Findings Filters
The Findings Filters resource represents the repository of filters that you create and save to review, analyze, and manage findings. A findings filter, also referred to as a filter, is a set of criteria that specifies which findings to include in the results of a query for findings. A findings filter can also perform specific actions on findings that match the filter's criteria. For example, you can configure a filter to suppress (automatically archive) findings that match the filter's criteria. For more information about creating and using filters, see Filtering findings in the Amazon Macie User Guide.
You can use the Findings Filters resource to create a new filter or retrieve information about all the existing filters for your Amazon Macie account. To update, delete, or retrieve detailed information about an individual filter, use the Findings Filter resource.
URI
/findingsfilters
HTTP methods
GET
Operation ID: ListFindingsFilters
Retrieves a subset of information about all the findings filters for an account.
Query parameters | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Name | Type | Required | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
nextToken | String | False | The | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
maxResults | String | False | The maximum number of items to include in each page of a paginated response. |
Responses | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Status code | Response model | Description | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
200 | ListFindingsFiltersResponse | The request succeeded. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
400 | ValidationException | The request failed because the input doesn't satisfy the constraints specified by the service. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
402 | ServiceQuotaExceededException | The request failed because fulfilling the request would exceed one or more service quotas for your account. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
403 | AccessDeniedException | The request was denied because you don't have sufficient access to the specified resource. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
404 | ResourceNotFoundException | The request failed because the specified resource wasn't found. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
409 | ConflictException | The request failed because it conflicts with the current state of the specified resource. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
429 | ThrottlingException | The request failed because you sent too many requests during a certain amount of time. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
500 | InternalServerException | The request failed due to an unknown internal server error, exception, or failure. |
POST
Operation ID: CreateFindingsFilter
Creates and defines the criteria and other settings for a findings filter.
Responses | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Status code | Response model | Description | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
200 | CreateFindingsFilterResponse | The request succeeded. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
400 | ValidationException | The request failed because the input doesn't satisfy the constraints specified by the service. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
402 | ServiceQuotaExceededException | The request failed because fulfilling the request would exceed one or more service quotas for your account. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
403 | AccessDeniedException | The request was denied because you don't have sufficient access to the specified resource. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
404 | ResourceNotFoundException | The request failed because the specified resource wasn't found. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
409 | ConflictException | The request failed because it conflicts with the current state of the specified resource. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
429 | ThrottlingException | The request failed because you sent too many requests during a certain amount of time. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
500 | InternalServerException | The request failed due to an unknown internal server error, exception, or failure. |
Schemas
Request bodies
{ "action": enum, "clientToken": "string", "description": "string", "findingCriteria": { "criterion": { } }, "name": "string", "position": integer, "tags": { } }
Response bodies
{ "findingsFilterListItems": [ { "action": enum, "arn": "string", "id": "string", "name": "string", "tags": { } } ], "nextToken": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
Properties
AccessDeniedException
Provides information about an error that occurred due to insufficient access to a specified resource.
Property | Type | Required | Description |
---|---|---|---|
message | string | False | The explanation of the error that occurred. |
ConflictException
Provides information about an error that occurred due to a versioning conflict for a specified resource.
Property | Type | Required | Description |
---|---|---|---|
message | string | False | The explanation of the error that occurred. |
CreateFindingsFilterRequest
Specifies the criteria and other settings for a new findings filter.
Property | Type | Required | Description |
---|---|---|---|
action | True | The action to perform on findings that match the filter criteria
( | |
clientToken | string | False | A unique, case-sensitive token that you provide to ensure the idempotency of the request. |
description | string | False | A custom description of the filter. The description can contain as many as 512 characters. We strongly recommend that you avoid including any sensitive data in the description of a filter. Other users of your account might be able to see this description, depending on the actions that they're allowed to perform in Amazon Macie. |
findingCriteria | True | The criteria to use to filter findings. | |
name | string | True | A custom name for the filter. The name must contain at least 3 characters and can contain as many as 64 characters. We strongly recommend that you avoid including any sensitive data in the name of a filter. Other users of your account might be able to see this name, depending on the actions that they're allowed to perform in Amazon Macie. |
position | integer Format: int32 | False | The position of the filter in the list of saved filters on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to the findings. |
tags | False | A map of key-value pairs that specifies the tags to associate with the filter. A findings filter can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters. |
CreateFindingsFilterResponse
Provides information about a findings filter that was created in response to a request.
Property | Type | Required | Description |
---|---|---|---|
arn | string | False | The Amazon Resource Name (ARN) of the filter that was created. |
id | string | False | The unique identifier for the filter that was created. |
Criterion
Specifies a condition that defines a property, operator, and one or more values to filter the results of a query for findings. The number of values depends on the property and operator specified by the condition. For information about defining filter conditions, see Fundamentals of filtering findings in the Amazon Macie User Guide.
Property | Type | Required | Description |
---|---|---|---|
| object | False |
CriterionAdditionalProperties
Specifies the operator to use in a property-based condition that filters the results of a query for findings. For detailed information and examples of each operator, see Fundamentals of filtering findings in the Amazon Macie User Guide.
Property | Type | Required | Description |
---|---|---|---|
eq | Array of type string | False | The value for the property matches (equals) the specified value. If you specify multiple values, Macie uses OR logic to join the values. |
eqExactMatch | Array of type string | False | The value for the property exclusively matches (equals an exact match for) all the specified values. If you specify multiple values, Amazon Macie uses AND logic to join the values. You can use this operator with the following properties:
|
gt | integer Format: int64 | False | The value for the property is greater than the specified value. |
gte | integer Format: int64 | False | The value for the property is greater than or equal to the specified value. |
lt | integer Format: int64 | False | The value for the property is less than the specified value. |
lte | integer Format: int64 | False | The value for the property is less than or equal to the specified value. |
neq | Array of type string | False | The value for the property doesn't match (doesn't equal) the specified value. If you specify multiple values, Macie uses OR logic to join the values. |
FindingCriteria
Specifies, as a map, one or more property-based conditions that filter the results of a query for findings.
Property | Type | Required | Description |
---|---|---|---|
criterion | False | A condition that specifies the property, operator, and one or more values to use to filter the results. |
FindingsFilterAction
The action to perform on findings that match the filter criteria. To suppress
(automatically archive) findings that match the criteria, set this value to
ARCHIVE
. Valid values are:
ARCHIVE
NOOP
FindingsFilterListItem
Provides information about a findings filter.
Property | Type | Required | Description |
---|---|---|---|
action | False | The action that's performed on findings that match the filter criteria. Possible
values are: | |
arn | string | False | The Amazon Resource Name (ARN) of the filter. |
id | string | False | The unique identifier for the filter. |
name | string | False | The custom name of the filter. |
tags | False | A map of key-value pairs that specifies which tags (keys and values) are associated with the filter. |
InternalServerException
Provides information about an error that occurred due to an unknown internal server error, exception, or failure.
Property | Type | Required | Description |
---|---|---|---|
message | string | False | The explanation of the error that occurred. |
ListFindingsFiltersResponse
Provides information about all the findings filters for an account.
Property | Type | Required | Description |
---|---|---|---|
findingsFilterListItems | Array of type FindingsFilterListItem | False | An array of objects, one for each filter that's associated with the account. |
nextToken | string | False | The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages. |
ResourceNotFoundException
Provides information about an error that occurred because a specified resource wasn't found.
Property | Type | Required | Description |
---|---|---|---|
message | string | False | The explanation of the error that occurred. |
ServiceQuotaExceededException
Provides information about an error that occurred due to one or more service quotas for an account.
Property | Type | Required | Description |
---|---|---|---|
message | string | False | The explanation of the error that occurred. |
TagMap
A string-to-string map of key-value pairs that specifies the tags (keys and values) for an Amazon Macie resource.
Property | Type | Required | Description |
---|---|---|---|
| string | False |
ThrottlingException
Provides information about an error that occurred because too many requests were sent during a certain amount of time.
Property | Type | Required | Description |
---|---|---|---|
message | string | False | The explanation of the error that occurred. |
ValidationException
Provides information about an error that occurred due to a syntax error in a request.
Property | Type | Required | Description |
---|---|---|---|
message | string | False | The explanation of the error that occurred. |
See also
For more information about using this API in one of the language-specific AWS SDKs and references, see the following: