CreateAuditSuppression - AWS IoT


Creates a Device Defender audit suppression.

Requires permission to access the CreateAuditSuppression action.

Request Syntax

POST /audit/suppressions/create HTTP/1.1 Content-type: application/json { "checkName": "string", "clientRequestToken": "string", "description": "string", "expirationDate": number, "resourceIdentifier": { "account": "string", "caCertificateId": "string", "clientId": "string", "cognitoIdentityPoolId": "string", "deviceCertificateArn": "string", "deviceCertificateId": "string", "iamRoleArn": "string", "issuerCertificateIdentifier": { "issuerCertificateSerialNumber": "string", "issuerCertificateSubject": "string", "issuerId": "string" }, "policyVersionIdentifier": { "policyName": "string", "policyVersionId": "string" }, "roleAliasArn": "string" }, "suppressIndefinitely": boolean }

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.


An audit check name. Checks must be enabled for your account. (Use DescribeAccountAuditConfiguration to see the list of all checks, including those that are enabled or use UpdateAccountAuditConfiguration to select which checks are enabled.)

Type: String

Required: Yes


Each audit supression must have a unique client request token. If you try to create a new audit suppression with the same token as one that already exists, an exception occurs. If you omit this value, AWS SDKs will automatically generate a unique client request.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: ^[a-zA-Z0-9-_]+$

Required: Yes


The description of the audit suppression.

Type: String

Length Constraints: Maximum length of 1000.

Pattern: [\p{Graph}\x20]*

Required: No


The epoch timestamp in seconds at which this suppression expires.

Type: Timestamp

Required: No


Information that identifies the noncompliant resource.

Type: ResourceIdentifier object

Required: Yes


Indicates whether a suppression should exist indefinitely or not.

Type: Boolean

Required: No

Response Syntax

HTTP/1.1 200

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.



An unexpected error has occurred.

HTTP Status Code: 500


The request is not valid.

HTTP Status Code: 400


A limit has been exceeded.

HTTP Status Code: 410


The resource already exists.

HTTP Status Code: 409


The rate exceeds the limit.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: