAccountId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'componentId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'componentType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ec2InstanceImageId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ec2InstanceSubnetId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ec2InstanceVpcId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ecrImageArchitecture' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ecrImageHash' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ecrImagePushedAt' => [
[
'endInclusive' => <DateTime>,
'startInclusive' => <DateTime>,
],
// ...
],
'ecrImageRegistry' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ecrImageRepositoryName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'ecrImageTags' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'exploitAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'findingArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'findingStatus' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'findingType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'firstObservedAt' => [
[
'endInclusive' => <DateTime>,
'startInclusive' => <DateTime>,
],
// ...
],
'fixAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'inspectorScore' => [
[
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
// ...
],
'lambdaFunctionExecutionRoleArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'lambdaFunctionLastModifiedAt' => [
[
'endInclusive' => <DateTime>,
'startInclusive' => <DateTime>,
],
// ...
],
'lambdaFunctionLayers' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'lambdaFunctionName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'lambdaFunctionRuntime' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'lastObservedAt' => [
[
'endInclusive' => <DateTime>,
'startInclusive' => <DateTime>,
],
// ...
],
'networkProtocol' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'portRange' => [
[
'beginInclusive' => <integer>,
'endInclusive' => <integer>,
],
// ...
],
'relatedVulnerabilities' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'resourceId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'resourceTags' => [
[
'comparison' => 'EQUALS',
'key' => '<string>',
'value' => '<string>',
],
// ...
],
'resourceType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'severity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'title' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'updatedAt' => [
[
'endInclusive' => <DateTime>,
'startInclusive' => <DateTime>,
],
// ...
],
'vendorSeverity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'vulnerabilityId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'vulnerabilitySource' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
// ...
],
'vulnerablePackages' => [
[
'architecture' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
'epoch' => [
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
'name' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
'release' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
'sourceLambdaLayerArn' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
'sourceLayerHash' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
'version' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS',
'value' => '<string>',
],
],
// ...
],
],
'description' => '<string>',
'name' => '<string>',
'ownerId' => '<string>',
'reason' => '<string>',
'tags' => ['<string>', ...],
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- filters
-
- Required: Yes
- Type: Array of Filter structures
Contains details on the filters associated with your account.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
ListFindingAggregations
$result = $client->listFindingAggregations([/* ... */]); $promise = $client->listFindingAggregationsAsync([/* ... */]);
Lists aggregated finding data for your environment based on specific criteria.
Parameter Syntax
$result = $client->listFindingAggregations([
'accountIds' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'aggregationRequest' => [
'accountAggregation' => [
'findingType' => 'NETWORK_REACHABILITY|PACKAGE_VULNERABILITY',
'resourceType' => 'AWS_EC2_INSTANCE|AWS_ECR_CONTAINER_IMAGE|AWS_LAMBDA_FUNCTION',
'sortBy' => 'CRITICAL|HIGH|ALL',
'sortOrder' => 'ASC|DESC',
],
'amiAggregation' => [
'amis' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'sortBy' => 'CRITICAL|HIGH|ALL|AFFECTED_INSTANCES',
'sortOrder' => 'ASC|DESC',
],
'awsEcrContainerAggregation' => [
'architectures' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'imageShas' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'imageTags' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'repositories' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceIds' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'sortBy' => 'CRITICAL|HIGH|ALL',
'sortOrder' => 'ASC|DESC',
],
'ec2InstanceAggregation' => [
'amis' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'instanceIds' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'instanceTags' => [
[
'comparison' => 'EQUALS', // REQUIRED
'key' => '<string>', // REQUIRED
'value' => '<string>',
],
// ...
],
'operatingSystems' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'sortBy' => 'NETWORK_FINDINGS|CRITICAL|HIGH|ALL',
'sortOrder' => 'ASC|DESC',
],
'findingTypeAggregation' => [
'findingType' => 'NETWORK_REACHABILITY|PACKAGE_VULNERABILITY',
'resourceType' => 'AWS_EC2_INSTANCE|AWS_ECR_CONTAINER_IMAGE|AWS_LAMBDA_FUNCTION',
'sortBy' => 'CRITICAL|HIGH|ALL',
'sortOrder' => 'ASC|DESC',
],
'imageLayerAggregation' => [
'layerHashes' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'repositories' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceIds' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'sortBy' => 'CRITICAL|HIGH|ALL',
'sortOrder' => 'ASC|DESC',
],
'lambdaFunctionAggregation' => [
'functionNames' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'functionTags' => [
[
'comparison' => 'EQUALS', // REQUIRED
'key' => '<string>', // REQUIRED
'value' => '<string>',
],
// ...
],
'resourceIds' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'runtimes' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'sortBy' => 'CRITICAL|HIGH|ALL',
'sortOrder' => 'ASC|DESC',
],
'lambdaLayerAggregation' => [
'functionNames' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'layerArns' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceIds' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'sortBy' => 'CRITICAL|HIGH|ALL',
'sortOrder' => 'ASC|DESC',
],
'packageAggregation' => [
'packageNames' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'sortBy' => 'CRITICAL|HIGH|ALL',
'sortOrder' => 'ASC|DESC',
],
'repositoryAggregation' => [
'repositories' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'sortBy' => 'CRITICAL|HIGH|ALL|AFFECTED_IMAGES',
'sortOrder' => 'ASC|DESC',
],
'titleAggregation' => [
'resourceType' => 'AWS_EC2_INSTANCE|AWS_ECR_CONTAINER_IMAGE|AWS_LAMBDA_FUNCTION',
'sortBy' => 'CRITICAL|HIGH|ALL',
'sortOrder' => 'ASC|DESC',
'titles' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerabilityIds' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
],
],
'aggregationType' => 'FINDING_TYPE|PACKAGE|TITLE|REPOSITORY|AMI|AWS_EC2_INSTANCE|AWS_ECR_CONTAINER|IMAGE_LAYER|ACCOUNT|AWS_LAMBDA_FUNCTION|LAMBDA_LAYER', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- accountIds
-
- Type: Array of StringFilter structures
The Amazon Web Services account IDs to retrieve finding aggregation data for.
- aggregationRequest
-
- Type: AggregationRequest structure
Details of the aggregation request that is used to filter your aggregation results.
- aggregationType
-
- Required: Yes
- Type: string
The type of the aggregation request.
- maxResults
-
- Type: int
The maximum number of results to return in the response.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page.
Result Syntax
[
'aggregationType' => 'FINDING_TYPE|PACKAGE|TITLE|REPOSITORY|AMI|AWS_EC2_INSTANCE|AWS_ECR_CONTAINER|IMAGE_LAYER|ACCOUNT|AWS_LAMBDA_FUNCTION|LAMBDA_LAYER',
'nextToken' => '<string>',
'responses' => [
[
'accountAggregation' => [
'accountId' => '<string>',
'severityCounts' => [
'all' => <integer>,
'critical' => <integer>,
'high' => <integer>,
'medium' => <integer>,
],
],
'amiAggregation' => [
'accountId' => '<string>',
'affectedInstances' => <integer>,
'ami' => '<string>',
'severityCounts' => [
'all' => <integer>,
'critical' => <integer>,
'high' => <integer>,
'medium' => <integer>,
],
],
'awsEcrContainerAggregation' => [
'accountId' => '<string>',
'architecture' => '<string>',
'imageSha' => '<string>',
'imageTags' => ['<string>', ...],
'repository' => '<string>',
'resourceId' => '<string>',
'severityCounts' => [
'all' => <integer>,
'critical' => <integer>,
'high' => <integer>,
'medium' => <integer>,
],
],
'ec2InstanceAggregation' => [
'accountId' => '<string>',
'ami' => '<string>',
'instanceId' => '<string>',
'instanceTags' => ['<string>', ...],
'networkFindings' => <integer>,
'operatingSystem' => '<string>',
'severityCounts' => [
'all' => <integer>,
'critical' => <integer>,
'high' => <integer>,
'medium' => <integer>,
],
],
'findingTypeAggregation' => [
'accountId' => '<string>',
'severityCounts' => [
'all' => <integer>,
'critical' => <integer>,
'high' => <integer>,
'medium' => <integer>,
],
],
'imageLayerAggregation' => [
'accountId' => '<string>',
'layerHash' => '<string>',
'repository' => '<string>',
'resourceId' => '<string>',
'severityCounts' => [
'all' => <integer>,
'critical' => <integer>,
'high' => <integer>,
'medium' => <integer>,
],
],
'lambdaFunctionAggregation' => [
'accountId' => '<string>',
'functionName' => '<string>',
'lambdaTags' => ['<string>', ...],
'lastModifiedAt' => <DateTime>,
'resourceId' => '<string>',
'runtime' => '<string>',
'severityCounts' => [
'all' => <integer>,
'critical' => <integer>,
'high' => <integer>,
'medium' => <integer>,
],
],
'lambdaLayerAggregation' => [
'accountId' => '<string>',
'functionName' => '<string>',
'layerArn' => '<string>',
'resourceId' => '<string>',
'severityCounts' => [
'all' => <integer>,
'critical' => <integer>,
'high' => <integer>,
'medium' => <integer>,
],
],
'packageAggregation' => [
'accountId' => '<string>',
'packageName' => '<string>',
'severityCounts' => [
'all' => <integer>,
'critical' => <integer>,
'high' => <integer>,
'medium' => <integer>,
],
],
'repositoryAggregation' => [
'accountId' => '<string>',
'affectedImages' => <integer>,
'repository' => '<string>',
'severityCounts' => [
'all' => <integer>,
'critical' => <integer>,
'high' => <integer>,
'medium' => <integer>,
],
],
'titleAggregation' => [
'accountId' => '<string>',
'severityCounts' => [
'all' => <integer>,
'critical' => <integer>,
'high' => <integer>,
'medium' => <integer>,
],
'title' => '<string>',
'vulnerabilityId' => '<string>',
],
],
// ...
],
]
Result Details
Members
- aggregationType
-
- Required: Yes
- Type: string
The type of aggregation to perform.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page. - responses
-
- Type: Array of AggregationResponse structures
Objects that contain the results of an aggregation operation.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
ListFindings
$result = $client->listFindings([/* ... */]); $promise = $client->listFindingsAsync([/* ... */]);
Lists findings for your environment.
Parameter Syntax
$result = $client->listFindings([
'filterCriteria' => [
'awsAccountId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'componentId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'componentType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceImageId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceSubnetId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceVpcId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageArchitecture' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageHash' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImagePushedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'ecrImageRegistry' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageRepositoryName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageTags' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'exploitAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingStatus' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'firstObservedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'fixAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'inspectorScore' => [
[
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
// ...
],
'lambdaFunctionExecutionRoleArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionLastModifiedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'lambdaFunctionLayers' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionRuntime' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lastObservedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'networkProtocol' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'portRange' => [
[
'beginInclusive' => <integer>,
'endInclusive' => <integer>,
],
// ...
],
'relatedVulnerabilities' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceTags' => [
[
'comparison' => 'EQUALS', // REQUIRED
'key' => '<string>', // REQUIRED
'value' => '<string>',
],
// ...
],
'resourceType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'severity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'title' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'updatedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'vendorSeverity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerabilityId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerabilitySource' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerablePackages' => [
[
'architecture' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'epoch' => [
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
'name' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'release' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'sourceLambdaLayerArn' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'sourceLayerHash' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'version' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
],
// ...
],
],
'maxResults' => <integer>,
'nextToken' => '<string>',
'sortCriteria' => [
'field' => 'AWS_ACCOUNT_ID|FINDING_TYPE|SEVERITY|FIRST_OBSERVED_AT|LAST_OBSERVED_AT|FINDING_STATUS|RESOURCE_TYPE|ECR_IMAGE_PUSHED_AT|ECR_IMAGE_REPOSITORY_NAME|ECR_IMAGE_REGISTRY|NETWORK_PROTOCOL|COMPONENT_TYPE|VULNERABILITY_ID|VULNERABILITY_SOURCE|INSPECTOR_SCORE|VENDOR_SEVERITY', // REQUIRED
'sortOrder' => 'ASC|DESC', // REQUIRED
],
]);
Parameter Details
Members
- filterCriteria
-
- Type: FilterCriteria structure
Details on the filters to apply to your finding results.
- maxResults
-
- Type: int
The maximum number of results to return in the response.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page. - sortCriteria
-
- Type: SortCriteria structure
Details on the sort criteria to apply to your finding results.
Result Syntax
[
'findings' => [
[
'awsAccountId' => '<string>',
'description' => '<string>',
'exploitAvailable' => 'YES|NO',
'exploitabilityDetails' => [
'lastKnownExploitAt' => <DateTime>,
],
'findingArn' => '<string>',
'firstObservedAt' => <DateTime>,
'fixAvailable' => 'YES|NO|PARTIAL',
'inspectorScore' => <float>,
'inspectorScoreDetails' => [
'adjustedCvss' => [
'adjustments' => [
[
'metric' => '<string>',
'reason' => '<string>',
],
// ...
],
'cvssSource' => '<string>',
'score' => <float>,
'scoreSource' => '<string>',
'scoringVector' => '<string>',
'version' => '<string>',
],
],
'lastObservedAt' => <DateTime>,
'networkReachabilityDetails' => [
'networkPath' => [
'steps' => [
[
'componentId' => '<string>',
'componentType' => '<string>',
],
// ...
],
],
'openPortRange' => [
'begin' => <integer>,
'end' => <integer>,
],
'protocol' => 'TCP|UDP',
],
'packageVulnerabilityDetails' => [
'cvss' => [
[
'baseScore' => <float>,
'scoringVector' => '<string>',
'source' => '<string>',
'version' => '<string>',
],
// ...
],
'referenceUrls' => ['<string>', ...],
'relatedVulnerabilities' => ['<string>', ...],
'source' => '<string>',
'sourceUrl' => '<string>',
'vendorCreatedAt' => <DateTime>,
'vendorSeverity' => '<string>',
'vendorUpdatedAt' => <DateTime>,
'vulnerabilityId' => '<string>',
'vulnerablePackages' => [
[
'arch' => '<string>',
'epoch' => <integer>,
'filePath' => '<string>',
'fixedInVersion' => '<string>',
'name' => '<string>',
'packageManager' => 'BUNDLER|CARGO|COMPOSER|NPM|NUGET|PIPENV|POETRY|YARN|GOBINARY|GOMOD|JAR|OS|PIP|PYTHONPKG|NODEPKG|POM',
'release' => '<string>',
'remediation' => '<string>',
'sourceLambdaLayerArn' => '<string>',
'sourceLayerHash' => '<string>',
'version' => '<string>',
],
// ...
],
],
'remediation' => [
'recommendation' => [
'Url' => '<string>',
'text' => '<string>',
],
],
'resources' => [
[
'details' => [
'awsEc2Instance' => [
'iamInstanceProfileArn' => '<string>',
'imageId' => '<string>',
'ipV4Addresses' => ['<string>', ...],
'ipV6Addresses' => ['<string>', ...],
'keyName' => '<string>',
'launchedAt' => <DateTime>,
'platform' => '<string>',
'subnetId' => '<string>',
'type' => '<string>',
'vpcId' => '<string>',
],
'awsEcrContainerImage' => [
'architecture' => '<string>',
'author' => '<string>',
'imageHash' => '<string>',
'imageTags' => ['<string>', ...],
'platform' => '<string>',
'pushedAt' => <DateTime>,
'registry' => '<string>',
'repositoryName' => '<string>',
],
'awsLambdaFunction' => [
'architectures' => ['<string>', ...],
'codeSha256' => '<string>',
'executionRoleArn' => '<string>',
'functionName' => '<string>',
'lastModifiedAt' => <DateTime>,
'layers' => ['<string>', ...],
'packageType' => 'IMAGE|ZIP',
'runtime' => 'NODEJS|NODEJS_12_X|NODEJS_14_X|NODEJS_16_X|JAVA_8|JAVA_8_AL2|JAVA_11|PYTHON_3_7|PYTHON_3_8|PYTHON_3_9|UNSUPPORTED|NODEJS_18_X|GO_1_X',
'version' => '<string>',
'vpcConfig' => [
'securityGroupIds' => ['<string>', ...],
'subnetIds' => ['<string>', ...],
'vpcId' => '<string>',
],
],
],
'id' => '<string>',
'partition' => '<string>',
'region' => '<string>',
'tags' => ['<string>', ...],
'type' => 'AWS_EC2_INSTANCE|AWS_ECR_CONTAINER_IMAGE|AWS_ECR_REPOSITORY|AWS_LAMBDA_FUNCTION',
],
// ...
],
'severity' => 'INFORMATIONAL|LOW|MEDIUM|HIGH|CRITICAL|UNTRIAGED',
'status' => 'ACTIVE|SUPPRESSED|CLOSED',
'title' => '<string>',
'type' => 'NETWORK_REACHABILITY|PACKAGE_VULNERABILITY',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- findings
-
- Type: Array of Finding structures
Contains details on the findings in your environment.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
ListMembers
$result = $client->listMembers([/* ... */]); $promise = $client->listMembersAsync([/* ... */]);
List members associated with the Amazon Inspector delegated administrator for your organization.
Parameter Syntax
$result = $client->listMembers([
'maxResults' => <integer>,
'nextToken' => '<string>',
'onlyAssociated' => true || false,
]);
Parameter Details
Members
- maxResults
-
- Type: int
The maximum number of results to return in the response.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page. - onlyAssociated
-
- Type: boolean
Specifies whether to list only currently associated members if
Trueor to list all members within the organization ifFalse.
Result Syntax
[
'members' => [
[
'accountId' => '<string>',
'delegatedAdminAccountId' => '<string>',
'relationshipStatus' => 'CREATED|INVITED|DISABLED|ENABLED|REMOVED|RESIGNED|DELETED|EMAIL_VERIFICATION_IN_PROGRESS|EMAIL_VERIFICATION_FAILED|REGION_DISABLED|ACCOUNT_SUSPENDED|CANNOT_CREATE_DETECTOR_IN_ORG_MASTER',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- members
-
- Type: Array of Member structures
An object that contains details for each member account.
- nextToken
-
- Type: string
The pagination parameter to be used on the next list operation to retrieve more items.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
ListTagsForResource
$result = $client->listTagsForResource([/* ... */]); $promise = $client->listTagsForResourceAsync([/* ... */]);
Lists all tags attached to a given resource.
Parameter Syntax
$result = $client->listTagsForResource([
'resourceArn' => '<string>', // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'tags' => ['<string>', ...],
]
Result Details
Members
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
ListUsageTotals
$result = $client->listUsageTotals([/* ... */]); $promise = $client->listUsageTotalsAsync([/* ... */]);
Lists the Amazon Inspector usage totals over the last 30 days.
Parameter Syntax
$result = $client->listUsageTotals([
'accountIds' => ['<string>', ...],
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- accountIds
-
- Type: Array of strings
The Amazon Web Services account IDs to retrieve usage totals for.
- maxResults
-
- Type: int
The maximum number of results to return in the response.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the
NextTokenvalue returned from the previous request to continue listing results after the first page.
Result Syntax
[
'nextToken' => '<string>',
'totals' => [
[
'accountId' => '<string>',
'usage' => [
[
'currency' => 'USD',
'estimatedMonthlyCost' => <float>,
'total' => <float>,
'type' => 'EC2_INSTANCE_HOURS|ECR_INITIAL_SCAN|ECR_RESCAN|LAMBDA_FUNCTION_HOURS',
],
// ...
],
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
The pagination parameter to be used on the next list operation to retrieve more items.
- totals
-
- Type: Array of UsageTotal structures
An object with details on the total usage for the requested account.
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
TagResource
$result = $client->tagResource([/* ... */]); $promise = $client->tagResourceAsync([/* ... */]);
Adds tags to a resource.
Parameter Syntax
$result = $client->tagResource([
'resourceArn' => '<string>', // REQUIRED
'tags' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
Result Syntax
[]
Result Details
Errors
-
One or more tags submitted as part of the request is not valid.
-
The request has failed validation due to missing required fields or having invalid inputs.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
UntagResource
$result = $client->untagResource([/* ... */]); $promise = $client->untagResourceAsync([/* ... */]);
Removes tags from a resource.
Parameter Syntax
$result = $client->untagResource([
'resourceArn' => '<string>', // REQUIRED
'tagKeys' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
Result Syntax
[]
Result Details
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
UpdateConfiguration
$result = $client->updateConfiguration([/* ... */]); $promise = $client->updateConfigurationAsync([/* ... */]);
Updates setting configurations for your Amazon Inspector account. When you use this API as an Amazon Inspector delegated administrator this updates the setting for all accounts you manage. Member accounts in an organization cannot update this setting.
Parameter Syntax
$result = $client->updateConfiguration([
'ecrConfiguration' => [ // REQUIRED
'rescanDuration' => 'LIFETIME|DAYS_30|DAYS_180', // REQUIRED
],
]);
Parameter Details
Members
- ecrConfiguration
-
- Required: Yes
- Type: EcrConfiguration structure
Specifies how the ECR automated re-scan will be updated for your environment.
Result Syntax
[]
Result Details
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
UpdateFilter
$result = $client->updateFilter([/* ... */]); $promise = $client->updateFilterAsync([/* ... */]);
Specifies the action that is to be applied to the findings that match the filter.
Parameter Syntax
$result = $client->updateFilter([
'action' => 'NONE|SUPPRESS',
'description' => '<string>',
'filterArn' => '<string>', // REQUIRED
'filterCriteria' => [
'awsAccountId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'componentId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'componentType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceImageId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceSubnetId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ec2InstanceVpcId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageArchitecture' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageHash' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImagePushedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'ecrImageRegistry' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageRepositoryName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'ecrImageTags' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'exploitAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingStatus' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'findingType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'firstObservedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'fixAvailable' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'inspectorScore' => [
[
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
// ...
],
'lambdaFunctionExecutionRoleArn' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionLastModifiedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'lambdaFunctionLayers' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionName' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lambdaFunctionRuntime' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'lastObservedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'networkProtocol' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'portRange' => [
[
'beginInclusive' => <integer>,
'endInclusive' => <integer>,
],
// ...
],
'relatedVulnerabilities' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'resourceTags' => [
[
'comparison' => 'EQUALS', // REQUIRED
'key' => '<string>', // REQUIRED
'value' => '<string>',
],
// ...
],
'resourceType' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'severity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'title' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'updatedAt' => [
[
'endInclusive' => <integer || string || DateTime>,
'startInclusive' => <integer || string || DateTime>,
],
// ...
],
'vendorSeverity' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerabilityId' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerabilitySource' => [
[
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
// ...
],
'vulnerablePackages' => [
[
'architecture' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'epoch' => [
'lowerInclusive' => <float>,
'upperInclusive' => <float>,
],
'name' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'release' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'sourceLambdaLayerArn' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'sourceLayerHash' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
'version' => [
'comparison' => 'EQUALS|PREFIX|NOT_EQUALS', // REQUIRED
'value' => '<string>', // REQUIRED
],
],
// ...
],
],
'name' => '<string>',
'reason' => '<string>',
]);
Parameter Details
Members
- action
-
- Type: string
Specifies the action that is to be applied to the findings that match the filter.
- description
-
- Type: string
A description of the filter.
- filterArn
-
- Required: Yes
- Type: string
The Amazon Resource Number (ARN) of the filter to update.
- filterCriteria
-
- Type: FilterCriteria structure
Defines the criteria to be update in the filter.
- name
-
- Type: string
The name of the filter.
- reason
-
- Type: string
The reason the filter was updated.
Result Syntax
[
'arn' => '<string>',
]
Result Details
Members
Errors
-
The request has failed validation due to missing required fields or having invalid inputs.
-
You do not have sufficient access to perform this action.
-
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
UpdateOrganizationConfiguration
$result = $client->updateOrganizationConfiguration([/* ... */]); $promise = $client->updateOrganizationConfigurationAsync([/* ... */]);
Updates the configurations for your Amazon Inspector organization.
Parameter Syntax
$result = $client->updateOrganizationConfiguration([
'autoEnable' => [ // REQUIRED
'ec2' => true || false, // REQUIRED
'ecr' => true || false, // REQUIRED
'lambda' => true || false,
],
]);
Parameter Details
Members
- autoEnable
-
- Required: Yes
- Type: AutoEnable structure
Defines which scan types are enabled automatically for new members of your Amazon Inspector organization.
Result Syntax
[
'autoEnable' => [
'ec2' => true || false,
'ecr' => true || false,
'lambda' => true || false,
],
]
Result Details
Members
- autoEnable
-
- Required: Yes
- Type: AutoEnable structure
The updated status of scan types automatically enabled for new members of your Amazon Inspector organization.
Errors
-
You do not have sufficient access to perform this action.
-
The request has failed validation due to missing required fields or having invalid inputs.
-
The limit on the number of requests per second was exceeded.
-
The request has failed due to an internal failure of the Amazon Inspector service.
Shapes
AccessDeniedException
Description
You do not have sufficient access to perform this action.
Members
Account
Description
An Amazon Web Services account within your environment that Amazon Inspector has been enabled for.
Members
- accountId
-
- Required: Yes
- Type: string
The ID of the Amazon Web Services account.
- resourceStatus
-
- Required: Yes
- Type: ResourceStatus structure
Details of the status of Amazon Inspector scans by resource type.
- status
-
- Required: Yes
- Type: string
The status of Amazon Inspector for the account.
AccountAggregation
Description
An object that contains details about an aggregation response based on Amazon Web Services accounts.
Members
AccountAggregationResponse
Description
An aggregation of findings by Amazon Web Services account ID.
Members
- accountId
-
- Type: string
The Amazon Web Services account ID.
- severityCounts
-
- Type: SeverityCounts structure
The number of findings by severity.
AccountState
Description
An object with details the status of an Amazon Web Services account within your Amazon Inspector environment.
Members
- accountId
-
- Required: Yes
- Type: string
The Amazon Web Services account ID.
- resourceState
-
- Required: Yes
- Type: ResourceState structure
An object detailing which resources Amazon Inspector is enabled to scan for the account.
- state
-
- Required: Yes
- Type: State structure
An object detailing the status of Amazon Inspector for the account.
AggregationRequest
Description
Contains details about an aggregation request.
Members
- accountAggregation
-
- Type: AccountAggregation structure
An object that contains details about an aggregation request based on Amazon Web Services account IDs.
- amiAggregation
-
- Type: AmiAggregation structure
An object that contains details about an aggregation request based on Amazon Machine Images (AMIs).
- awsEcrContainerAggregation
-
- Type: AwsEcrContainerAggregation structure
An object that contains details about an aggregation request based on Amazon ECR container images.
- ec2InstanceAggregation
-
- Type: Ec2InstanceAggregation structure
An object that contains details about an aggregation request based on Amazon EC2 instances.
- findingTypeAggregation
-
- Type: FindingTypeAggregation structure
An object that contains details about an aggregation request based on finding types.
- imageLayerAggregation
-
- Type: ImageLayerAggregation structure
An object that contains details about an aggregation request based on container image layers.
- lambdaFunctionAggregation
-
- Type: LambdaFunctionAggregation structure
Returns an object with findings aggregated by AWS Lambda function.
- lambdaLayerAggregation
-
- Type: LambdaLayerAggregation structure
Returns an object with findings aggregated by AWS Lambda layer.
- packageAggregation
-
- Type: PackageAggregation structure
An object that contains details about an aggregation request based on operating system package type.
- repositoryAggregation
-
- Type: RepositoryAggregation structure
An object that contains details about an aggregation request based on Amazon ECR repositories.
- titleAggregation
-
- Type: TitleAggregation structure
An object that contains details about an aggregation request based on finding title.
AggregationResponse
Description
A structure that contains details about the results of an aggregation type.
Members
- accountAggregation
-
- Type: AccountAggregationResponse structure
An object that contains details about an aggregation response based on Amazon Web Services account IDs.
- amiAggregation
-
- Type: AmiAggregationResponse structure
An object that contains details about an aggregation response based on Amazon Machine Images (AMIs).
- awsEcrContainerAggregation
-
- Type: AwsEcrContainerAggregationResponse structure
An object that contains details about an aggregation response based on Amazon ECR container images.
- ec2InstanceAggregation
-
- Type: Ec2InstanceAggregationResponse structure
An object that contains details about an aggregation response based on Amazon EC2 instances.
- findingTypeAggregation
-
- Type: FindingTypeAggregationResponse structure
An object that contains details about an aggregation response based on finding types.
- imageLayerAggregation
-
- Type: ImageLayerAggregationResponse structure
An object that contains details about an aggregation response based on container image layers.
- lambdaFunctionAggregation
-
- Type: LambdaFunctionAggregationResponse structure
An aggregation of findings by AWS Lambda function.
- lambdaLayerAggregation
-
- Type: LambdaLayerAggregationResponse structure
An aggregation of findings by AWS Lambda layer.
- packageAggregation
-
- Type: PackageAggregationResponse structure
An object that contains details about an aggregation response based on operating system package type.
- repositoryAggregation
-
- Type: RepositoryAggregationResponse structure
An object that contains details about an aggregation response based on Amazon ECR repositories.
- titleAggregation
-
- Type: TitleAggregationResponse structure
An object that contains details about an aggregation response based on finding title.
AmiAggregation
Description
The details that define an aggregation based on Amazon machine images (AMIs).
Members
- amis
-
- Type: Array of StringFilter structures
The IDs of AMIs to aggregate findings for.
- sortBy
-
- Type: string
The value to sort results by.
- sortOrder
-
- Type: string
The order to sort results by.
AmiAggregationResponse
Description
A response that contains the results of a finding aggregation by AMI.
Members
- accountId
-
- Type: string
The Amazon Web Services account ID for the AMI.
- affectedInstances
-
- Type: long (int|float)
The IDs of Amazon EC2 instances using this AMI.
- ami
-
- Required: Yes
- Type: string
The ID of the AMI that findings were aggregated for.
- severityCounts
-
- Type: SeverityCounts structure
An object that contains the count of matched findings per severity.
AutoEnable
Description
Represents which scan types are automatically enabled for new members of your Amazon Inspector organization.
Members
- ec2
-
- Required: Yes
- Type: boolean
Represents whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.
- ecr
-
- Required: Yes
- Type: boolean
Represents whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.
- lambda
-
- Type: boolean
Represents whether AWS Lambda scans are automatically enabled for new members of your Amazon Inspector organization.
AwsEc2InstanceDetails
Description
Details of the Amazon EC2 instance involved in a finding.
Members
- iamInstanceProfileArn
-
- Type: string
The IAM instance profile ARN of the Amazon EC2 instance.
- imageId
-
- Type: string
The image ID of the Amazon EC2 instance.
- ipV4Addresses
-
- Type: Array of strings
The IPv4 addresses of the Amazon EC2 instance.
- ipV6Addresses
-
- Type: Array of strings
The IPv6 addresses of the Amazon EC2 instance.
- keyName
-
- Type: string
The name of the key pair used to launch the Amazon EC2 instance.
- launchedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the Amazon EC2 instance was launched at.
- platform
-
- Type: string
The platform of the Amazon EC2 instance.
- subnetId
-
- Type: string
The subnet ID of the Amazon EC2 instance.
- type
-
- Type: string
The type of the Amazon EC2 instance.
- vpcId
-
- Type: string
The VPC ID of the Amazon EC2 instance.
AwsEcrContainerAggregation
Description
An aggregation of information about Amazon ECR containers.
Members
- architectures
-
- Type: Array of StringFilter structures
The architecture of the containers.
- imageShas
-
- Type: Array of StringFilter structures
The image SHA values.
- imageTags
-
- Type: Array of StringFilter structures
The image tags.
- repositories
-
- Type: Array of StringFilter structures
The container repositories.
- resourceIds
-
- Type: Array of StringFilter structures
The container resource IDs.
- sortBy
-
- Type: string
The value to sort by.
- sortOrder
-
- Type: string
The sort order (ascending or descending).
AwsEcrContainerAggregationResponse
Description
An aggregation of information about Amazon ECR containers.
Members
- accountId
-
- Type: string
The Amazon Web Services account ID of the account that owns the container.
- architecture
-
- Type: string
The architecture of the container.
- imageSha
-
- Type: string
The SHA value of the container image.
- imageTags
-
- Type: Array of strings
The container image stags.
- repository
-
- Type: string
The container repository.
- resourceId
-
- Required: Yes
- Type: string
The resource ID of the container.
- severityCounts
-
- Type: SeverityCounts structure
The number of finding by severity.
AwsEcrContainerImageDetails
Description
The image details of the Amazon ECR container image.
Members
- architecture
-
- Type: string
The architecture of the Amazon ECR container image.
- author
-
- Type: string
The image author of the Amazon ECR container image.
- imageHash
-
- Required: Yes
- Type: string
The image hash of the Amazon ECR container image.
- imageTags
-
- Type: Array of strings
The image tags attached to the Amazon ECR container image.
- platform
-
- Type: string
The platform of the Amazon ECR container image.
- pushedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the Amazon ECR container image was pushed.
- registry
-
- Required: Yes
- Type: string
The registry for the Amazon ECR container image.
- repositoryName
-
- Required: Yes
- Type: string
The name of the repository the Amazon ECR container image resides in.
AwsLambdaFunctionDetails
Description
A summary of information about the AWS Lambda function.
Members
- architectures
-
- Type: Array of strings
The instruction set architecture that the AWS Lambda function supports. Architecture is a string array with one of the valid values. The default architecture value is
x86_64. - codeSha256
-
- Required: Yes
- Type: string
The SHA256 hash of the AWS Lambda function's deployment package.
- executionRoleArn
-
- Required: Yes
- Type: string
The AWS Lambda function's execution role.
- functionName
-
- Required: Yes
- Type: string
The name of the AWS Lambda function.
- lastModifiedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time that a user last updated the configuration, in ISO 8601 format
- layers
-
- Type: Array of strings
The AWS Lambda function's layers. A Lambda function can have up to five layers.
- packageType
-
- Type: string
The type of deployment package. Set to
Imagefor container image and setZipfor .zip file archive. - runtime
-
- Required: Yes
- Type: string
The runtime environment for the AWS Lambda function.
- version
-
- Required: Yes
- Type: string
The version of the AWS Lambda function.
- vpcConfig
-
- Type: LambdaVpcConfig structure
The AWS Lambda function's networking configuration.
BadRequestException
Description
One or more tags submitted as part of the request is not valid.
Members
ConflictException
Description
A conflict occurred.
Members
Counts
Description
a structure that contains information on the count of resources within a group.
Members
CoverageFilterCriteria
Description
A structure that identifies filter criteria for GetCoverageStatistics.
Members
- accountId
-
- Type: Array of CoverageStringFilter structures
An array of Amazon Web Services account IDs to return coverage statistics for.
- ec2InstanceTags
-
- Type: Array of CoverageMapFilter structures
The Amazon EC2 instance tags to filter on.
- ecrImageTags
-
- Type: Array of CoverageStringFilter structures
The Amazon ECR image tags to filter on.
- ecrRepositoryName
-
- Type: Array of CoverageStringFilter structures
The Amazon ECR repository name to filter on.
- lambdaFunctionName
-
- Type: Array of CoverageStringFilter structures
Returns coverage statistics for AWS Lambda functions filtered by function names.
- lambdaFunctionRuntime
-
- Type: Array of CoverageStringFilter structures
Returns coverage statistics for AWS Lambda functions filtered by runtime.
- lambdaFunctionTags
-
- Type: Array of CoverageMapFilter structures
Returns coverage statistics for AWS Lambda functions filtered by tag.
- resourceId
-
- Type: Array of CoverageStringFilter structures
An array of Amazon Web Services resource IDs to return coverage statistics for.
- resourceType
-
- Type: Array of CoverageStringFilter structures
An array of Amazon Web Services resource types to return coverage statistics for. The values can be
AWS_EC2_INSTANCEorAWS_ECR_REPOSITORY. - scanStatusCode
-
- Type: Array of CoverageStringFilter structures
The scan status code to filter on.
- scanStatusReason
-
- Type: Array of CoverageStringFilter structures
The scan status reason to filter on.
- scanType
-
- Type: Array of CoverageStringFilter structures
An array of Amazon Inspector scan types to return coverage statistics for.
CoverageMapFilter
Description
Contains details of a coverage map filter.
Members
CoverageStringFilter
Description
Contains details of a coverage string filter.
Members
CoveredResource
Description
An object that contains details about a resource covered by Amazon Inspector.
Members
- accountId
-
- Required: Yes
- Type: string
The Amazon Web Services account ID of the covered resource.
- resourceId
-
- Required: Yes
- Type: string
The ID of the covered resource.
- resourceMetadata
-
- Type: ResourceScanMetadata structure
An object that contains details about the metadata.
- resourceType
-
- Required: Yes
- Type: string
The type of the covered resource.
- scanStatus
-
- Type: ScanStatus structure
The status of the scan covering the resource.
- scanType
-
- Required: Yes
- Type: string
The Amazon Inspector scan type covering the resource.
CvssScore
Description
The CVSS score for a finding.
Members
CvssScoreAdjustment
Description
Details on adjustments Amazon Inspector made to the CVSS score for a finding.
Members
CvssScoreDetails
Description
Information about the CVSS score.
Members
- adjustments
-
- Type: Array of CvssScoreAdjustment structures
An object that contains details about adjustment Amazon Inspector made to the CVSS score.
- cvssSource
-
- Type: string
The source of the CVSS data.
- score
-
- Required: Yes
- Type: double
The CVSS score.
- scoreSource
-
- Required: Yes
- Type: string
The source for the CVSS score.
- scoringVector
-
- Required: Yes
- Type: string
The vector for the CVSS score.
- version
-
- Required: Yes
- Type: string
The CVSS version used in scoring.
DateFilter
Description
Contains details on the time range used to filter findings.
Members
DelegatedAdmin
Description
Details of the Amazon Inspector delegated administrator for your organization.
Members
DelegatedAdminAccount
Description
Details of the Amazon Inspector delegated administrator for your organization.
Members
Destination
Description
Contains details of the Amazon S3 bucket and KMS key used to export findings.
Members
Ec2InstanceAggregation
Description
The details that define an aggregation based on Amazon EC2 instances.
Members
- amis
-
- Type: Array of StringFilter structures
The AMI IDs associated with the Amazon EC2 instances to aggregate findings for.
- instanceIds
-
- Type: Array of StringFilter structures
The Amazon EC2 instance IDs to aggregate findings for.
- instanceTags
-
- Type: Array of MapFilter structures
The Amazon EC2 instance tags to aggregate findings for.
- operatingSystems
-
- Type: Array of StringFilter structures
The operating system types to aggregate findings for. Valid values must be uppercase and underscore separated, examples are
ORACLE_LINUX_7andALPINE_LINUX_3_8. - sortBy
-
- Type: string
The value to sort results by.
- sortOrder
-
- Type: string
The order to sort results by.
Ec2InstanceAggregationResponse
Description
A response that contains the results of a finding aggregation by Amazon EC2 instance.
Members
- accountId
-
- Type: string
The Amazon Web Services account for the Amazon EC2 instance.
- ami
-
- Type: string
The Amazon Machine Image (AMI) of the Amazon EC2 instance.
- instanceId
-
- Required: Yes
- Type: string
The Amazon EC2 instance ID.
- instanceTags
-
- Type: Associative array of custom strings keys (MapKey) to strings
The tags attached to the instance.
- networkFindings
-
- Type: long (int|float)
The number of network findings for the Amazon EC2 instance.
- operatingSystem
-
- Type: string
The operating system of the Amazon EC2 instance.
- severityCounts
-
- Type: SeverityCounts structure
An object that contains the count of matched findings per severity.
Ec2Metadata
Description
Meta data details of an Amazon EC2 instance.
Members
EcrConfiguration
Description
Details about the ECR automated re-scan duration setting for your environment.
Members
- rescanDuration
-
- Required: Yes
- Type: string
The ECR automated re-scan duration defines how long an ECR image will be actively scanned by Amazon Inspector. When the number of days since an image was last pushed exceeds the automated re-scan duration the monitoring state of that image becomes
inactiveand all associated findings are scheduled for closure.
EcrConfigurationState
Description
Details about the state of the ECR scans for your environment.
Members
- rescanDurationState
-
- Type: EcrRescanDurationState structure
An object that contains details about the state of the ECR automated re-scan setting.
EcrContainerImageMetadata
Description
Information on the Amazon ECR image metadata associated with a finding.
Members
EcrRepositoryMetadata
Description
Information on the Amazon ECR repository metadata associated with a finding.
Members
EcrRescanDurationState
Description
Details about the state of any changes to the ECR automated re-scan duration setting.
Members
- rescanDuration
-
- Type: string
The ECR automated re-scan duration defines how long an ECR image will be actively scanned by Amazon Inspector. When the number of days since an image was last pushed exceeds the automated re-scan duration the monitoring state of that image becomes
inactiveand all associated findings are scheduled for closure. - status
-
- Type: string
The status of changes to the ECR automated re-scan duration.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
A timestamp representing when the last time the ECR scan duration setting was changed.
ExploitabilityDetails
Description
The details of an exploit available for a finding discovered in your environment.
Members
FailedAccount
Description
An object with details on why an account failed to enable Amazon Inspector.
Members
- accountId
-
- Required: Yes
- Type: string
The Amazon Web Services account ID.
- errorCode
-
- Required: Yes
- Type: string
The error code explaining why the account failed to enable Amazon Inspector.
- errorMessage
-
- Required: Yes
- Type: string
The error message received when the account failed to enable Amazon Inspector.
- resourceStatus
-
- Type: ResourceStatus structure
An object detailing which resources Amazon Inspector is enabled to scan for the account.
- status
-
- Type: string
The status of Amazon Inspector for the account.
Filter
Description
Details about a filter.
Members
- action
-
- Required: Yes
- Type: string
The action that is to be applied to the findings that match the filter.
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Number (ARN) associated with this filter.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time this filter was created at.
- criteria
-
- Required: Yes
- Type: FilterCriteria structure
Details on the filter criteria associated with this filter.
- description
-
- Type: string
A description of the filter.
- name
-
- Required: Yes
- Type: string
The name of the filter.
- ownerId
-
- Required: Yes
- Type: string
The Amazon Web Services account ID of the account that created the filter.
- reason
-
- Type: string
The reason for the filter.
- tags
-
- Type: Associative array of custom strings keys (MapKey) to strings
The tags attached to the filter.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the filter was last updated at.
FilterCriteria
Description
Details on the criteria used to define the filter.
Members
- awsAccountId
-
- Type: Array of StringFilter structures
Details of the Amazon Web Services account IDs used to filter findings.
- componentId
-
- Type: Array of StringFilter structures
Details of the component IDs used to filter findings.
- componentType
-
- Type: Array of StringFilter structures
Details of the component types used to filter findings.
- ec2InstanceImageId
-
- Type: Array of StringFilter structures
Details of the Amazon EC2 instance image IDs used to filter findings.
- ec2InstanceSubnetId
-
- Type: Array of StringFilter structures
Details of the Amazon EC2 instance subnet IDs used to filter findings.
- ec2InstanceVpcId
-
- Type: Array of StringFilter structures
Details of the Amazon EC2 instance VPC IDs used to filter findings.
- ecrImageArchitecture
-
- Type: Array of StringFilter structures
Details of the Amazon ECR image architecture types used to filter findings.
- ecrImageHash
-
- Type: Array of StringFilter structures
Details of the Amazon ECR image hashes used to filter findings.
- ecrImagePushedAt
-
- Type: Array of DateFilter structures
Details on the Amazon ECR image push date and time used to filter findings.
- ecrImageRegistry
-
- Type: Array of StringFilter structures
Details on the Amazon ECR registry used to filter findings.
- ecrImageRepositoryName
-
- Type: Array of StringFilter structures
Details on the name of the Amazon ECR repository used to filter findings.
- ecrImageTags
-
- Type: Array of StringFilter structures
The tags attached to the Amazon ECR container image.
- exploitAvailable
-
- Type: Array of StringFilter structures
Filters the list of AWS Lambda findings by the availability of exploits.
- findingArn
-
- Type: Array of StringFilter structures
Details on the finding ARNs used to filter findings.
- findingStatus
-
- Type: Array of StringFilter structures
Details on the finding status types used to filter findings.
- findingType
-
- Type: Array of StringFilter structures
Details on the finding types used to filter findings.
- firstObservedAt
-
- Type: Array of DateFilter structures
Details on the date and time a finding was first seen used to filter findings.
- fixAvailable
-
- Type: Array of StringFilter structures
Details on whether a fix is available through a version update. This value can be
YES,NO, orPARTIAL. APARTIALfix means that some, but not all, of the packages identified in the finding have fixes available through updated versions. - inspectorScore
-
- Type: Array of NumberFilter structures
The Amazon Inspector score to filter on.
- lambdaFunctionExecutionRoleArn
-
- Type: Array of StringFilter structures
Filters the list of AWS Lambda functions by execution role.
- lambdaFunctionLastModifiedAt
-
- Type: Array of DateFilter structures
Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format
- lambdaFunctionLayers
-
- Type: Array of StringFilter structures
Filters the list of AWS Lambda functions by the function's layers. A Lambda function can have up to five layers.
- lambdaFunctionName
-
- Type: Array of StringFilter structures
Filters the list of AWS Lambda functions by the name of the function.
- lambdaFunctionRuntime
-
- Type: Array of StringFilter structures
Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.
- lastObservedAt
-
- Type: Array of DateFilter structures
Details on the date and time a finding was last seen used to filter findings.
- networkProtocol
-
- Type: Array of StringFilter structures
Details on the ingress source addresses used to filter findings.
- portRange
-
- Type: Array of PortRangeFilter structures
Details on the port ranges used to filter findings.
- relatedVulnerabilities
-
- Type: Array of StringFilter structures
Details on the related vulnerabilities used to filter findings.
- resourceId
-
- Type: Array of StringFilter structures
Details on the resource IDs used to filter findings.
- resourceTags
-
- Type: Array of MapFilter structures
Details on the resource tags used to filter findings.
- resourceType
-
- Type: Array of StringFilter structures
Details on the resource types used to filter findings.
- severity
-
- Type: Array of StringFilter structures
Details on the severity used to filter findings.
- title
-
- Type: Array of StringFilter structures
Details on the finding title used to filter findings.
- updatedAt
-
- Type: Array of DateFilter structures
Details on the date and time a finding was last updated at used to filter findings.
- vendorSeverity
-
- Type: Array of StringFilter structures
Details on the vendor severity used to filter findings.
- vulnerabilityId
-
- Type: Array of StringFilter structures
Details on the vulnerability ID used to filter findings.
- vulnerabilitySource
-
- Type: Array of StringFilter structures
Details on the vulnerability type used to filter findings.
- vulnerablePackages
-
- Type: Array of PackageFilter structures
Details on the vulnerable packages used to filter findings.
Finding
Description
Details about an Amazon Inspector finding.
Members
- awsAccountId
-
- Required: Yes
- Type: string
The Amazon Web Services account ID associated with the finding.
- description
-
- Required: Yes
- Type: string
The description of the finding.
- exploitAvailable
-
- Type: string
If a finding discovered in your environment has an exploit available.
- exploitabilityDetails
-
- Type: ExploitabilityDetails structure
The details of an exploit available for a finding discovered in your environment.
- findingArn
-
- Required: Yes
- Type: string
The Amazon Resource Number (ARN) of the finding.
- firstObservedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time that the finding was first observed.
- fixAvailable
-
- Type: string
Details on whether a fix is available through a version update. This value can be
YES,NO, orPARTIAL. APARTIALfix means that some, but not all, of the packages identified in the finding have fixes available through updated versions. - inspectorScore
-
- Type: double
The Amazon Inspector score given to the finding.
- inspectorScoreDetails
-
- Type: InspectorScoreDetails structure
An object that contains details of the Amazon Inspector score.
- lastObservedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time that the finding was last observed.
- networkReachabilityDetails
-
- Type: NetworkReachabilityDetails structure
An object that contains the details of a network reachability finding.
- packageVulnerabilityDetails
-
- Type: PackageVulnerabilityDetails structure
An object that contains the details of a package vulnerability finding.
- remediation
-
- Required: Yes
- Type: Remediation structure
An object that contains the details about how to remediate a finding.
- resources
-
- Required: Yes
- Type: Array of Resource structures
Contains information on the resources involved in a finding.
- severity
-
- Required: Yes
- Type: string
The severity of the finding.
- status
-
- Required: Yes
- Type: string
The status of the finding.
- title
-
- Type: string
The title of the finding.
- type
-
- Required: Yes
- Type: string
The type of the finding.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the finding was last updated at.
FindingTypeAggregation
Description
The details that define an aggregation based on finding type.
Members
FindingTypeAggregationResponse
Description
A response that contains the results of a finding type aggregation.
Members
- accountId
-
- Type: string
The ID of the Amazon Web Services account associated with the findings.
- severityCounts
-
- Type: SeverityCounts structure
The value to sort results by.
FreeTrialAccountInfo
Description
Information about the Amazon Inspector free trial for an account.
Members
- accountId
-
- Required: Yes
- Type: string
The account associated with the Amazon Inspector free trial information.
- freeTrialInfo
-
- Required: Yes
- Type: Array of FreeTrialInfo structures
Contains information about the Amazon Inspector free trial for an account.
FreeTrialInfo
Description
An object that contains information about the Amazon Inspector free trial for an account.
Members
- end
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time that the Amazon Inspector free trail ends for a given account.
- start
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time that the Amazon Inspector free trail started for a given account.
- status
-
- Required: Yes
- Type: string
The order to sort results by.
- type
-
- Required: Yes
- Type: string
The type of scan covered by the Amazon Inspector free trail.
FreeTrialInfoError
Description
Information about an error received while accessing free trail data for an account.
Members
ImageLayerAggregation
Description
The details that define an aggregation based on container image layers.
Members
- layerHashes
-
- Type: Array of StringFilter structures
The hashes associated with the layers.
- repositories
-
- Type: Array of StringFilter structures
The repository associated with the container image hosting the layers.
- resourceIds
-
- Type: Array of StringFilter structures
The ID of the container image layer.
- sortBy
-
- Type: string
The value to sort results by.
- sortOrder
-
- Type: string
The order to sort results by.
ImageLayerAggregationResponse
Description
A response that contains the results of a finding aggregation by image layer.
Members
- accountId
-
- Required: Yes
- Type: string
The ID of the Amazon Web Services account that owns the container image hosting the layer image.
- layerHash
-
- Required: Yes
- Type: string
The layer hash.
- repository
-
- Required: Yes
- Type: string
The repository the layer resides in.
- resourceId
-
- Required: Yes
- Type: string
The resource ID of the container image layer.
- severityCounts
-
- Type: SeverityCounts structure
An object that represents the count of matched findings per severity.
InspectorScoreDetails
Description
Information about the Amazon Inspector score given to a finding.
Members
- adjustedCvss
-
- Type: CvssScoreDetails structure
An object that contains details about the CVSS score given to a finding.
InternalServerException
Description
The request has failed due to an internal failure of the Amazon Inspector service.
Members
LambdaFunctionAggregation
Description
The details that define a findings aggregation based on AWS Lambda functions.
Members
- functionNames
-
- Type: Array of StringFilter structures
The AWS Lambda function names to include in the aggregation results.
- functionTags
-
- Type: Array of MapFilter structures
The tags to include in the aggregation results.
- resourceIds
-
- Type: Array of StringFilter structures
The resource IDs to include in the aggregation results.
- runtimes
-
- Type: Array of StringFilter structures
Returns findings aggregated by AWS Lambda function runtime environments.
- sortBy
-
- Type: string
The finding severity to use for sorting the results.
- sortOrder
-
- Type: string
The order to use for sorting the results.
LambdaFunctionAggregationResponse
Description
A response that contains the results of an AWS Lambda function finding aggregation.
Members
- accountId
-
- Type: string
The ID of the AWS account that owns the AWS Lambda function.
- functionName
-
- Type: string
The AWS Lambda function names included in the aggregation results.
- lambdaTags
-
- Type: Associative array of custom strings keys (MapKey) to strings
The tags included in the aggregation results.
- lastModifiedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date that the AWS Lambda function included in the aggregation results was last changed.
- resourceId
-
- Required: Yes
- Type: string
The resource IDs included in the aggregation results.
- runtime
-
- Type: string
The runtimes included in the aggregation results.
- severityCounts
-
- Type: SeverityCounts structure
An object that contains the counts of aggregated finding per severity.
LambdaFunctionMetadata
Description
The AWS Lambda function metadata.
Members
- functionName
-
- Type: string
The name of a function.
- functionTags
-
- Type: Associative array of custom strings keys (MapKey) to strings
The resource tags on an AWS Lambda function.
- layers
-
- Type: Array of strings
The layers for an AWS Lambda function. A Lambda function can have up to five layers.
- runtime
-
- Type: string
An AWS Lambda function's runtime.
LambdaLayerAggregation
Description
The details that define a findings aggregation based on an AWS Lambda function's layers.
Members
- functionNames
-
- Type: Array of StringFilter structures
The names of the AWS Lambda functions associated with the layers.
- layerArns
-
- Type: Array of StringFilter structures
The Amazon Resource Name (ARN) of the AWS Lambda function layer.
- resourceIds
-
- Type: Array of StringFilter structures
The resource IDs for the AWS Lambda function layers.
- sortBy
-
- Type: string
The finding severity to use for sorting the results.
- sortOrder
-
- Type: string
The order to use for sorting the results.
LambdaLayerAggregationResponse
Description
A response that contains the results of an AWS Lambda function layer finding aggregation.
Members
- accountId
-
- Required: Yes
- Type: string
The account ID of the AWS Lambda function layer.
- functionName
-
- Required: Yes
- Type: string
The names of the AWS Lambda functions associated with the layers.
- layerArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the AWS Lambda function layer.
- resourceId
-
- Required: Yes
- Type: string
The Resource ID of the AWS Lambda function layer.
- severityCounts
-
- Type: SeverityCounts structure
An object that contains the counts of aggregated finding per severity.
LambdaVpcConfig
Description
The VPC security groups and subnets that are attached to an AWS Lambda function. For more information, see VPC Settings.
Members
- securityGroupIds
-
- Type: Array of strings
The VPC security groups and subnets that are attached to an AWS Lambda function. For more information, see VPC Settings.
- subnetIds
-
- Type: Array of strings
A list of VPC subnet IDs.
- vpcId
-
- Type: string
The ID of the VPC.
MapFilter
Description
An object that describes details of a map filter.
Members
Member
Description
Details on a member account in your organization.
Members
- accountId
-
- Type: string
The Amazon Web Services account ID of the member account.
- delegatedAdminAccountId
-
- Type: string
The Amazon Web Services account ID of the Amazon Inspector delegated administrator for this member account.
- relationshipStatus
-
- Type: string
The status of the member account.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
A timestamp showing when the status of this member was last updated.
NetworkPath
Description
Information on the network path associated with a finding.
Members
- steps
-
- Type: Array of Step structures
The details on the steps in the network path.
NetworkReachabilityDetails
Description
Contains the details of a network reachability finding.
Members
- networkPath
-
- Required: Yes
- Type: NetworkPath structure
An object that contains details about a network path associated with a finding.
- openPortRange
-
- Required: Yes
- Type: PortRange structure
An object that contains details about the open port range associated with a finding.
- protocol
-
- Required: Yes
- Type: string
The protocol associated with a finding.
NumberFilter
Description
An object that describes the details of a number filter.
Members
PackageAggregation
Description
The details that define an aggregation based on operating system package type.
Members
- packageNames
-
- Type: Array of StringFilter structures
The names of packages to aggregate findings on.
- sortBy
-
- Type: string
The value to sort results by.
- sortOrder
-
- Type: string
The order to sort results by.
PackageAggregationResponse
Description
A response that contains the results of a finding aggregation by image layer.
Members
- accountId
-
- Type: string
The ID of the Amazon Web Services account associated with the findings.
- packageName
-
- Required: Yes
- Type: string
The name of the operating system package.
- severityCounts
-
- Type: SeverityCounts structure
An object that contains the count of matched findings per severity.
PackageFilter
Description
Contains information on the details of a package filter.
Members
- architecture
-
- Type: StringFilter structure
An object that contains details on the package architecture type to filter on.
- epoch
-
- Type: NumberFilter structure
An object that contains details on the package epoch to filter on.
- name
-
- Type: StringFilter structure
An object that contains details on the name of the package to filter on.
- release
-
- Type: StringFilter structure
An object that contains details on the package release to filter on.
- sourceLambdaLayerArn
-
- Type: StringFilter structure
An object that describes the details of a string filter.
- sourceLayerHash
-
- Type: StringFilter structure
An object that contains details on the source layer hash to filter on.
- version
-
- Type: StringFilter structure
The package version to filter on.
PackageVulnerabilityDetails
Description
Information about a package vulnerability finding.
Members
- cvss
-
- Type: Array of CvssScore structures
An object that contains details about the CVSS score of a finding.
- referenceUrls
-
- Type: Array of strings
One or more URLs that contain details about this vulnerability type.
- relatedVulnerabilities
-
- Type: Array of strings
One or more vulnerabilities related to the one identified in this finding.
- source
-
- Required: Yes
- Type: string
The source of the vulnerability information.
- sourceUrl
-
- Type: string
A URL to the source of the vulnerability information.
- vendorCreatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time that this vulnerability was first added to the vendor's database.
- vendorSeverity
-
- Type: string
The severity the vendor has given to this vulnerability type.
- vendorUpdatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the vendor last updated this vulnerability in their database.
- vulnerabilityId
-
- Required: Yes
- Type: string
The ID given to this vulnerability.
- vulnerablePackages
-
- Type: Array of VulnerablePackage structures
The packages impacted by this vulnerability.
Permission
Description
Contains information on the permissions an account has within Amazon Inspector.
Members
PortRange
Description
Details about the port range associated with a finding.
Members
PortRangeFilter
Description
An object that describes the details of a port range filter.
Members
Recommendation
Description
Details about the recommended course of action to remediate the finding.
Members
Remediation
Description
Information on how to remediate a finding.
Members
- recommendation
-
- Type: Recommendation structure
An object that contains information about the recommended course of action to remediate the finding.
RepositoryAggregation
Description
The details that define an aggregation based on repository.
Members
- repositories
-
- Type: Array of StringFilter structures
The names of repositories to aggregate findings on.
- sortBy
-
- Type: string
The value to sort results by.
- sortOrder
-
- Type: string
The order to sort results by.
RepositoryAggregationResponse
Description
A response that contains details on the results of a finding aggregation by repository.
Members
- accountId
-
- Type: string
The ID of the Amazon Web Services account associated with the findings.
- affectedImages
-
- Type: long (int|float)
The number of container images impacted by the findings.
- repository
-
- Required: Yes
- Type: string
The name of the repository associated with the findings.
- severityCounts
-
- Type: SeverityCounts structure
An object that represent the count of matched findings per severity.
Resource
Description
Details about the resource involved in a finding.
Members
- details
-
- Type: ResourceDetails structure
An object that contains details about the resource involved in a finding.
- id
-
- Required: Yes
- Type: string
The ID of the resource.
- partition
-
- Type: string
The partition of the resource.
- region
-
- Type: string
The Amazon Web Services Region the impacted resource is located in.
- tags
-
- Type: Associative array of custom strings keys (MapKey) to strings
The tags attached to the resource.
- type
-
- Required: Yes
- Type: string
The type of resource.
ResourceDetails
Description
Contains details about the resource involved in the finding.
Members
- awsEc2Instance
-
- Type: AwsEc2InstanceDetails structure
An object that contains details about the Amazon EC2 instance involved in the finding.
- awsEcrContainerImage
-
- Type: AwsEcrContainerImageDetails structure
An object that contains details about the Amazon ECR container image involved in the finding.
- awsLambdaFunction
-
- Type: AwsLambdaFunctionDetails structure
A summary of the information about an AWS Lambda function affected by a finding.
ResourceNotFoundException
Description
The operation tried to access an invalid resource. Make sure the resource is specified correctly.
Members
ResourceScanMetadata
Description
An object that contains details about the metadata for an Amazon ECR resource.
Members
- ec2
-
- Type: Ec2Metadata structure
An object that contains metadata details for an Amazon EC2 instance.
- ecrImage
-
- Type: EcrContainerImageMetadata structure
An object that contains details about the container metadata for an Amazon ECR image.
- ecrRepository
-
- Type: EcrRepositoryMetadata structure
An object that contains details about the repository an Amazon ECR image resides in.
- lambdaFunction
-
- Type: LambdaFunctionMetadata structure
An object that contains metadata details for an AWS Lambda function.
ResourceState
Description
Details the state of Amazon Inspector for each resource type Amazon Inspector scans.
Members
- ec2
-
- Required: Yes
- Type: State structure
An object detailing the state of Amazon Inspector scanning for Amazon EC2 resources.
- ecr
-
- Required: Yes
- Type: State structure
An object detailing the state of Amazon Inspector scanning for Amazon ECR resources.
- lambda
-
- Type: State structure
An object that described the state of Amazon Inspector scans for an account.
ResourceStatus
Description
Details the status of Amazon Inspector for each resource type Amazon Inspector scans.
Members
ScanStatus
Description
The status of the scan.
Members
ServiceQuotaExceededException
Description
You have exceeded your service quota. To perform the requested action, remove some of the relevant resources, or use Service Quotas to request a service quota increase.
Members
SeverityCounts
Description
An object that contains the counts of aggregated finding per severity.
Members
- all
-
- Type: long (int|float)
The total count of findings from all severities.
- critical
-
- Type: long (int|float)
The total count of critical severity findings.
- high
-
- Type: long (int|float)
The total count of high severity findings.
- medium
-
- Type: long (int|float)
The total count of medium severity findings.
SortCriteria
Description
Details about the criteria used to sort finding results.
Members
State
Description
An object that described the state of Amazon Inspector scans for an account.
Members
- errorCode
-
- Required: Yes
- Type: string
The error code explaining why the account failed to enable Amazon Inspector.
- errorMessage
-
- Required: Yes
- Type: string
The error message received when the account failed to enable Amazon Inspector.
- status
-
- Required: Yes
- Type: string
The status of Amazon Inspector for the account.
Step
Description
Details about the step associated with a finding.
Members
StringFilter
Description
An object that describes the details of a string filter.
Members
ThrottlingException
Description
The limit on the number of requests per second was exceeded.
Members
TitleAggregation
Description
The details that define an aggregation based on finding title.
Members
- resourceType
-
- Type: string
The resource type to aggregate on.
- sortBy
-
- Type: string
The value to sort results by.
- sortOrder
-
- Type: string
The order to sort results by.
- titles
-
- Type: Array of StringFilter structures
The finding titles to aggregate on.
- vulnerabilityIds
-
- Type: Array of StringFilter structures
The vulnerability IDs of the findings.
TitleAggregationResponse
Description
A response that contains details on the results of a finding aggregation by title.
Members
- accountId
-
- Type: string
The ID of the Amazon Web Services account associated with the findings.
- severityCounts
-
- Type: SeverityCounts structure
An object that represent the count of matched findings per severity.
- title
-
- Required: Yes
- Type: string
The title that the findings were aggregated on.
- vulnerabilityId
-
- Type: string
The vulnerability ID of the finding.
Usage
Description
Contains usage information about the cost of Amazon Inspector operation.
Members
UsageTotal
Description
The total of usage for an account ID.
Members
- accountId
-
- Type: string
The account ID of the account that usage data was retrieved for.
- usage
-
- Type: Array of Usage structures
An object representing the total usage for an account.
ValidationException
Description
The request has failed validation due to missing required fields or having invalid inputs.
Members
- fields
-
- Type: Array of ValidationExceptionField structures
The fields that failed validation.
- message
-
- Required: Yes
- Type: string
- reason
-
- Required: Yes
- Type: string
The reason for the validation failure.
ValidationExceptionField
Description
An object that describes a validation exception.
Members
VulnerablePackage
Description
Information on the vulnerable package identified by a finding.
Members
- arch
-
- Type: string
The architecture of the vulnerable package.
- epoch
-
- Type: int
The epoch of the vulnerable package.
- filePath
-
- Type: string
The file path of the vulnerable package.
- fixedInVersion
-
- Type: string
The version of the package that contains the vulnerability fix.
- name
-
- Required: Yes
- Type: string
The name of the vulnerable package.
- packageManager
-
- Type: string
The package manager of the vulnerable package.
- release
-
- Type: string
The release of the vulnerable package.
- remediation
-
- Type: string
The code to run in your environment to update packages with a fix available.
- sourceLambdaLayerArn
-
- Type: string
The Amazon Resource Number (ARN) of the AWS Lambda function affected by a finding.
- sourceLayerHash
-
- Type: string
The source layer hash of the vulnerable package.
- version
-
- Required: Yes
- Type: string
The version of the vulnerable package.