Class: AWS.Inspector
- Inherits:
-
AWS.Service
- Object
- AWS.Service
- AWS.Inspector
- Identifier:
- inspector
- API Version:
- 2016-02-16
- Defined in:
- (unknown)
Overview
Constructs a service interface object. Each API operation is exposed as a function on service.
Service Description
Amazon Inspector enables you to analyze the behavior of your AWS resources and to identify potential security issues. For more information, see Amazon Inspector User Guide.
Sending a Request Using Inspector
var inspector = new AWS.Inspector();
inspector.createAssessmentTarget(params, function (err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Locking the API Version
In order to ensure that the Inspector object uses this specific API, you can
construct the object by passing the apiVersion
option to the constructor:
var inspector = new AWS.Inspector({apiVersion: '2016-02-16'});
You can also set the API version globally in AWS.config.apiVersions
using
the inspector service identifier:
AWS.config.apiVersions = {
inspector: '2016-02-16',
// other service API versions
};
var inspector = new AWS.Inspector();
Version:
-
2016-02-16
Constructor Summary collapse
-
new AWS.Inspector(options = {}) ⇒ Object
constructor
Constructs a service object.
Property Summary collapse
-
endpoint ⇒ AWS.Endpoint
readwrite
An Endpoint object representing the endpoint URL for service requests.
Properties inherited from AWS.Service
Method Summary collapse
-
addAttributesToFindings(params = {}, callback) ⇒ AWS.Request
Assigns attributes (key and value pairs) to the findings that are specified by the ARNs of the findings.
.
-
createAssessmentTarget(params = {}, callback) ⇒ AWS.Request
Creates a new assessment target using the ARN of the resource group that is generated by CreateResourceGroup.
-
createAssessmentTemplate(params = {}, callback) ⇒ AWS.Request
Creates an assessment template for the assessment target that is specified by the ARN of the assessment target.
-
createExclusionsPreview(params = {}, callback) ⇒ AWS.Request
Starts the generation of an exclusions preview for the specified assessment template.
-
createResourceGroup(params = {}, callback) ⇒ AWS.Request
Creates a resource group using the specified set of tags (key and value pairs) that are used to select the EC2 instances to be included in an Amazon Inspector assessment target.
-
deleteAssessmentRun(params = {}, callback) ⇒ AWS.Request
Deletes the assessment run that is specified by the ARN of the assessment run.
.
-
deleteAssessmentTarget(params = {}, callback) ⇒ AWS.Request
Deletes the assessment target that is specified by the ARN of the assessment target.
.
-
deleteAssessmentTemplate(params = {}, callback) ⇒ AWS.Request
Deletes the assessment template that is specified by the ARN of the assessment template.
.
-
describeAssessmentRuns(params = {}, callback) ⇒ AWS.Request
Describes the assessment runs that are specified by the ARNs of the assessment runs.
.
-
describeAssessmentTargets(params = {}, callback) ⇒ AWS.Request
Describes the assessment targets that are specified by the ARNs of the assessment targets.
.
-
describeAssessmentTemplates(params = {}, callback) ⇒ AWS.Request
Describes the assessment templates that are specified by the ARNs of the assessment templates.
.
-
describeCrossAccountAccessRole(params = {}, callback) ⇒ AWS.Request
Describes the IAM role that enables Amazon Inspector to access your AWS account.
.
-
describeExclusions(params = {}, callback) ⇒ AWS.Request
Describes the exclusions that are specified by the exclusions' ARNs.
.
-
describeFindings(params = {}, callback) ⇒ AWS.Request
Describes the findings that are specified by the ARNs of the findings.
.
-
describeResourceGroups(params = {}, callback) ⇒ AWS.Request
Describes the resource groups that are specified by the ARNs of the resource groups.
.
-
describeRulesPackages(params = {}, callback) ⇒ AWS.Request
Describes the rules packages that are specified by the ARNs of the rules packages.
.
-
getAssessmentReport(params = {}, callback) ⇒ AWS.Request
Produces an assessment report that includes detailed and comprehensive results of a specified assessment run.
-
getExclusionsPreview(params = {}, callback) ⇒ AWS.Request
Retrieves the exclusions preview (a list of ExclusionPreview objects) specified by the preview token.
-
getTelemetryMetadata(params = {}, callback) ⇒ AWS.Request
Information about the data that is collected for the specified assessment run.
.
-
listAssessmentRunAgents(params = {}, callback) ⇒ AWS.Request
Lists the agents of the assessment runs that are specified by the ARNs of the assessment runs.
.
-
listAssessmentRuns(params = {}, callback) ⇒ AWS.Request
Lists the assessment runs that correspond to the assessment templates that are specified by the ARNs of the assessment templates.
.
-
listAssessmentTargets(params = {}, callback) ⇒ AWS.Request
Lists the ARNs of the assessment targets within this AWS account.
-
listAssessmentTemplates(params = {}, callback) ⇒ AWS.Request
Lists the assessment templates that correspond to the assessment targets that are specified by the ARNs of the assessment targets.
.
-
listEventSubscriptions(params = {}, callback) ⇒ AWS.Request
Lists all the event subscriptions for the assessment template that is specified by the ARN of the assessment template.
-
listExclusions(params = {}, callback) ⇒ AWS.Request
List exclusions that are generated by the assessment run.
.
-
listFindings(params = {}, callback) ⇒ AWS.Request
Lists findings that are generated by the assessment runs that are specified by the ARNs of the assessment runs.
.
-
listRulesPackages(params = {}, callback) ⇒ AWS.Request
Lists all available Amazon Inspector rules packages.
.
-
listTagsForResource(params = {}, callback) ⇒ AWS.Request
Lists all tags associated with an assessment template.
.
-
previewAgents(params = {}, callback) ⇒ AWS.Request
Previews the agents installed on the EC2 instances that are part of the specified assessment target.
.
-
registerCrossAccountAccessRole(params = {}, callback) ⇒ AWS.Request
Registers the IAM role that grants Amazon Inspector access to AWS Services needed to perform security assessments.
.
-
removeAttributesFromFindings(params = {}, callback) ⇒ AWS.Request
Removes entire attributes (key and value pairs) from the findings that are specified by the ARNs of the findings where an attribute with the specified key exists.
.
-
setTagsForResource(params = {}, callback) ⇒ AWS.Request
Sets tags (key and value pairs) to the assessment template that is specified by the ARN of the assessment template.
.
-
startAssessmentRun(params = {}, callback) ⇒ AWS.Request
Starts the assessment run specified by the ARN of the assessment template.
-
stopAssessmentRun(params = {}, callback) ⇒ AWS.Request
Stops the assessment run that is specified by the ARN of the assessment run.
.
-
subscribeToEvent(params = {}, callback) ⇒ AWS.Request
Enables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic.
.
-
unsubscribeFromEvent(params = {}, callback) ⇒ AWS.Request
Disables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic.
.
-
updateAssessmentTarget(params = {}, callback) ⇒ AWS.Request
Updates the assessment target that is specified by the ARN of the assessment target.
If resourceGroupArn is not specified, all EC2 instances in the current AWS account and region are included in the assessment target.
.
Methods inherited from AWS.Service
makeRequest, makeUnauthenticatedRequest, waitFor, setupRequestListeners, defineService
Constructor Details
new AWS.Inspector(options = {}) ⇒ Object
Constructs a service object. This object has one method for each API operation.
Examples:
Constructing a Inspector object
var inspector = new AWS.Inspector({apiVersion: '2016-02-16'});
Options Hash (options):
-
params
(map)
—
An optional map of parameters to bind to every request sent by this service object. For more information on bound parameters, see "Working with Services" in the Getting Started Guide.
-
endpoint
(String|AWS.Endpoint)
—
The endpoint URI to send requests to. The default endpoint is built from the configured
region
. The endpoint should be a string like'https://{service}.{region}.amazonaws.com'
or an Endpoint object. -
accessKeyId
(String)
—
your AWS access key ID.
-
secretAccessKey
(String)
—
your AWS secret access key.
-
sessionToken
(AWS.Credentials)
—
the optional AWS session token to sign requests with.
-
credentials
(AWS.Credentials)
—
the AWS credentials to sign requests with. You can either specify this object, or specify the accessKeyId and secretAccessKey options directly.
-
credentialProvider
(AWS.CredentialProviderChain)
—
the provider chain used to resolve credentials if no static
credentials
property is set. -
region
(String)
—
the region to send service requests to. See AWS.Inspector.region for more information.
-
maxRetries
(Integer)
—
the maximum amount of retries to attempt with a request. See AWS.Inspector.maxRetries for more information.
-
maxRedirects
(Integer)
—
the maximum amount of redirects to follow with a request. See AWS.Inspector.maxRedirects for more information.
-
sslEnabled
(Boolean)
—
whether to enable SSL for requests.
-
paramValidation
(Boolean|map)
—
whether input parameters should be validated against the operation description before sending the request. Defaults to true. Pass a map to enable any of the following specific validation features:
- min [Boolean] — Validates that a value meets the min
constraint. This is enabled by default when paramValidation is set
to
true
. - max [Boolean] — Validates that a value meets the max constraint.
- pattern [Boolean] — Validates that a string value matches a regular expression.
- enum [Boolean] — Validates that a string value matches one of the allowable enum values.
- min [Boolean] — Validates that a value meets the min
constraint. This is enabled by default when paramValidation is set
to
-
computeChecksums
(Boolean)
—
whether to compute checksums for payload bodies when the service accepts it (currently supported in S3 only)
-
convertResponseTypes
(Boolean)
—
whether types are converted when parsing response data. Currently only supported for JSON based services. Turning this off may improve performance on large response payloads. Defaults to
true
. -
correctClockSkew
(Boolean)
—
whether to apply a clock skew correction and retry requests that fail because of an skewed client clock. Defaults to
false
. -
s3ForcePathStyle
(Boolean)
—
whether to force path style URLs for S3 objects.
-
s3BucketEndpoint
(Boolean)
—
whether the provided endpoint addresses an individual bucket (false if it addresses the root API endpoint). Note that setting this configuration option requires an
endpoint
to be provided explicitly to the service constructor. -
s3DisableBodySigning
(Boolean)
—
whether S3 body signing should be disabled when using signature version
v4
. Body signing can only be disabled when using https. Defaults totrue
. -
s3UsEast1RegionalEndpoint
('legacy'|'regional')
—
when region is set to 'us-east-1', whether to send s3 request to global endpoints or 'us-east-1' regional endpoints. This config is only applicable to S3 client. Defaults to
legacy
-
s3UseArnRegion
(Boolean)
—
whether to override the request region with the region inferred from requested resource's ARN. Only available for S3 buckets Defaults to
true
-
retryDelayOptions
(map)
—
A set of options to configure the retry delay on retryable errors. Currently supported options are:
- base [Integer] — The base number of milliseconds to use in the exponential backoff for operation retries. Defaults to 100 ms for all services except DynamoDB, where it defaults to 50ms.
- customBackoff [function] — A custom function that accepts a
retry count and error and returns the amount of time to delay in
milliseconds. If the result is a non-zero negative value, no further
retry attempts will be made. The
base
option will be ignored if this option is supplied. The function is only called for retryable errors.
-
httpOptions
(map)
—
A set of options to pass to the low-level HTTP request. Currently supported options are:
- proxy [String] — the URL to proxy requests through
- agent [http.Agent, https.Agent] — the Agent object to perform
HTTP requests with. Used for connection pooling. Defaults to the global
agent (
http.globalAgent
) for non-SSL connections. Note that for SSL connections, a special Agent object is used in order to enable peer certificate verification. This feature is only available in the Node.js environment. - connectTimeout [Integer] — Sets the socket to timeout after
failing to establish a connection with the server after
connectTimeout
milliseconds. This timeout has no effect once a socket connection has been established. - timeout [Integer] — Sets the socket to timeout after timeout milliseconds of inactivity on the socket. Defaults to two minutes (120000).
- xhrAsync [Boolean] — Whether the SDK will send asynchronous HTTP requests. Used in the browser environment only. Set to false to send requests synchronously. Defaults to true (async on).
- xhrWithCredentials [Boolean] — Sets the "withCredentials" property of an XMLHttpRequest object. Used in the browser environment only. Defaults to false.
-
apiVersion
(String, Date)
—
a String in YYYY-MM-DD format (or a date) that represents the latest possible API version that can be used in all services (unless overridden by
apiVersions
). Specify 'latest' to use the latest possible version. -
apiVersions
(map<String, String|Date>)
—
a map of service identifiers (the lowercase service class name) with the API version to use when instantiating a service. Specify 'latest' for each individual that can use the latest available version.
-
logger
(#write, #log)
—
an object that responds to .write() (like a stream) or .log() (like the console object) in order to log information about requests
-
systemClockOffset
(Number)
—
an offset value in milliseconds to apply to all signing times. Use this to compensate for clock skew when your system may be out of sync with the service time. Note that this configuration option can only be applied to the global
AWS.config
object and cannot be overridden in service-specific configuration. Defaults to 0 milliseconds. -
signatureVersion
(String)
—
the signature version to sign requests with (overriding the API configuration). Possible values are: 'v2', 'v3', 'v4'.
-
signatureCache
(Boolean)
—
whether the signature to sign requests with (overriding the API configuration) is cached. Only applies to the signature version 'v4'. Defaults to
true
. -
dynamoDbCrc32
(Boolean)
—
whether to validate the CRC32 checksum of HTTP response bodies returned by DynamoDB. Default:
true
. -
useAccelerateEndpoint
(Boolean)
—
Whether to use the S3 Transfer Acceleration endpoint with the S3 service. Default:
false
. -
clientSideMonitoring
(Boolean)
—
whether to collect and publish this client's performance metrics of all its API requests.
-
endpointDiscoveryEnabled
(Boolean|undefined)
—
whether to call operations with endpoints given by service dynamically. Setting this
-
endpointCacheSize
(Number)
—
the size of the global cache storing endpoints from endpoint discovery operations. Once endpoint cache is created, updating this setting cannot change existing cache size. Defaults to 1000
-
hostPrefixEnabled
(Boolean)
—
whether to marshal request parameters to the prefix of hostname. Defaults to
true
. -
stsRegionalEndpoints
('legacy'|'regional')
—
whether to send sts request to global endpoints or regional endpoints. Defaults to 'legacy'.
-
useFipsEndpoint
(Boolean)
—
Enables FIPS compatible endpoints. Defaults to
false
. -
useDualstackEndpoint
(Boolean)
—
Enables IPv6 dualstack endpoint. Defaults to
false
.
Property Details
Method Details
addAttributesToFindings(params = {}, callback) ⇒ AWS.Request
Assigns attributes (key and value pairs) to the findings that are specified by the ARNs of the findings.
Service Reference:
Examples:
Add attributes to findings
/* Assigns attributes (key and value pairs) to the findings that are specified by the ARNs of the findings. */
var params = {
attributes: [
{
key: "Example",
value: "example"
}
],
findingArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-8l1VIE0D/run/0-Z02cjjug/finding/0-T8yM9mEU"
]
};
inspector.addAttributesToFindings(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
failedItems: {
}
}
*/
});
Calling the addAttributesToFindings operation
var params = {
attributes: [ /* required */
{
key: 'STRING_VALUE', /* required */
value: 'STRING_VALUE'
},
/* more items */
],
findingArns: [ /* required */
'STRING_VALUE',
/* more items */
]
};
inspector.addAttributesToFindings(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
findingArns
— (Array<String>
)The ARNs that specify the findings that you want to assign attributes to.
attributes
— (Array<map>
)The array of attributes that you want to assign to specified findings.
key
— required — (String
)The attribute key.
value
— (String
)The value assigned to the attribute key.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:failedItems
— (map<map>
)Attribute details that cannot be described. An error code is provided for each failed item.
failureCode
— required — (String
)The status code of a failed item.
Possible values include:"INVALID_ARN"
"DUPLICATE_ARN"
"ITEM_DOES_NOT_EXIST"
"ACCESS_DENIED"
"LIMIT_EXCEEDED"
"INTERNAL_ERROR"
retryable
— required — (Boolean
)Indicates whether you can immediately retry a request for this item for a specified resource.
-
(AWS.Response)
—
Returns:
createAssessmentTarget(params = {}, callback) ⇒ AWS.Request
Creates a new assessment target using the ARN of the resource group that is generated by CreateResourceGroup. If resourceGroupArn is not specified, all EC2 instances in the current AWS account and region are included in the assessment target. If the service-linked role isn’t already registered, this action also creates and registers a service-linked role to grant Amazon Inspector access to AWS Services needed to perform security assessments. You can create up to 50 assessment targets per AWS account. You can run up to 500 concurrent agents per AWS account. For more information, see Amazon Inspector Assessment Targets.
Service Reference:
Examples:
Create assessment target
/* Creates a new assessment target using the ARN of the resource group that is generated by CreateResourceGroup. You can create up to 50 assessment targets per AWS account. You can run up to 500 concurrent agents per AWS account. */
var params = {
assessmentTargetName: "ExampleAssessmentTarget",
resourceGroupArn: "arn:aws:inspector:us-west-2:123456789012:resourcegroup/0-AB6DMKnv"
};
inspector.createAssessmentTarget(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
assessmentTargetArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX"
}
*/
});
Calling the createAssessmentTarget operation
var params = {
assessmentTargetName: 'STRING_VALUE', /* required */
resourceGroupArn: 'STRING_VALUE'
};
inspector.createAssessmentTarget(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTargetName
— (String
)The user-defined name that identifies the assessment target that you want to create. The name must be unique within the AWS account.
resourceGroupArn
— (String
)The ARN that specifies the resource group that is used to create the assessment target. If resourceGroupArn is not specified, all EC2 instances in the current AWS account and region are included in the assessment target.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:assessmentTargetArn
— (String
)The ARN that specifies the assessment target that is created.
-
(AWS.Response)
—
Returns:
createAssessmentTemplate(params = {}, callback) ⇒ AWS.Request
Creates an assessment template for the assessment target that is specified by the ARN of the assessment target. If the service-linked role isn’t already registered, this action also creates and registers a service-linked role to grant Amazon Inspector access to AWS Services needed to perform security assessments.
Service Reference:
Examples:
Create assessment template
/* Creates an assessment template for the assessment target that is specified by the ARN of the assessment target. */
var params = {
assessmentTargetArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX",
assessmentTemplateName: "ExampleAssessmentTemplate",
durationInSeconds: 180,
rulesPackageArns: [
"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-11B9DBXp"
],
userAttributesForFindings: [
{
key: "Example",
value: "example"
}
]
};
inspector.createAssessmentTemplate(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
assessmentTemplateArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-it5r2S4T"
}
*/
});
Calling the createAssessmentTemplate operation
var params = {
assessmentTargetArn: 'STRING_VALUE', /* required */
assessmentTemplateName: 'STRING_VALUE', /* required */
durationInSeconds: 'NUMBER_VALUE', /* required */
rulesPackageArns: [ /* required */
'STRING_VALUE',
/* more items */
],
userAttributesForFindings: [
{
key: 'STRING_VALUE', /* required */
value: 'STRING_VALUE'
},
/* more items */
]
};
inspector.createAssessmentTemplate(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTargetArn
— (String
)The ARN that specifies the assessment target for which you want to create the assessment template.
assessmentTemplateName
— (String
)The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for an assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.
durationInSeconds
— (Integer
)The duration of the assessment run in seconds.
rulesPackageArns
— (Array<String>
)The ARNs that specify the rules packages that you want to attach to the assessment template.
userAttributesForFindings
— (Array<map>
)The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. An attribute is a key and value pair (an Attribute object). Within an assessment template, each key must be unique.
key
— required — (String
)The attribute key.
value
— (String
)The value assigned to the attribute key.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:assessmentTemplateArn
— (String
)The ARN that specifies the assessment template that is created.
-
(AWS.Response)
—
Returns:
createExclusionsPreview(params = {}, callback) ⇒ AWS.Request
Starts the generation of an exclusions preview for the specified assessment template. The exclusions preview lists the potential exclusions (ExclusionPreview) that Inspector can detect before it runs the assessment.
Service Reference:
Examples:
Calling the createExclusionsPreview operation
var params = {
assessmentTemplateArn: 'STRING_VALUE' /* required */
};
inspector.createExclusionsPreview(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTemplateArn
— (String
)The ARN that specifies the assessment template for which you want to create an exclusions preview.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:previewToken
— (String
)Specifies the unique identifier of the requested exclusions preview. You can use the unique identifier to retrieve the exclusions preview when running the GetExclusionsPreview API.
-
(AWS.Response)
—
Returns:
createResourceGroup(params = {}, callback) ⇒ AWS.Request
Creates a resource group using the specified set of tags (key and value pairs) that are used to select the EC2 instances to be included in an Amazon Inspector assessment target. The created resource group is then used to create an Amazon Inspector assessment target. For more information, see CreateAssessmentTarget.
Service Reference:
Examples:
Create resource group
/* Creates a resource group using the specified set of tags (key and value pairs) that are used to select the EC2 instances to be included in an Amazon Inspector assessment target. The created resource group is then used to create an Amazon Inspector assessment target. */
var params = {
resourceGroupTags: [
{
key: "Name",
value: "example"
}
]
};
inspector.createResourceGroup(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
resourceGroupArn: "arn:aws:inspector:us-west-2:123456789012:resourcegroup/0-AB6DMKnv"
}
*/
});
Calling the createResourceGroup operation
var params = {
resourceGroupTags: [ /* required */
{
key: 'STRING_VALUE', /* required */
value: 'STRING_VALUE'
},
/* more items */
]
};
inspector.createResourceGroup(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
resourceGroupTags
— (Array<map>
)A collection of keys and an array of possible values, '[
{"key":"key1","values":["Value1","Value2"]},{"key":"Key2","values":["Value3"]}
]'.For example,'[
{"key":"Name","values":["TestEC2Instance"]}
]'.key
— required — (String
)A tag key.
value
— (String
)The value assigned to a tag key.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:resourceGroupArn
— (String
)The ARN that specifies the resource group that is created.
-
(AWS.Response)
—
Returns:
deleteAssessmentRun(params = {}, callback) ⇒ AWS.Request
Deletes the assessment run that is specified by the ARN of the assessment run.
Service Reference:
Examples:
Delete assessment run
/* Deletes the assessment run that is specified by the ARN of the assessment run. */
var params = {
assessmentRunArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-it5r2S4T/run/0-11LMTAVe"
};
inspector.deleteAssessmentRun(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Calling the deleteAssessmentRun operation
var params = {
assessmentRunArn: 'STRING_VALUE' /* required */
};
inspector.deleteAssessmentRun(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentRunArn
— (String
)The ARN that specifies the assessment run that you want to delete.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
deleteAssessmentTarget(params = {}, callback) ⇒ AWS.Request
Deletes the assessment target that is specified by the ARN of the assessment target.
Service Reference:
Examples:
Delete assessment target
/* Deletes the assessment target that is specified by the ARN of the assessment target. */
var params = {
assessmentTargetArn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq"
};
inspector.deleteAssessmentTarget(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Calling the deleteAssessmentTarget operation
var params = {
assessmentTargetArn: 'STRING_VALUE' /* required */
};
inspector.deleteAssessmentTarget(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTargetArn
— (String
)The ARN that specifies the assessment target that you want to delete.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
deleteAssessmentTemplate(params = {}, callback) ⇒ AWS.Request
Deletes the assessment template that is specified by the ARN of the assessment template.
Service Reference:
Examples:
Delete assessment template
/* Deletes the assessment template that is specified by the ARN of the assessment template. */
var params = {
assessmentTemplateArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-it5r2S4T"
};
inspector.deleteAssessmentTemplate(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Calling the deleteAssessmentTemplate operation
var params = {
assessmentTemplateArn: 'STRING_VALUE' /* required */
};
inspector.deleteAssessmentTemplate(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTemplateArn
— (String
)The ARN that specifies the assessment template that you want to delete.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
describeAssessmentRuns(params = {}, callback) ⇒ AWS.Request
Describes the assessment runs that are specified by the ARNs of the assessment runs.
Service Reference:
Examples:
Describte assessment runs
/* Describes the assessment runs that are specified by the ARNs of the assessment runs. */
var params = {
assessmentRunArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-MKkpXXPE"
]
};
inspector.describeAssessmentRuns(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
assessmentRuns: [
{
name: "Run 1 for ExampleAssessmentTemplate",
arn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-MKkpXXPE",
assessmentTemplateArn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw",
completedAt: <Date Representation>,
createdAt: <Date Representation>,
dataCollected: true,
durationInSeconds: 3600,
findingCounts: {
"High": 14,
"Informational": 0,
"Low": 0,
"Medium": 2,
"Undefined": 0
},
notifications: [
],
rulesPackageArns: [
"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-X1KXtawP"
],
startedAt: <Date Representation>,
state: "COMPLETED",
stateChangedAt: <Date Representation>,
stateChanges: [
{
state: "CREATED",
stateChangedAt: <Date Representation>
},
{
state: "START_DATA_COLLECTION_PENDING",
stateChangedAt: <Date Representation>
},
{
state: "START_DATA_COLLECTION_IN_PROGRESS",
stateChangedAt: <Date Representation>
},
{
state: "COLLECTING_DATA",
stateChangedAt: <Date Representation>
},
{
state: "STOP_DATA_COLLECTION_PENDING",
stateChangedAt: <Date Representation>
},
{
state: "DATA_COLLECTED",
stateChangedAt: <Date Representation>
},
{
state: "EVALUATING_RULES",
stateChangedAt: <Date Representation>
},
{
state: "COMPLETED",
stateChangedAt: <Date Representation>
}
],
userAttributesForFindings: [
]
}
],
failedItems: {
}
}
*/
});
Calling the describeAssessmentRuns operation
var params = {
assessmentRunArns: [ /* required */
'STRING_VALUE',
/* more items */
]
};
inspector.describeAssessmentRuns(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentRunArns
— (Array<String>
)The ARN that specifies the assessment run that you want to describe.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:assessmentRuns
— (Array<map>
)Information about the assessment run.
arn
— required — (String
)The ARN of the assessment run.
name
— required — (String
)The auto-generated name for the assessment run.
assessmentTemplateArn
— required — (String
)The ARN of the assessment template that is associated with the assessment run.
state
— required — (String
)The state of the assessment run.
Possible values include:"CREATED"
"START_DATA_COLLECTION_PENDING"
"START_DATA_COLLECTION_IN_PROGRESS"
"COLLECTING_DATA"
"STOP_DATA_COLLECTION_PENDING"
"DATA_COLLECTED"
"START_EVALUATING_RULES_PENDING"
"EVALUATING_RULES"
"FAILED"
"ERROR"
"COMPLETED"
"COMPLETED_WITH_ERRORS"
"CANCELED"
durationInSeconds
— required — (Integer
)The duration of the assessment run.
rulesPackageArns
— required — (Array<String>
)The rules packages selected for the assessment run.
userAttributesForFindings
— required — (Array<map>
)The user-defined attributes that are assigned to every generated finding.
key
— required — (String
)The attribute key.
value
— (String
)The value assigned to the attribute key.
createdAt
— required — (Date
)The time when StartAssessmentRun was called.
startedAt
— (Date
)The time when StartAssessmentRun was called.
completedAt
— (Date
)The assessment run completion time that corresponds to the rules packages evaluation completion time or failure.
stateChangedAt
— required — (Date
)The last time when the assessment run's state changed.
dataCollected
— required — (Boolean
)A Boolean value (true or false) that specifies whether the process of collecting data from the agents is completed.
stateChanges
— required — (Array<map>
)A list of the assessment run state changes.
stateChangedAt
— required — (Date
)The last time the assessment run state changed.
state
— required — (String
)The assessment run state.
Possible values include:"CREATED"
"START_DATA_COLLECTION_PENDING"
"START_DATA_COLLECTION_IN_PROGRESS"
"COLLECTING_DATA"
"STOP_DATA_COLLECTION_PENDING"
"DATA_COLLECTED"
"START_EVALUATING_RULES_PENDING"
"EVALUATING_RULES"
"FAILED"
"ERROR"
"COMPLETED"
"COMPLETED_WITH_ERRORS"
"CANCELED"
notifications
— required — (Array<map>
)A list of notifications for the event subscriptions. A notification about a particular generated finding is added to this list only once.
date
— required — (Date
)The date of the notification.
event
— required — (String
)The event for which a notification is sent.
Possible values include:"ASSESSMENT_RUN_STARTED"
"ASSESSMENT_RUN_COMPLETED"
"ASSESSMENT_RUN_STATE_CHANGED"
"FINDING_REPORTED"
"OTHER"
message
— (String
)The message included in the notification.
error
— required — (Boolean
)The Boolean value that specifies whether the notification represents an error.
snsTopicArn
— (String
)The SNS topic to which the SNS notification is sent.
snsPublishStatusCode
— (String
)The status code of the SNS notification.
Possible values include:"SUCCESS"
"TOPIC_DOES_NOT_EXIST"
"ACCESS_DENIED"
"INTERNAL_ERROR"
findingCounts
— required — (map<Integer>
)Provides a total count of generated findings per severity.
failedItems
— (map<map>
)Assessment run details that cannot be described. An error code is provided for each failed item.
failureCode
— required — (String
)The status code of a failed item.
Possible values include:"INVALID_ARN"
"DUPLICATE_ARN"
"ITEM_DOES_NOT_EXIST"
"ACCESS_DENIED"
"LIMIT_EXCEEDED"
"INTERNAL_ERROR"
retryable
— required — (Boolean
)Indicates whether you can immediately retry a request for this item for a specified resource.
-
(AWS.Response)
—
Returns:
describeAssessmentTargets(params = {}, callback) ⇒ AWS.Request
Describes the assessment targets that are specified by the ARNs of the assessment targets.
Service Reference:
Examples:
Describte assessment targets
/* Describes the assessment targets that are specified by the ARNs of the assessment targets. */
var params = {
assessmentTargetArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq"
]
};
inspector.describeAssessmentTargets(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
assessmentTargets: [
{
name: "ExampleAssessmentTarget",
arn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq",
createdAt: <Date Representation>,
resourceGroupArn: "arn:aws:inspector:us-west-2:123456789012:resourcegroup/0-PyGXopAI",
updatedAt: <Date Representation>
}
],
failedItems: {
}
}
*/
});
Calling the describeAssessmentTargets operation
var params = {
assessmentTargetArns: [ /* required */
'STRING_VALUE',
/* more items */
]
};
inspector.describeAssessmentTargets(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTargetArns
— (Array<String>
)The ARNs that specifies the assessment targets that you want to describe.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:assessmentTargets
— (Array<map>
)Information about the assessment targets.
arn
— required — (String
)The ARN that specifies the Amazon Inspector assessment target.
name
— required — (String
)The name of the Amazon Inspector assessment target.
resourceGroupArn
— (String
)The ARN that specifies the resource group that is associated with the assessment target.
createdAt
— required — (Date
)The time at which the assessment target is created.
updatedAt
— required — (Date
)The time at which UpdateAssessmentTarget is called.
failedItems
— (map<map>
)Assessment target details that cannot be described. An error code is provided for each failed item.
failureCode
— required — (String
)The status code of a failed item.
Possible values include:"INVALID_ARN"
"DUPLICATE_ARN"
"ITEM_DOES_NOT_EXIST"
"ACCESS_DENIED"
"LIMIT_EXCEEDED"
"INTERNAL_ERROR"
retryable
— required — (Boolean
)Indicates whether you can immediately retry a request for this item for a specified resource.
-
(AWS.Response)
—
Returns:
describeAssessmentTemplates(params = {}, callback) ⇒ AWS.Request
Describes the assessment templates that are specified by the ARNs of the assessment templates.
Service Reference:
Examples:
Describte assessment templates
/* Describes the assessment templates that are specified by the ARNs of the assessment templates. */
var params = {
assessmentTemplateArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw"
]
};
inspector.describeAssessmentTemplates(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
assessmentTemplates: [
{
name: "ExampleAssessmentTemplate",
arn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw",
assessmentRunCount: 0,
assessmentTargetArn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq",
createdAt: <Date Representation>,
durationInSeconds: 3600,
rulesPackageArns: [
"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-X1KXtawP"
],
userAttributesForFindings: [
]
}
],
failedItems: {
}
}
*/
});
Calling the describeAssessmentTemplates operation
var params = {
assessmentTemplateArns: [ /* required */
'STRING_VALUE',
/* more items */
]
};
inspector.describeAssessmentTemplates(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTemplateArns
— (Array<String>
)
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:assessmentTemplates
— (Array<map>
)Information about the assessment templates.
arn
— required — (String
)The ARN of the assessment template.
name
— required — (String
)The name of the assessment template.
assessmentTargetArn
— required — (String
)The ARN of the assessment target that corresponds to this assessment template.
durationInSeconds
— required — (Integer
)The duration in seconds specified for this assessment template. The default value is 3600 seconds (one hour). The maximum value is 86400 seconds (one day).
rulesPackageArns
— required — (Array<String>
)The rules packages that are specified for this assessment template.
userAttributesForFindings
— required — (Array<map>
)The user-defined attributes that are assigned to every generated finding from the assessment run that uses this assessment template.
key
— required — (String
)The attribute key.
value
— (String
)The value assigned to the attribute key.
lastAssessmentRunArn
— (String
)The Amazon Resource Name (ARN) of the most recent assessment run associated with this assessment template. This value exists only when the value of assessmentRunCount is greaterpa than zero.
assessmentRunCount
— required — (Integer
)The number of existing assessment runs associated with this assessment template. This value can be zero or a positive integer.
createdAt
— required — (Date
)The time at which the assessment template is created.
failedItems
— (map<map>
)Assessment template details that cannot be described. An error code is provided for each failed item.
failureCode
— required — (String
)The status code of a failed item.
Possible values include:"INVALID_ARN"
"DUPLICATE_ARN"
"ITEM_DOES_NOT_EXIST"
"ACCESS_DENIED"
"LIMIT_EXCEEDED"
"INTERNAL_ERROR"
retryable
— required — (Boolean
)Indicates whether you can immediately retry a request for this item for a specified resource.
-
(AWS.Response)
—
Returns:
describeCrossAccountAccessRole(params = {}, callback) ⇒ AWS.Request
Describes the IAM role that enables Amazon Inspector to access your AWS account.
Service Reference:
Examples:
Describte cross account access role
/* Describes the IAM role that enables Amazon Inspector to access your AWS account. */
var params = {};
inspector.describeCrossAccountAccessRole(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
registeredAt: <Date Representation>,
roleArn: "arn:aws:iam::123456789012:role/inspector",
valid: true
}
*/
});
Calling the describeCrossAccountAccessRole operation
inspector.describeCrossAccountAccessRole(function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
- params (Object) (defaults to: {})
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:roleArn
— (String
)The ARN that specifies the IAM role that Amazon Inspector uses to access your AWS account.
valid
— (Boolean
)A Boolean value that specifies whether the IAM role has the necessary policies attached to enable Amazon Inspector to access your AWS account.
registeredAt
— (Date
)The date when the cross-account access role was registered.
-
(AWS.Response)
—
Returns:
describeExclusions(params = {}, callback) ⇒ AWS.Request
Describes the exclusions that are specified by the exclusions' ARNs.
Service Reference:
Examples:
Calling the describeExclusions operation
var params = {
exclusionArns: [ /* required */
'STRING_VALUE',
/* more items */
],
locale: EN_US
};
inspector.describeExclusions(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
exclusionArns
— (Array<String>
)The list of ARNs that specify the exclusions that you want to describe.
locale
— (String
)The locale into which you want to translate the exclusion's title, description, and recommendation.
Possible values include:"EN_US"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:exclusions
— (map<map>
)Information about the exclusions.
arn
— required — (String
)The ARN that specifies the exclusion.
title
— required — (String
)The name of the exclusion.
description
— required — (String
)The description of the exclusion.
recommendation
— required — (String
)The recommendation for the exclusion.
scopes
— required — (Array<map>
)The AWS resources for which the exclusion pertains.
key
— (String
)The type of the scope.
Possible values include:"INSTANCE_ID"
"RULES_PACKAGE_ARN"
value
— (String
)The resource identifier for the specified scope type.
attributes
— (Array<map>
)The system-defined attributes for the exclusion.
key
— required — (String
)The attribute key.
value
— (String
)The value assigned to the attribute key.
failedItems
— (map<map>
)Exclusion details that cannot be described. An error code is provided for each failed item.
failureCode
— required — (String
)The status code of a failed item.
Possible values include:"INVALID_ARN"
"DUPLICATE_ARN"
"ITEM_DOES_NOT_EXIST"
"ACCESS_DENIED"
"LIMIT_EXCEEDED"
"INTERNAL_ERROR"
retryable
— required — (Boolean
)Indicates whether you can immediately retry a request for this item for a specified resource.
-
(AWS.Response)
—
Returns:
describeFindings(params = {}, callback) ⇒ AWS.Request
Describes the findings that are specified by the ARNs of the findings.
Service Reference:
Examples:
Describe findings
/* Describes the findings that are specified by the ARNs of the findings. */
var params = {
findingArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-MKkpXXPE/finding/0-HwPnsDm4"
]
};
inspector.describeFindings(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
failedItems: {
},
findings: [
{
arn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-MKkpXXPE/finding/0-HwPnsDm4",
assetAttributes: {
ipv4Addresses: [
],
schemaVersion: 1
},
assetType: "ec2-instance",
attributes: [
],
confidence: 10,
createdAt: <Date Representation>,
description: "Amazon Inspector did not find any potential security issues during this assessment.",
indicatorOfCompromise: false,
numericSeverity: 0,
recommendation: "No remediation needed.",
schemaVersion: 1,
service: "Inspector",
serviceAttributes: {
assessmentRunArn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-MKkpXXPE",
rulesPackageArn: "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-X1KXtawP",
schemaVersion: 1
},
severity: "Informational",
title: "No potential security issues found",
updatedAt: <Date Representation>,
userAttributes: [
]
}
]
}
*/
});
Calling the describeFindings operation
var params = {
findingArns: [ /* required */
'STRING_VALUE',
/* more items */
],
locale: EN_US
};
inspector.describeFindings(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
findingArns
— (Array<String>
)The ARN that specifies the finding that you want to describe.
locale
— (String
)The locale into which you want to translate a finding description, recommendation, and the short description that identifies the finding.
Possible values include:"EN_US"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:findings
— (Array<map>
)Information about the finding.
arn
— required — (String
)The ARN that specifies the finding.
schemaVersion
— (Integer
)The schema version of this data type.
service
— (String
)The data element is set to "Inspector".
serviceAttributes
— (map
)This data type is used in the Finding data type.
schemaVersion
— required — (Integer
)The schema version of this data type.
assessmentRunArn
— (String
)The ARN of the assessment run during which the finding is generated.
rulesPackageArn
— (String
)The ARN of the rules package that is used to generate the finding.
assetType
— (String
)The type of the host from which the finding is generated.
Possible values include:"ec2-instance"
assetAttributes
— (map
)A collection of attributes of the host from which the finding is generated.
schemaVersion
— required — (Integer
)The schema version of this data type.
agentId
— (String
)The ID of the agent that is installed on the EC2 instance where the finding is generated.
autoScalingGroup
— (String
)The Auto Scaling group of the EC2 instance where the finding is generated.
amiId
— (String
)The ID of the Amazon Machine Image (AMI) that is installed on the EC2 instance where the finding is generated.
hostname
— (String
)The hostname of the EC2 instance where the finding is generated.
ipv4Addresses
— (Array<String>
)The list of IP v4 addresses of the EC2 instance where the finding is generated.
tags
— (Array<map>
)The tags related to the EC2 instance where the finding is generated.
key
— required — (String
)A tag key.
value
— (String
)A value assigned to a tag key.
networkInterfaces
— (Array<map>
)An array of the network interfaces interacting with the EC2 instance where the finding is generated.
networkInterfaceId
— (String
)The ID of the network interface.
subnetId
— (String
)The ID of a subnet associated with the network interface.
vpcId
— (String
)The ID of a VPC associated with the network interface.
privateDnsName
— (String
)The name of a private DNS associated with the network interface.
privateIpAddress
— (String
)The private IP address associated with the network interface.
privateIpAddresses
— (Array<map>
)A list of the private IP addresses associated with the network interface. Includes the privateDnsName and privateIpAddress.
privateDnsName
— (String
)The DNS name of the private IP address.
privateIpAddress
— (String
)The full IP address of the network inteface.
publicDnsName
— (String
)The name of a public DNS associated with the network interface.
publicIp
— (String
)The public IP address from which the network interface is reachable.
ipv6Addresses
— (Array<String>
)The IP addresses associated with the network interface.
securityGroups
— (Array<map>
)A list of the security groups associated with the network interface. Includes the groupId and groupName.
groupName
— (String
)The name of the security group.
groupId
— (String
)The ID of the security group.
id
— (String
)The ID of the finding.
title
— (String
)The name of the finding.
description
— (String
)The description of the finding.
recommendation
— (String
)The recommendation for the finding.
severity
— (String
)The finding severity. Values can be set to High, Medium, Low, and Informational.
Possible values include:"Low"
"Medium"
"High"
"Informational"
"Undefined"
numericSeverity
— (Float
)The numeric value of the finding severity.
confidence
— (Integer
)This data element is currently not used.
indicatorOfCompromise
— (Boolean
)This data element is currently not used.
attributes
— required — (Array<map>
)The system-defined attributes for the finding.
key
— required — (String
)The attribute key.
value
— (String
)The value assigned to the attribute key.
userAttributes
— required — (Array<map>
)The user-defined attributes that are assigned to the finding.
key
— required — (String
)The attribute key.
value
— (String
)The value assigned to the attribute key.
createdAt
— required — (Date
)The time when the finding was generated.
updatedAt
— required — (Date
)The time when AddAttributesToFindings is called.
failedItems
— (map<map>
)Finding details that cannot be described. An error code is provided for each failed item.
failureCode
— required — (String
)The status code of a failed item.
Possible values include:"INVALID_ARN"
"DUPLICATE_ARN"
"ITEM_DOES_NOT_EXIST"
"ACCESS_DENIED"
"LIMIT_EXCEEDED"
"INTERNAL_ERROR"
retryable
— required — (Boolean
)Indicates whether you can immediately retry a request for this item for a specified resource.
-
(AWS.Response)
—
Returns:
describeResourceGroups(params = {}, callback) ⇒ AWS.Request
Describes the resource groups that are specified by the ARNs of the resource groups.
Service Reference:
Examples:
Describe resource groups
/* Describes the resource groups that are specified by the ARNs of the resource groups. */
var params = {
resourceGroupArns: [
"arn:aws:inspector:us-west-2:123456789012:resourcegroup/0-PyGXopAI"
]
};
inspector.describeResourceGroups(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
failedItems: {
},
resourceGroups: [
{
arn: "arn:aws:inspector:us-west-2:123456789012:resourcegroup/0-PyGXopAI",
createdAt: <Date Representation>,
tags: [
{
key: "Name",
value: "example"
}
]
}
]
}
*/
});
Calling the describeResourceGroups operation
var params = {
resourceGroupArns: [ /* required */
'STRING_VALUE',
/* more items */
]
};
inspector.describeResourceGroups(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
resourceGroupArns
— (Array<String>
)The ARN that specifies the resource group that you want to describe.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:resourceGroups
— (Array<map>
)Information about a resource group.
arn
— required — (String
)The ARN of the resource group.
tags
— required — (Array<map>
)The tags (key and value pairs) of the resource group. This data type property is used in the CreateResourceGroup action.
key
— required — (String
)A tag key.
value
— (String
)The value assigned to a tag key.
createdAt
— required — (Date
)The time at which resource group is created.
failedItems
— (map<map>
)Resource group details that cannot be described. An error code is provided for each failed item.
failureCode
— required — (String
)The status code of a failed item.
Possible values include:"INVALID_ARN"
"DUPLICATE_ARN"
"ITEM_DOES_NOT_EXIST"
"ACCESS_DENIED"
"LIMIT_EXCEEDED"
"INTERNAL_ERROR"
retryable
— required — (Boolean
)Indicates whether you can immediately retry a request for this item for a specified resource.
-
(AWS.Response)
—
Returns:
describeRulesPackages(params = {}, callback) ⇒ AWS.Request
Describes the rules packages that are specified by the ARNs of the rules packages.
Service Reference:
Examples:
Describe rules packages
/* Describes the rules packages that are specified by the ARNs of the rules packages. */
var params = {
rulesPackageArns: [
"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ"
]
};
inspector.describeRulesPackages(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
failedItems: {
},
rulesPackages: [
{
version: "1.1",
name: "Security Best Practices",
arn: "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ",
description: "The rules in this package help determine whether your systems are configured securely.",
provider: "Amazon Web Services, Inc."
}
]
}
*/
});
Calling the describeRulesPackages operation
var params = {
rulesPackageArns: [ /* required */
'STRING_VALUE',
/* more items */
],
locale: EN_US
};
inspector.describeRulesPackages(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
rulesPackageArns
— (Array<String>
)The ARN that specifies the rules package that you want to describe.
locale
— (String
)The locale that you want to translate a rules package description into.
Possible values include:"EN_US"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:rulesPackages
— (Array<map>
)Information about the rules package.
arn
— required — (String
)The ARN of the rules package.
name
— required — (String
)The name of the rules package.
version
— required — (String
)The version ID of the rules package.
provider
— required — (String
)The provider of the rules package.
description
— (String
)The description of the rules package.
failedItems
— (map<map>
)Rules package details that cannot be described. An error code is provided for each failed item.
failureCode
— required — (String
)The status code of a failed item.
Possible values include:"INVALID_ARN"
"DUPLICATE_ARN"
"ITEM_DOES_NOT_EXIST"
"ACCESS_DENIED"
"LIMIT_EXCEEDED"
"INTERNAL_ERROR"
retryable
— required — (Boolean
)Indicates whether you can immediately retry a request for this item for a specified resource.
-
(AWS.Response)
—
Returns:
getAssessmentReport(params = {}, callback) ⇒ AWS.Request
Produces an assessment report that includes detailed and comprehensive results of a specified assessment run.
Service Reference:
Examples:
Calling the getAssessmentReport operation
var params = {
assessmentRunArn: 'STRING_VALUE', /* required */
reportFileFormat: HTML | PDF, /* required */
reportType: FINDING | FULL /* required */
};
inspector.getAssessmentReport(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentRunArn
— (String
)The ARN that specifies the assessment run for which you want to generate a report.
reportFileFormat
— (String
)Specifies the file format (html or pdf) of the assessment report that you want to generate.
Possible values include:"HTML"
"PDF"
reportType
— (String
)Specifies the type of the assessment report that you want to generate. There are two types of assessment reports: a finding report and a full report. For more information, see Assessment Reports.
Possible values include:"FINDING"
"FULL"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:status
— (String
)Specifies the status of the request to generate an assessment report.
Possible values include:"WORK_IN_PROGRESS"
"FAILED"
"COMPLETED"
url
— (String
)Specifies the URL where you can find the generated assessment report. This parameter is only returned if the report is successfully generated.
-
(AWS.Response)
—
Returns:
getExclusionsPreview(params = {}, callback) ⇒ AWS.Request
Retrieves the exclusions preview (a list of ExclusionPreview objects) specified by the preview token. You can obtain the preview token by running the CreateExclusionsPreview API.
Service Reference:
Examples:
Calling the getExclusionsPreview operation
var params = {
assessmentTemplateArn: 'STRING_VALUE', /* required */
previewToken: 'STRING_VALUE', /* required */
locale: EN_US,
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE'
};
inspector.getExclusionsPreview(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTemplateArn
— (String
)The ARN that specifies the assessment template for which the exclusions preview was requested.
previewToken
— (String
)The unique identifier associated of the exclusions preview.
nextToken
— (String
)You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the GetExclusionsPreviewRequest action. Subsequent calls to the action fill nextToken in the request with the value of nextToken from the previous response to continue listing data.
maxResults
— (Integer
)You can use this parameter to indicate the maximum number of items you want in the response. The default value is 100. The maximum value is 500.
locale
— (String
)The locale into which you want to translate the exclusion's title, description, and recommendation.
Possible values include:"EN_US"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:previewStatus
— (String
)Specifies the status of the request to generate an exclusions preview.
Possible values include:"WORK_IN_PROGRESS"
"COMPLETED"
exclusionPreviews
— (Array<map>
)Information about the exclusions included in the preview.
title
— required — (String
)The name of the exclusion preview.
description
— required — (String
)The description of the exclusion preview.
recommendation
— required — (String
)The recommendation for the exclusion preview.
scopes
— required — (Array<map>
)The AWS resources for which the exclusion preview pertains.
key
— (String
)The type of the scope.
Possible values include:"INSTANCE_ID"
"RULES_PACKAGE_ARN"
value
— (String
)The resource identifier for the specified scope type.
attributes
— (Array<map>
)The system-defined attributes for the exclusion preview.
key
— required — (String
)The attribute key.
value
— (String
)The value assigned to the attribute key.
nextToken
— (String
)When a response is generated, if there is more data to be listed, this parameters is present in the response and contains the value to use for the nextToken parameter in a subsequent pagination request. If there is no more data to be listed, this parameter is set to null.
-
(AWS.Response)
—
Returns:
getTelemetryMetadata(params = {}, callback) ⇒ AWS.Request
Information about the data that is collected for the specified assessment run.
Service Reference:
Examples:
Get telemetry metadata
/* Information about the data that is collected for the specified assessment run. */
var params = {
assessmentRunArn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-MKkpXXPE"
};
inspector.getTelemetryMetadata(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
telemetryMetadata: [
{
count: 2,
dataSize: 345,
messageType: "InspectorDuplicateProcess"
},
{
count: 3,
dataSize: 255,
messageType: "InspectorTimeEventMsg"
},
{
count: 4,
dataSize: 1082,
messageType: "InspectorNetworkInterface"
},
{
count: 2,
dataSize: 349,
messageType: "InspectorDnsEntry"
},
{
count: 11,
dataSize: 2514,
messageType: "InspectorDirectoryInfoMsg"
},
{
count: 1,
dataSize: 179,
messageType: "InspectorTcpV6ListeningPort"
},
{
count: 101,
dataSize: 10949,
messageType: "InspectorTerminal"
},
{
count: 26,
dataSize: 5916,
messageType: "InspectorUser"
},
{
count: 282,
dataSize: 32148,
messageType: "InspectorDynamicallyLoadedCodeModule"
},
{
count: 18,
dataSize: 10172,
messageType: "InspectorCreateProcess"
},
{
count: 3,
dataSize: 8001,
messageType: "InspectorProcessPerformance"
},
{
count: 1,
dataSize: 360,
messageType: "InspectorOperatingSystem"
},
{
count: 6,
dataSize: 546,
messageType: "InspectorStopProcess"
},
{
count: 1,
dataSize: 1553,
messageType: "InspectorInstanceMetaData"
},
{
count: 2,
dataSize: 434,
messageType: "InspectorTcpV4Connection"
},
{
count: 474,
dataSize: 2960322,
messageType: "InspectorPackageInfo"
},
{
count: 3,
dataSize: 2235,
messageType: "InspectorSystemPerformance"
},
{
count: 105,
dataSize: 46048,
messageType: "InspectorCodeModule"
},
{
count: 1,
dataSize: 182,
messageType: "InspectorUdpV6ListeningPort"
},
{
count: 2,
dataSize: 371,
messageType: "InspectorUdpV4ListeningPort"
},
{
count: 18,
dataSize: 8362,
messageType: "InspectorKernelModule"
},
{
count: 29,
dataSize: 48788,
messageType: "InspectorConfigurationInfo"
},
{
count: 1,
dataSize: 79,
messageType: "InspectorMonitoringStart"
},
{
count: 5,
dataSize: 0,
messageType: "InspectorSplitMsgBegin"
},
{
count: 51,
dataSize: 4593,
messageType: "InspectorGroup"
},
{
count: 1,
dataSize: 184,
messageType: "InspectorTcpV4ListeningPort"
},
{
count: 1159,
dataSize: 3146579,
messageType: "Total"
},
{
count: 5,
dataSize: 0,
messageType: "InspectorSplitMsgEnd"
},
{
count: 1,
dataSize: 612,
messageType: "InspectorLoadImageInProcess"
}
]
}
*/
});
Calling the getTelemetryMetadata operation
var params = {
assessmentRunArn: 'STRING_VALUE' /* required */
};
inspector.getTelemetryMetadata(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentRunArn
— (String
)The ARN that specifies the assessment run that has the telemetry data that you want to obtain.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:telemetryMetadata
— (Array<map>
)Telemetry details.
messageType
— required — (String
)A specific type of behavioral data that is collected by the agent.
count
— required — (Integer
)The count of messages that the agent sends to the Amazon Inspector service.
dataSize
— (Integer
)The data size of messages that the agent sends to the Amazon Inspector service.
-
(AWS.Response)
—
Returns:
listAssessmentRunAgents(params = {}, callback) ⇒ AWS.Request
Lists the agents of the assessment runs that are specified by the ARNs of the assessment runs.
Service Reference:
Examples:
List assessment run agents
/* Lists the agents of the assessment runs that are specified by the ARNs of the assessment runs. */
var params = {
assessmentRunArn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-MKkpXXPE",
maxResults: 123
};
inspector.listAssessmentRunAgents(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
assessmentRunAgents: [
{
agentHealth: "HEALTHY",
agentHealthCode: "RUNNING",
agentId: "i-49113b93",
assessmentRunArn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-MKkpXXPE",
telemetryMetadata: [
{
count: 2,
dataSize: 345,
messageType: "InspectorDuplicateProcess"
},
{
count: 3,
dataSize: 255,
messageType: "InspectorTimeEventMsg"
},
{
count: 4,
dataSize: 1082,
messageType: "InspectorNetworkInterface"
},
{
count: 2,
dataSize: 349,
messageType: "InspectorDnsEntry"
},
{
count: 11,
dataSize: 2514,
messageType: "InspectorDirectoryInfoMsg"
},
{
count: 1,
dataSize: 179,
messageType: "InspectorTcpV6ListeningPort"
},
{
count: 101,
dataSize: 10949,
messageType: "InspectorTerminal"
},
{
count: 26,
dataSize: 5916,
messageType: "InspectorUser"
},
{
count: 282,
dataSize: 32148,
messageType: "InspectorDynamicallyLoadedCodeModule"
},
{
count: 18,
dataSize: 10172,
messageType: "InspectorCreateProcess"
},
{
count: 3,
dataSize: 8001,
messageType: "InspectorProcessPerformance"
},
{
count: 1,
dataSize: 360,
messageType: "InspectorOperatingSystem"
},
{
count: 6,
dataSize: 546,
messageType: "InspectorStopProcess"
},
{
count: 1,
dataSize: 1553,
messageType: "InspectorInstanceMetaData"
},
{
count: 2,
dataSize: 434,
messageType: "InspectorTcpV4Connection"
},
{
count: 474,
dataSize: 2960322,
messageType: "InspectorPackageInfo"
},
{
count: 3,
dataSize: 2235,
messageType: "InspectorSystemPerformance"
},
{
count: 105,
dataSize: 46048,
messageType: "InspectorCodeModule"
},
{
count: 1,
dataSize: 182,
messageType: "InspectorUdpV6ListeningPort"
},
{
count: 2,
dataSize: 371,
messageType: "InspectorUdpV4ListeningPort"
},
{
count: 18,
dataSize: 8362,
messageType: "InspectorKernelModule"
},
{
count: 29,
dataSize: 48788,
messageType: "InspectorConfigurationInfo"
},
{
count: 1,
dataSize: 79,
messageType: "InspectorMonitoringStart"
},
{
count: 5,
dataSize: 0,
messageType: "InspectorSplitMsgBegin"
},
{
count: 51,
dataSize: 4593,
messageType: "InspectorGroup"
},
{
count: 1,
dataSize: 184,
messageType: "InspectorTcpV4ListeningPort"
},
{
count: 1159,
dataSize: 3146579,
messageType: "Total"
},
{
count: 5,
dataSize: 0,
messageType: "InspectorSplitMsgEnd"
},
{
count: 1,
dataSize: 612,
messageType: "InspectorLoadImageInProcess"
}
]
}
],
nextToken: "1"
}
*/
});
Calling the listAssessmentRunAgents operation
var params = {
assessmentRunArn: 'STRING_VALUE', /* required */
filter: {
agentHealthCodes: [ /* required */
IDLE | RUNNING | SHUTDOWN | UNHEALTHY | THROTTLED | UNKNOWN,
/* more items */
],
agentHealths: [ /* required */
HEALTHY | UNHEALTHY | UNKNOWN,
/* more items */
]
},
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE'
};
inspector.listAssessmentRunAgents(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentRunArn
— (String
)The ARN that specifies the assessment run whose agents you want to list.
filter
— (map
)You can use this parameter to specify a subset of data to be included in the action's response.
For a record to match a filter, all specified filter attributes must match. When multiple values are specified for a filter attribute, any of the values can match.
agentHealths
— required — (Array<String>
)The current health state of the agent. Values can be set to HEALTHY or UNHEALTHY.
agentHealthCodes
— required — (Array<String>
)The detailed health state of the agent. Values can be set to IDLE, RUNNING, SHUTDOWN, UNHEALTHY, THROTTLED, and UNKNOWN.
nextToken
— (String
)You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the ListAssessmentRunAgents action. Subsequent calls to the action fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
maxResults
— (Integer
)You can use this parameter to indicate the maximum number of items that you want in the response. The default value is 10. The maximum value is 500.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:assessmentRunAgents
— (Array<map>
)A list of ARNs that specifies the agents returned by the action.
agentId
— required — (String
)The AWS account of the EC2 instance where the agent is installed.
assessmentRunArn
— required — (String
)The ARN of the assessment run that is associated with the agent.
agentHealth
— required — (String
)The current health state of the agent.
Possible values include:"HEALTHY"
"UNHEALTHY"
"UNKNOWN"
agentHealthCode
— required — (String
)The detailed health state of the agent.
Possible values include:"IDLE"
"RUNNING"
"SHUTDOWN"
"UNHEALTHY"
"THROTTLED"
"UNKNOWN"
agentHealthDetails
— (String
)The description for the agent health code.
autoScalingGroup
— (String
)The Auto Scaling group of the EC2 instance that is specified by the agent ID.
telemetryMetadata
— required — (Array<map>
)The Amazon Inspector application data metrics that are collected by the agent.
messageType
— required — (String
)A specific type of behavioral data that is collected by the agent.
count
— required — (Integer
)The count of messages that the agent sends to the Amazon Inspector service.
dataSize
— (Integer
)The data size of messages that the agent sends to the Amazon Inspector service.
nextToken
— (String
)When a response is generated, if there is more data to be listed, this parameter is present in the response and contains the value to use for the nextToken parameter in a subsequent pagination request. If there is no more data to be listed, this parameter is set to null.
-
(AWS.Response)
—
Returns:
listAssessmentRuns(params = {}, callback) ⇒ AWS.Request
Lists the assessment runs that correspond to the assessment templates that are specified by the ARNs of the assessment templates.
Service Reference:
Examples:
List assessment runs
/* Lists the assessment runs that correspond to the assessment templates that are specified by the ARNs of the assessment templates. */
var params = {
assessmentTemplateArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw"
],
maxResults: 123
};
inspector.listAssessmentRuns(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
assessmentRunArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-MKkpXXPE",
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-v5D6fI3v"
],
nextToken: "1"
}
*/
});
Calling the listAssessmentRuns operation
var params = {
assessmentTemplateArns: [
'STRING_VALUE',
/* more items */
],
filter: {
completionTimeRange: {
beginDate: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789,
endDate: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789
},
durationRange: {
maxSeconds: 'NUMBER_VALUE',
minSeconds: 'NUMBER_VALUE'
},
namePattern: 'STRING_VALUE',
rulesPackageArns: [
'STRING_VALUE',
/* more items */
],
startTimeRange: {
beginDate: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789,
endDate: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789
},
stateChangeTimeRange: {
beginDate: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789,
endDate: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789
},
states: [
CREATED | START_DATA_COLLECTION_PENDING | START_DATA_COLLECTION_IN_PROGRESS | COLLECTING_DATA | STOP_DATA_COLLECTION_PENDING | DATA_COLLECTED | START_EVALUATING_RULES_PENDING | EVALUATING_RULES | FAILED | ERROR | COMPLETED | COMPLETED_WITH_ERRORS | CANCELED,
/* more items */
]
},
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE'
};
inspector.listAssessmentRuns(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTemplateArns
— (Array<String>
)The ARNs that specify the assessment templates whose assessment runs you want to list.
filter
— (map
)You can use this parameter to specify a subset of data to be included in the action's response.
For a record to match a filter, all specified filter attributes must match. When multiple values are specified for a filter attribute, any of the values can match.
namePattern
— (String
)For a record to match a filter, an explicit value or a string containing a wildcard that is specified for this data type property must match the value of the assessmentRunName property of the AssessmentRun data type.
states
— (Array<String>
)For a record to match a filter, one of the values specified for this data type property must be the exact match of the value of the assessmentRunState property of the AssessmentRun data type.
durationRange
— (map
)For a record to match a filter, the value that is specified for this data type property must inclusively match any value between the specified minimum and maximum values of the durationInSeconds property of the AssessmentRun data type.
minSeconds
— (Integer
)The minimum value of the duration range. Must be greater than zero.
maxSeconds
— (Integer
)The maximum value of the duration range. Must be less than or equal to 604800 seconds (1 week).
rulesPackageArns
— (Array<String>
)For a record to match a filter, the value that is specified for this data type property must be contained in the list of values of the rulesPackages property of the AssessmentRun data type.
startTimeRange
— (map
)For a record to match a filter, the value that is specified for this data type property must inclusively match any value between the specified minimum and maximum values of the startTime property of the AssessmentRun data type.
beginDate
— (Date
)The minimum value of the timestamp range.
endDate
— (Date
)The maximum value of the timestamp range.
completionTimeRange
— (map
)For a record to match a filter, the value that is specified for this data type property must inclusively match any value between the specified minimum and maximum values of the completedAt property of the AssessmentRun data type.
beginDate
— (Date
)The minimum value of the timestamp range.
endDate
— (Date
)The maximum value of the timestamp range.
stateChangeTimeRange
— (map
)For a record to match a filter, the value that is specified for this data type property must match the stateChangedAt property of the AssessmentRun data type.
beginDate
— (Date
)The minimum value of the timestamp range.
endDate
— (Date
)The maximum value of the timestamp range.
nextToken
— (String
)You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the ListAssessmentRuns action. Subsequent calls to the action fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
maxResults
— (Integer
)You can use this parameter to indicate the maximum number of items that you want in the response. The default value is 10. The maximum value is 500.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:assessmentRunArns
— (Array<String>
)A list of ARNs that specifies the assessment runs that are returned by the action.
nextToken
— (String
)When a response is generated, if there is more data to be listed, this parameter is present in the response and contains the value to use for the nextToken parameter in a subsequent pagination request. If there is no more data to be listed, this parameter is set to null.
-
(AWS.Response)
—
Returns:
listAssessmentTargets(params = {}, callback) ⇒ AWS.Request
Lists the ARNs of the assessment targets within this AWS account. For more information about assessment targets, see Amazon Inspector Assessment Targets.
Service Reference:
Examples:
List assessment targets
/* Lists the ARNs of the assessment targets within this AWS account. */
var params = {
maxResults: 123
};
inspector.listAssessmentTargets(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
assessmentTargetArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq"
],
nextToken: "1"
}
*/
});
Calling the listAssessmentTargets operation
var params = {
filter: {
assessmentTargetNamePattern: 'STRING_VALUE'
},
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE'
};
inspector.listAssessmentTargets(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
filter
— (map
)You can use this parameter to specify a subset of data to be included in the action's response.
For a record to match a filter, all specified filter attributes must match. When multiple values are specified for a filter attribute, any of the values can match.
assessmentTargetNamePattern
— (String
)For a record to match a filter, an explicit value or a string that contains a wildcard that is specified for this data type property must match the value of the assessmentTargetName property of the AssessmentTarget data type.
nextToken
— (String
)You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the ListAssessmentTargets action. Subsequent calls to the action fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
maxResults
— (Integer
)You can use this parameter to indicate the maximum number of items you want in the response. The default value is 10. The maximum value is 500.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:assessmentTargetArns
— (Array<String>
)A list of ARNs that specifies the assessment targets that are returned by the action.
nextToken
— (String
)When a response is generated, if there is more data to be listed, this parameter is present in the response and contains the value to use for the nextToken parameter in a subsequent pagination request. If there is no more data to be listed, this parameter is set to null.
-
(AWS.Response)
—
Returns:
listAssessmentTemplates(params = {}, callback) ⇒ AWS.Request
Lists the assessment templates that correspond to the assessment targets that are specified by the ARNs of the assessment targets.
Service Reference:
Examples:
List assessment templates
/* Lists the assessment templates that correspond to the assessment targets that are specified by the ARNs of the assessment targets. */
var params = {
assessmentTargetArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq"
],
maxResults: 123
};
inspector.listAssessmentTemplates(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
assessmentTemplateArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw",
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-Uza6ihLh"
],
nextToken: "1"
}
*/
});
Calling the listAssessmentTemplates operation
var params = {
assessmentTargetArns: [
'STRING_VALUE',
/* more items */
],
filter: {
durationRange: {
maxSeconds: 'NUMBER_VALUE',
minSeconds: 'NUMBER_VALUE'
},
namePattern: 'STRING_VALUE',
rulesPackageArns: [
'STRING_VALUE',
/* more items */
]
},
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE'
};
inspector.listAssessmentTemplates(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTargetArns
— (Array<String>
)A list of ARNs that specifies the assessment targets whose assessment templates you want to list.
filter
— (map
)You can use this parameter to specify a subset of data to be included in the action's response.
For a record to match a filter, all specified filter attributes must match. When multiple values are specified for a filter attribute, any of the values can match.
namePattern
— (String
)For a record to match a filter, an explicit value or a string that contains a wildcard that is specified for this data type property must match the value of the assessmentTemplateName property of the AssessmentTemplate data type.
durationRange
— (map
)For a record to match a filter, the value specified for this data type property must inclusively match any value between the specified minimum and maximum values of the durationInSeconds property of the AssessmentTemplate data type.
minSeconds
— (Integer
)The minimum value of the duration range. Must be greater than zero.
maxSeconds
— (Integer
)The maximum value of the duration range. Must be less than or equal to 604800 seconds (1 week).
rulesPackageArns
— (Array<String>
)For a record to match a filter, the values that are specified for this data type property must be contained in the list of values of the rulesPackageArns property of the AssessmentTemplate data type.
nextToken
— (String
)You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the ListAssessmentTemplates action. Subsequent calls to the action fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
maxResults
— (Integer
)You can use this parameter to indicate the maximum number of items you want in the response. The default value is 10. The maximum value is 500.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:assessmentTemplateArns
— (Array<String>
)A list of ARNs that specifies the assessment templates returned by the action.
nextToken
— (String
)When a response is generated, if there is more data to be listed, this parameter is present in the response and contains the value to use for the nextToken parameter in a subsequent pagination request. If there is no more data to be listed, this parameter is set to null.
-
(AWS.Response)
—
Returns:
listEventSubscriptions(params = {}, callback) ⇒ AWS.Request
Lists all the event subscriptions for the assessment template that is specified by the ARN of the assessment template. For more information, see SubscribeToEvent and UnsubscribeFromEvent.
Service Reference:
Examples:
List event subscriptions
/* Lists all the event subscriptions for the assessment template that is specified by the ARN of the assessment template. */
var params = {
maxResults: 123,
resourceArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-7sbz2Kz0"
};
inspector.listEventSubscriptions(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
nextToken: "1",
subscriptions: [
{
eventSubscriptions: [
{
event: "ASSESSMENT_RUN_COMPLETED",
subscribedAt: <Date Representation>
}
],
resourceArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-7sbz2Kz0",
topicArn: "arn:aws:sns:us-west-2:123456789012:exampletopic"
}
]
}
*/
});
Calling the listEventSubscriptions operation
var params = {
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE',
resourceArn: 'STRING_VALUE'
};
inspector.listEventSubscriptions(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
resourceArn
— (String
)The ARN of the assessment template for which you want to list the existing event subscriptions.
nextToken
— (String
)You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the ListEventSubscriptions action. Subsequent calls to the action fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
maxResults
— (Integer
)You can use this parameter to indicate the maximum number of items you want in the response. The default value is 10. The maximum value is 500.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:subscriptions
— (Array<map>
)Details of the returned event subscriptions.
resourceArn
— required — (String
)The ARN of the assessment template that is used during the event for which the SNS notification is sent.
topicArn
— required — (String
)The ARN of the Amazon Simple Notification Service (SNS) topic to which the SNS notifications are sent.
eventSubscriptions
— required — (Array<map>
)The list of existing event subscriptions.
event
— required — (String
)The event for which Amazon Simple Notification Service (SNS) notifications are sent.
Possible values include:"ASSESSMENT_RUN_STARTED"
"ASSESSMENT_RUN_COMPLETED"
"ASSESSMENT_RUN_STATE_CHANGED"
"FINDING_REPORTED"
"OTHER"
subscribedAt
— required — (Date
)The time at which SubscribeToEvent is called.
nextToken
— (String
)When a response is generated, if there is more data to be listed, this parameter is present in the response and contains the value to use for the nextToken parameter in a subsequent pagination request. If there is no more data to be listed, this parameter is set to null.
-
(AWS.Response)
—
Returns:
listExclusions(params = {}, callback) ⇒ AWS.Request
List exclusions that are generated by the assessment run.
Service Reference:
Examples:
Calling the listExclusions operation
var params = {
assessmentRunArn: 'STRING_VALUE', /* required */
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE'
};
inspector.listExclusions(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentRunArn
— (String
)The ARN of the assessment run that generated the exclusions that you want to list.
nextToken
— (String
)You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the ListExclusionsRequest action. Subsequent calls to the action fill nextToken in the request with the value of nextToken from the previous response to continue listing data.
maxResults
— (Integer
)You can use this parameter to indicate the maximum number of items you want in the response. The default value is 100. The maximum value is 500.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:exclusionArns
— (Array<String>
)A list of exclusions' ARNs returned by the action.
nextToken
— (String
)When a response is generated, if there is more data to be listed, this parameters is present in the response and contains the value to use for the nextToken parameter in a subsequent pagination request. If there is no more data to be listed, this parameter is set to null.
-
(AWS.Response)
—
Returns:
listFindings(params = {}, callback) ⇒ AWS.Request
Lists findings that are generated by the assessment runs that are specified by the ARNs of the assessment runs.
Service Reference:
Examples:
List findings
/* Lists findings that are generated by the assessment runs that are specified by the ARNs of the assessment runs. */
var params = {
assessmentRunArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-MKkpXXPE"
],
maxResults: 123
};
inspector.listFindings(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
findingArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-MKkpXXPE/finding/0-HwPnsDm4",
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-4r1V2mAw/run/0-v5D6fI3v/finding/0-tyvmqBLy"
],
nextToken: "1"
}
*/
});
Calling the listFindings operation
var params = {
assessmentRunArns: [
'STRING_VALUE',
/* more items */
],
filter: {
agentIds: [
'STRING_VALUE',
/* more items */
],
attributes: [
{
key: 'STRING_VALUE', /* required */
value: 'STRING_VALUE'
},
/* more items */
],
autoScalingGroups: [
'STRING_VALUE',
/* more items */
],
creationTimeRange: {
beginDate: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789,
endDate: new Date || 'Wed Dec 31 1969 16:00:00 GMT-0800 (PST)' || 123456789
},
ruleNames: [
'STRING_VALUE',
/* more items */
],
rulesPackageArns: [
'STRING_VALUE',
/* more items */
],
severities: [
Low | Medium | High | Informational | Undefined,
/* more items */
],
userAttributes: [
{
key: 'STRING_VALUE', /* required */
value: 'STRING_VALUE'
},
/* more items */
]
},
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE'
};
inspector.listFindings(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentRunArns
— (Array<String>
)The ARNs of the assessment runs that generate the findings that you want to list.
filter
— (map
)You can use this parameter to specify a subset of data to be included in the action's response.
For a record to match a filter, all specified filter attributes must match. When multiple values are specified for a filter attribute, any of the values can match.
agentIds
— (Array<String>
)For a record to match a filter, one of the values that is specified for this data type property must be the exact match of the value of the agentId property of the Finding data type.
autoScalingGroups
— (Array<String>
)For a record to match a filter, one of the values that is specified for this data type property must be the exact match of the value of the autoScalingGroup property of the Finding data type.
ruleNames
— (Array<String>
)For a record to match a filter, one of the values that is specified for this data type property must be the exact match of the value of the ruleName property of the Finding data type.
severities
— (Array<String>
)For a record to match a filter, one of the values that is specified for this data type property must be the exact match of the value of the severity property of the Finding data type.
rulesPackageArns
— (Array<String>
)For a record to match a filter, one of the values that is specified for this data type property must be the exact match of the value of the rulesPackageArn property of the Finding data type.
attributes
— (Array<map>
)For a record to match a filter, the list of values that are specified for this data type property must be contained in the list of values of the attributes property of the Finding data type.
key
— required — (String
)The attribute key.
value
— (String
)The value assigned to the attribute key.
userAttributes
— (Array<map>
)For a record to match a filter, the value that is specified for this data type property must be contained in the list of values of the userAttributes property of the Finding data type.
key
— required — (String
)The attribute key.
value
— (String
)The value assigned to the attribute key.
creationTimeRange
— (map
)The time range during which the finding is generated.
beginDate
— (Date
)The minimum value of the timestamp range.
endDate
— (Date
)The maximum value of the timestamp range.
nextToken
— (String
)You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the ListFindings action. Subsequent calls to the action fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
maxResults
— (Integer
)You can use this parameter to indicate the maximum number of items you want in the response. The default value is 10. The maximum value is 500.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:findingArns
— (Array<String>
)A list of ARNs that specifies the findings returned by the action.
nextToken
— (String
)When a response is generated, if there is more data to be listed, this parameter is present in the response and contains the value to use for the nextToken parameter in a subsequent pagination request. If there is no more data to be listed, this parameter is set to null.
-
(AWS.Response)
—
Returns:
listRulesPackages(params = {}, callback) ⇒ AWS.Request
Lists all available Amazon Inspector rules packages.
Service Reference:
Examples:
List rules packages
/* Lists all available Amazon Inspector rules packages. */
var params = {
maxResults: 123
};
inspector.listRulesPackages(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
nextToken: "1",
rulesPackageArns: [
"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p",
"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc",
"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ",
"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD"
]
}
*/
});
Calling the listRulesPackages operation
var params = {
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE'
};
inspector.listRulesPackages(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
nextToken
— (String
)You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the ListRulesPackages action. Subsequent calls to the action fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
maxResults
— (Integer
)You can use this parameter to indicate the maximum number of items you want in the response. The default value is 10. The maximum value is 500.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:rulesPackageArns
— (Array<String>
)The list of ARNs that specifies the rules packages returned by the action.
nextToken
— (String
)When a response is generated, if there is more data to be listed, this parameter is present in the response and contains the value to use for the nextToken parameter in a subsequent pagination request. If there is no more data to be listed, this parameter is set to null.
-
(AWS.Response)
—
Returns:
listTagsForResource(params = {}, callback) ⇒ AWS.Request
Lists all tags associated with an assessment template.
Service Reference:
Examples:
List tags for resource
/* Lists all tags associated with an assessment template. */
var params = {
resourceArn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-gcwFliYu"
};
inspector.listTagsForResource(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
tags: [
{
key: "Name",
value: "Example"
}
]
}
*/
});
Calling the listTagsForResource operation
var params = {
resourceArn: 'STRING_VALUE' /* required */
};
inspector.listTagsForResource(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
resourceArn
— (String
)The ARN that specifies the assessment template whose tags you want to list.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:tags
— (Array<map>
)A collection of key and value pairs.
key
— required — (String
)A tag key.
value
— (String
)A value assigned to a tag key.
-
(AWS.Response)
—
Returns:
previewAgents(params = {}, callback) ⇒ AWS.Request
Previews the agents installed on the EC2 instances that are part of the specified assessment target.
Service Reference:
Examples:
Preview agents
/* Previews the agents installed on the EC2 instances that are part of the specified assessment target. */
var params = {
maxResults: 123,
previewAgentsArn: "arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq"
};
inspector.previewAgents(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
agentPreviews: [
{
agentId: "i-49113b93"
}
],
nextToken: "1"
}
*/
});
Calling the previewAgents operation
var params = {
previewAgentsArn: 'STRING_VALUE', /* required */
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE'
};
inspector.previewAgents(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
previewAgentsArn
— (String
)The ARN of the assessment target whose agents you want to preview.
nextToken
— (String
)You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the PreviewAgents action. Subsequent calls to the action fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
maxResults
— (Integer
)You can use this parameter to indicate the maximum number of items you want in the response. The default value is 10. The maximum value is 500.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:agentPreviews
— (Array<map>
)The resulting list of agents.
hostname
— (String
)The hostname of the EC2 instance on which the Amazon Inspector Agent is installed.
agentId
— required — (String
)The ID of the EC2 instance where the agent is installed.
autoScalingGroup
— (String
)The Auto Scaling group for the EC2 instance where the agent is installed.
agentHealth
— (String
)The health status of the Amazon Inspector Agent.
Possible values include:"HEALTHY"
"UNHEALTHY"
"UNKNOWN"
agentVersion
— (String
)The version of the Amazon Inspector Agent.
operatingSystem
— (String
)The operating system running on the EC2 instance on which the Amazon Inspector Agent is installed.
kernelVersion
— (String
)The kernel version of the operating system running on the EC2 instance on which the Amazon Inspector Agent is installed.
ipv4Address
— (String
)The IP address of the EC2 instance on which the Amazon Inspector Agent is installed.
nextToken
— (String
)When a response is generated, if there is more data to be listed, this parameter is present in the response and contains the value to use for the nextToken parameter in a subsequent pagination request. If there is no more data to be listed, this parameter is set to null.
-
(AWS.Response)
—
Returns:
registerCrossAccountAccessRole(params = {}, callback) ⇒ AWS.Request
Registers the IAM role that grants Amazon Inspector access to AWS Services needed to perform security assessments.
Service Reference:
Examples:
Register cross account access role
/* Registers the IAM role that Amazon Inspector uses to list your EC2 instances at the start of the assessment run or when you call the PreviewAgents action. */
var params = {
roleArn: "arn:aws:iam::123456789012:role/inspector"
};
inspector.registerCrossAccountAccessRole(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Calling the registerCrossAccountAccessRole operation
var params = {
roleArn: 'STRING_VALUE' /* required */
};
inspector.registerCrossAccountAccessRole(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
roleArn
— (String
)The ARN of the IAM role that grants Amazon Inspector access to AWS Services needed to perform security assessments.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
removeAttributesFromFindings(params = {}, callback) ⇒ AWS.Request
Removes entire attributes (key and value pairs) from the findings that are specified by the ARNs of the findings where an attribute with the specified key exists.
Service Reference:
Examples:
Remove attributes from findings
/* Removes entire attributes (key and value pairs) from the findings that are specified by the ARNs of the findings where an attribute with the specified key exists. */
var params = {
attributeKeys: [
"key=Example,value=example"
],
findingArns: [
"arn:aws:inspector:us-west-2:123456789012:target/0-0kFIPusq/template/0-8l1VIE0D/run/0-Z02cjjug/finding/0-T8yM9mEU"
]
};
inspector.removeAttributesFromFindings(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
failedItems: {
}
}
*/
});
Calling the removeAttributesFromFindings operation
var params = {
attributeKeys: [ /* required */
'STRING_VALUE',
/* more items */
],
findingArns: [ /* required */
'STRING_VALUE',
/* more items */
]
};
inspector.removeAttributesFromFindings(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
findingArns
— (Array<String>
)The ARNs that specify the findings that you want to remove attributes from.
attributeKeys
— (Array<String>
)The array of attribute keys that you want to remove from specified findings.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:failedItems
— (map<map>
)Attributes details that cannot be described. An error code is provided for each failed item.
failureCode
— required — (String
)The status code of a failed item.
Possible values include:"INVALID_ARN"
"DUPLICATE_ARN"
"ITEM_DOES_NOT_EXIST"
"ACCESS_DENIED"
"LIMIT_EXCEEDED"
"INTERNAL_ERROR"
retryable
— required — (Boolean
)Indicates whether you can immediately retry a request for this item for a specified resource.
-
(AWS.Response)
—
Returns:
setTagsForResource(params = {}, callback) ⇒ AWS.Request
Sets tags (key and value pairs) to the assessment template that is specified by the ARN of the assessment template.
Service Reference:
Examples:
Set tags for resource
/* Sets tags (key and value pairs) to the assessment template that is specified by the ARN of the assessment template. */
var params = {
resourceArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-7sbz2Kz0",
tags: [
{
key: "Example",
value: "example"
}
]
};
inspector.setTagsForResource(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Calling the setTagsForResource operation
var params = {
resourceArn: 'STRING_VALUE', /* required */
tags: [
{
key: 'STRING_VALUE', /* required */
value: 'STRING_VALUE'
},
/* more items */
]
};
inspector.setTagsForResource(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
resourceArn
— (String
)The ARN of the assessment template that you want to set tags to.
tags
— (Array<map>
)A collection of key and value pairs that you want to set to the assessment template.
key
— required — (String
)A tag key.
value
— (String
)A value assigned to a tag key.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
startAssessmentRun(params = {}, callback) ⇒ AWS.Request
Starts the assessment run specified by the ARN of the assessment template. For this API to function properly, you must not exceed the limit of running up to 500 concurrent agents per AWS account.
Service Reference:
Examples:
Start assessment run
/* Starts the assessment run specified by the ARN of the assessment template. For this API to function properly, you must not exceed the limit of running up to 500 concurrent agents per AWS account. */
var params = {
assessmentRunName: "examplerun",
assessmentTemplateArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-it5r2S4T"
};
inspector.startAssessmentRun(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
assessmentRunArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-it5r2S4T/run/0-jOoroxyY"
}
*/
});
Calling the startAssessmentRun operation
var params = {
assessmentTemplateArn: 'STRING_VALUE', /* required */
assessmentRunName: 'STRING_VALUE'
};
inspector.startAssessmentRun(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTemplateArn
— (String
)The ARN of the assessment template of the assessment run that you want to start.
assessmentRunName
— (String
)You can specify the name for the assessment run. The name must be unique for the assessment template whose ARN is used to start the assessment run.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:assessmentRunArn
— (String
)The ARN of the assessment run that has been started.
-
(AWS.Response)
—
Returns:
stopAssessmentRun(params = {}, callback) ⇒ AWS.Request
Stops the assessment run that is specified by the ARN of the assessment run.
Service Reference:
Examples:
Stop assessment run
/* Stops the assessment run that is specified by the ARN of the assessment run. */
var params = {
assessmentRunArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-it5r2S4T/run/0-11LMTAVe"
};
inspector.stopAssessmentRun(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Calling the stopAssessmentRun operation
var params = {
assessmentRunArn: 'STRING_VALUE', /* required */
stopAction: START_EVALUATION | SKIP_EVALUATION
};
inspector.stopAssessmentRun(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentRunArn
— (String
)The ARN of the assessment run that you want to stop.
stopAction
— (String
)An input option that can be set to either START_EVALUATION or SKIP_EVALUATION. START_EVALUATION (the default value), stops the AWS agent from collecting data and begins the results evaluation and the findings generation process. SKIP_EVALUATION cancels the assessment run immediately, after which no findings are generated.
Possible values include:"START_EVALUATION"
"SKIP_EVALUATION"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
subscribeToEvent(params = {}, callback) ⇒ AWS.Request
Enables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic.
Service Reference:
Examples:
Subscribe to event
/* Enables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic. */
var params = {
event: "ASSESSMENT_RUN_COMPLETED",
resourceArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-7sbz2Kz0",
topicArn: "arn:aws:sns:us-west-2:123456789012:exampletopic"
};
inspector.subscribeToEvent(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Calling the subscribeToEvent operation
var params = {
event: ASSESSMENT_RUN_STARTED | ASSESSMENT_RUN_COMPLETED | ASSESSMENT_RUN_STATE_CHANGED | FINDING_REPORTED | OTHER, /* required */
resourceArn: 'STRING_VALUE', /* required */
topicArn: 'STRING_VALUE' /* required */
};
inspector.subscribeToEvent(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
resourceArn
— (String
)The ARN of the assessment template that is used during the event for which you want to receive SNS notifications.
event
— (String
)The event for which you want to receive SNS notifications.
Possible values include:"ASSESSMENT_RUN_STARTED"
"ASSESSMENT_RUN_COMPLETED"
"ASSESSMENT_RUN_STATE_CHANGED"
"FINDING_REPORTED"
"OTHER"
topicArn
— (String
)The ARN of the SNS topic to which the SNS notifications are sent.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
unsubscribeFromEvent(params = {}, callback) ⇒ AWS.Request
Disables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic.
Service Reference:
Examples:
Unsubscribe from event
/* Disables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic. */
var params = {
event: "ASSESSMENT_RUN_COMPLETED",
resourceArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-7sbz2Kz0",
topicArn: "arn:aws:sns:us-west-2:123456789012:exampletopic"
};
inspector.unsubscribeFromEvent(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Calling the unsubscribeFromEvent operation
var params = {
event: ASSESSMENT_RUN_STARTED | ASSESSMENT_RUN_COMPLETED | ASSESSMENT_RUN_STATE_CHANGED | FINDING_REPORTED | OTHER, /* required */
resourceArn: 'STRING_VALUE', /* required */
topicArn: 'STRING_VALUE' /* required */
};
inspector.unsubscribeFromEvent(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
resourceArn
— (String
)The ARN of the assessment template that is used during the event for which you want to stop receiving SNS notifications.
event
— (String
)The event for which you want to stop receiving SNS notifications.
Possible values include:"ASSESSMENT_RUN_STARTED"
"ASSESSMENT_RUN_COMPLETED"
"ASSESSMENT_RUN_STATE_CHANGED"
"FINDING_REPORTED"
"OTHER"
topicArn
— (String
)The ARN of the SNS topic to which SNS notifications are sent.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
updateAssessmentTarget(params = {}, callback) ⇒ AWS.Request
Updates the assessment target that is specified by the ARN of the assessment target.
If resourceGroupArn is not specified, all EC2 instances in the current AWS account and region are included in the assessment target.
Service Reference:
Examples:
Update assessment target
/* Updates the assessment target that is specified by the ARN of the assessment target. */
var params = {
assessmentTargetArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX",
assessmentTargetName: "Example",
resourceGroupArn: "arn:aws:inspector:us-west-2:123456789012:resourcegroup/0-yNbgL5Pt"
};
inspector.updateAssessmentTarget(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Calling the updateAssessmentTarget operation
var params = {
assessmentTargetArn: 'STRING_VALUE', /* required */
assessmentTargetName: 'STRING_VALUE', /* required */
resourceGroupArn: 'STRING_VALUE'
};
inspector.updateAssessmentTarget(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
assessmentTargetArn
— (String
)The ARN of the assessment target that you want to update.
assessmentTargetName
— (String
)The name of the assessment target that you want to update.
resourceGroupArn
— (String
)The ARN of the resource group that is used to specify the new resource group to associate with the assessment target.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns: