CreateApp - AWS Resilience Hub


Creates an AWS Resilience Hub application. An AWS Resilience Hub application is a collection of AWS resources structured to prevent and recover AWS application disruptions. To describe a AWS Resilience Hub application, you provide an application name, resources from one or more AWS CloudFormation stacks, AWS Resource Groups, Terraform state files, AppRegistry applications, and an appropriate resiliency policy. In addition, you can also add resources that are located on Amazon Elastic Kubernetes Service (Amazon EKS) clusters as optional resources. For more information about the number of resources supported per application, see Service quotas.

After you create an AWS Resilience Hub application, you publish it so that you can run a resiliency assessment on it. You can then use recommendations from the assessment to improve resiliency by running another assessment, comparing results, and then iterating the process until you achieve your goals for recovery time objective (RTO) and recovery point objective (RPO).

Request Syntax

POST /create-app HTTP/1.1 Content-type: application/json { "assessmentSchedule": "string", "clientToken": "string", "description": "string", "eventSubscriptions": [ { "eventType": "string", "name": "string", "snsTopicArn": "string" } ], "name": "string", "permissionModel": { "crossAccountRoleArns": [ "string" ], "invokerRoleName": "string", "type": "string" }, "policyArn": "string", "tags": { "string" : "string" } }

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.


Assessment execution schedule with 'Daily' or 'Disabled' values.

Type: String

Valid Values: Disabled | Daily

Required: No


Used for an idempotency token. A client token is a unique, case-sensitive string of up to 64 ASCII characters. You should not reuse the same client token for other API requests.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 63.

Pattern: ^[A-za-z0-9_.-]{0,63}$

Required: No


The optional description for an app.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 500.

Required: No


The list of events you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports only Drift detected and Scheduled assessment failure events notification.

Type: Array of EventSubscription objects

Array Members: Minimum number of 0 items. Maximum number of 10 items.

Required: No


Name of the application.

Type: String

Pattern: ^[A-Za-z0-9][A-Za-z0-9_\-]{1,59}$

Required: Yes


Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment.

Type: PermissionModel object

Required: No


Amazon Resource Name (ARN) of the resiliency policy. The format for this ARN is: arn:partition:resiliencehub:region:account:resiliency-policy/policy-id. For more information about ARNs, see Amazon Resource Names (ARNs) in the AWS General Reference guide.

Type: String

Pattern: ^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9/][A-Za-z0-9:_/+.-]{0,1023}$

Required: No


Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.

Type: String to string map

Map Entries: Maximum number of 50 items.

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Key Pattern: ^[^\x00-\x1f\x22]+$

Value Length Constraints: Minimum length of 0. Maximum length of 256.

Value Pattern: ^[^\x00-\x1f\x22]*$

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "app": { "appArn": "string", "assessmentSchedule": "string", "complianceStatus": "string", "creationTime": number, "description": "string", "driftStatus": "string", "eventSubscriptions": [ { "eventType": "string", "name": "string", "snsTopicArn": "string" } ], "lastAppComplianceEvaluationTime": number, "lastDriftEvaluationTime": number, "lastResiliencyScoreEvaluationTime": number, "name": "string", "permissionModel": { "crossAccountRoleArns": [ "string" ], "invokerRoleName": "string", "type": "string" }, "policyArn": "string", "resiliencyScore": number, "rpoInSecs": number, "rtoInSecs": number, "status": "string", "tags": { "string" : "string" } } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


The created application returned as an object with details including compliance status, creation time, description, resiliency score, and more.

Type: App object


For information about the errors that are common to all actions, see Common Errors.


You don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions.

HTTP Status Code: 403


This exception occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

HTTP Status Code: 409


This exception occurs when there is an internal failure in the AWS Resilience Hub service.

HTTP Status Code: 500


This exception occurs when the specified resource could not be found.

HTTP Status Code: 404


This exception occurs when you have exceeded your service quota. To perform the requested action, remove some of the relevant resources, or use Service Quotas to request a service quota increase.

HTTP Status Code: 402


This exception occurs when you have exceeded the limit on the number of requests per second.

HTTP Status Code: 429


This exception occurs when a request is not valid.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: